Expand description
This crate is the ‘library’ part of RustyVault, a Rust and real free replica of Hashicorp Vault. RustyVault is focused on identity-based secrets management and works in two ways independently:
- A standalone application serving secrets management via RESTful API;
- A Rust crate that provides same features for other application to integrate.
This document is only about the crate part of RustyVault. For the first working mode, please go to RustyVault’s RESTful API documentation, which documents all RustyVault’s RESTful API. Users can use an HTTP client tool (curl, e.g.) to send commands to a running RustyVault server and then have relevant secret management features.
The second working mode, which works as a typical Rust crate called libvault, allows Rust
application developers to integrate RustyVault easily into their own applications to have the
ability of secrets management such as secure key/vaule storage, public key cryptography, data
encryption and so forth.
This is the official documentation of crate libvault, and it’s mainly for developers.
Once again, if you are looking for how to use the RustyVault server via a set of RESTful API,
then you may prefer the RustyVault’s RESTful API documentation.
Modules§
- config
- context
- The
libvault::contextmodule is intent to provide a generic key value storage. This module is currently not used by any other part ofcrate::libvault. - core
- The
libvault::coremodule implements several key functions that are in charge of the whole process of RustyVault. For instance, to seal or unseal the RustyVault we have theseal()andunseal()functions in this module. Also, thehandle_request()function in this module is to route an API call to its correct backend and get the result back to the caller. - errors
- The
libvault::errorsmodule defines an enumeration of various error code, and implements neccessary traits against it. - handler
- The
libvault::handlermodule basically defines theHandlertrait. - logical
- The
libvault::logicalis a low level module that defines ‘backend’ and relevant data structures such asPath,Request, etc and traits. - module_
manager - RustyVault is consisted of many modules. Modules are the real components that implement the
features that users need. All modules in RustyVault are managed by
libvault::module_manager. - modules
libvault::modulescontains a set of real RustyVault modules. Each sub module needs to implement thelibvault::modules::Moduletrait defined here and then the module could be added to module manager.- mount
- Simply speaking, the
libvault::mountmodule manages the relationship between a ‘path’ and the real RustyVault module which is responsible for that feature. In RustyVault, everything is exposed to outside by RESTful API, which is defined by ‘path’. - router
- The
libvault::routermodule contains the functions that are used to do the routing work. All router entries are organized in a Trie structure which is suitable for locating prefix. The core router is the final ‘glue’ that mounts the pieces together for RustyVault’s API. - shamir
- A Shamir threshold algorithm implementation which is used to derive the RustyVault master key.
- storage
- This module manages all storage related code by defining a ‘barrier’ concept and a ‘backend’ concept.
- utils
- Miscellaneous public handy functions are collected here, such as cryptography tools, uuid generator, etc.
Macros§
Structs§
- Rusty
Vault - Main entry point for using the
libvaultcrate programmatically.
Constants§
- VERSION
- libvault crate version.