Skip to main content

kovra_core/
lib.rs

1//! `kovra-core` — vault, crypto, policy, model, resolver, `AgentScope`, and the
2//! OS/cloud traits (`Provider`/`Confirmer`/`Keyring`/`Biometric`).
3//!
4//! All policy and invariants (spec §2, §3) live here; the other faces (CLI,
5//! wrapper, Web UI, MCP) are thin adapters over this crate.
6//!
7//! L1 provides the secret model, the coordinate URI parser, secret-bearing
8//! value types, and AEAD encryption at rest. L2 adds storage on disk: the
9//! partitioned per-secret vault store with atomic writes and a tolerant loader,
10//! the `~/.vaults` registry with project→global override, the truncated
11//! fingerprint, the master key behind a `Keyring` trait, and the rebuildable
12//! redb metadata index (ADR-0001).
13
14//! L3 adds the invariant-enforcement core (OS-independent half of I1–I16):
15//! `AgentScope` (I13), the sensitivity decision (`policy::decide`), the
16//! confirmation broker (`Confirmer`/`Biometric` + `CliApproveConfirmer`, I16),
17//! `prod`-born-`high` (I5), and the append-only audit log (§11, I12) — plus the
18//! `Clock` trait. Every face consumes these decisions; none re-derives them.
19
20pub mod audit;
21pub mod clock;
22pub mod confirm;
23pub mod coordinate;
24pub mod crypto;
25pub mod doctor;
26pub mod env_source;
27pub mod envrefs;
28pub mod error;
29pub mod exchange;
30pub mod file_confirm;
31pub mod fingerprint;
32pub mod formatter;
33pub mod hooks;
34pub mod index;
35pub mod intake;
36pub mod keybackup;
37pub mod keypair;
38pub mod keyring;
39pub mod package;
40pub mod policy;
41pub mod provider;
42pub mod record;
43pub mod registry;
44pub mod render;
45pub mod resolver;
46pub mod scaffold;
47pub mod scope;
48pub mod secret;
49pub mod sensitivity;
50pub mod store;
51pub mod totp;
52
53pub use audit::{
54    AUDIT_LOG, AuditAction, AuditEvent, AuditQuery, AuditSink, FileAuditSink, MockAuditSink,
55    outcome_result, query_log, read_log, render_log,
56};
57pub use clock::{Clock, MockClock, SystemClock};
58pub use confirm::{
59    Biometric, CliApproveConfirmer, ConfirmOutcome, ConfirmRequest, Confirmer, MockConfirmer,
60    Untrusted,
61};
62pub use coordinate::{Coordinate, EnvSegment, KeyHalf, Scope};
63pub use crypto::{KEY_LEN, NONCE_LEN, SealedRecord, open, open_bytes, seal, seal_bytes};
64pub use doctor::{Finding, Report, Severity, check as doctor_check};
65pub use env_source::{EnvSource, MockEnvSource, SystemEnvSource};
66pub use envrefs::{EnvRefs, Source};
67pub use error::CoreError;
68pub use exchange::{
69    BINARY_NAME, INSTALL_SCRIPT, PACKAGE_FILE, RECIPIENT_COORDINATE, RECIPIENT_PUB, UNPACK_SCRIPT,
70    VOLUME_LABEL, mount_point, render_install_script, render_unpack_script, write_bootstrap,
71};
72pub use file_confirm::{FileConfirmer, PENDING_DIR, PendingRequest};
73pub use fingerprint::{FINGERPRINT_BYTES, fingerprint};
74pub use formatter::{
75    DeviceInfo, Formatter, MockFormatter, assert_eraseable_target, eligible_targets,
76    format_removable, wipe_headline,
77};
78pub use hooks::{HOOK_MARKER, Scanner, gitleaks_config, hook_script};
79pub use index::{INDEX_FILE, Index, IndexEntry, RecordMode};
80pub use intake::{INTAKE_DIR, IntakeBroker, PendingIntake};
81pub use keybackup::{BackupKind, export_backup, import_backup};
82pub use keypair::{
83    EnvSshAgent, GeneratedKeypair, KeyAlgorithm, MockSshAgent, RSA_BITS, SSH_AGENT_RSA_SHA2_256,
84    SSH_AGENT_RSA_SHA2_512, SSH_SIG_NAMESPACE, SshAgent, decrypt, encrypt_to, generate,
85    public_algorithm, public_from_private, public_key_blob, sign, sign_ssh_agent, verify,
86    write_string,
87};
88pub use keyring::{Argon2Keyring, Keyring, MasterKey, MockKeyring, OsKeyring};
89pub use package::{
90    AccessToken, PACKAGE_MAGIC, PACKAGE_SCHEMA_VERSION, Package, PackagePayload, TokenConfirmer,
91    enforce_no_prod_unattended, open_attended, open_unattended, seal as seal_package, verify_token,
92};
93pub use policy::{
94    AccessRequest, Decision, DenyReason, PROD, birth_sensitivity, decide,
95    delete_requires_confirmation, downgrade_requires_confirmation, inject_requires_allowlist,
96    inject_requires_confirmation, is_downgrade, prod_blocks_unattended, prod_forbids_fallback,
97    prod_not_packageable,
98};
99pub use provider::{
100    MockProvider, SchemeRouter, SecretProvider, UnsupportedProvider, reference_scheme,
101};
102pub use record::{SCHEMA_VERSION, SecretRecord, Vault};
103pub use registry::{Registry, Resolution, VaultOrigin};
104pub use render::{UNTRUSTED_LABEL, prompt_text};
105pub use resolver::{Resolved, ResolvedVar, resolve};
106pub use scaffold::{Lang, Proposal, coordinate_for, detect_in_source, render_env_refs, scan_repo};
107pub use scope::{AgentScope, Filter, Operation, Origin, Surface};
108pub use secret::SecretValue;
109pub use sensitivity::Sensitivity;
110pub use store::{LoadOutcome, Quarantined};
111pub use totp::{
112    DEFAULT_DIGITS, DEFAULT_PERIOD, ParsedEnrollment, TotpAlgorithm, TotpParams, code_at,
113    decode_base32, parse_otpauth, parse_seed_input, returns_current, seconds_remaining,
114};