rust_config_secrets/lib.rs
1//! # rust-config-secrets
2//!
3//! `rust-config-secrets` is a library designed to safely manage secrets within configuration files.
4//! It allows you to encrypt sensitive data (like passwords, API keys) directly within your config strings
5//! or files, and decrypt them at runtime.
6//!
7//! ## Features
8//!
9//! - **Encryption**: Encrypt plain text configuration strings or files.
10//! - **Decryption**: Decrypt configuration strings or files containing `SECRET(...)` blocks.
11//! - **Key Generation**: Generate secure random keys for AES-256-GCM encryption.
12//! - **Format Agnostic**: Works with JSON, YAML, TOML, INI, or any text-based format.
13//!
14//! ## Usage
15//!
16//! ```rust
17//! use rust_config_secrets::{encrypt_secrets, decrypt_secrets, generate_key};
18//!
19//! let key = generate_key();
20//! let config = r#"{ "password": "ENCRYPT(my_secret_password)" }"#;
21//!
22//! // Encrypt the configuration
23//! let encrypted_config = encrypt_secrets(config, &key).unwrap();
24//! assert!(encrypted_config.contains("SECRET("));
25//!
26//! // Decrypt the configuration
27//! let decrypted_config = decrypt_secrets(&encrypted_config, &key).unwrap();
28//! assert!(decrypted_config.contains(r#""password": "my_secret_password""#));
29//! ```
30
31mod config;
32mod crypto;
33mod error;
34
35pub use config::{
36 decrypt_file, decrypt_secrets, decrypt_value, encrypt_file, encrypt_file_in_place,
37 encrypt_secrets, encrypt_secrets_to_file, encrypt_value, generate_key,
38};
39pub use error::ConfigSecretsError;