Expand description
§🔐 secret-lib
Cross-platform, asynchronous Rust library to retrieve secrets from different sources.
§Features
- Can retrieve secret from shell commands using
process-lib
- Can retrieve secret from users’ global keyring using
process-lib
- Can retrieve secret from raw strings (not safe, for testing purpose)
- Supports tokio and async-std async runtimes
- Supports rustls and openssl crypto libs
- Supports serde (de)serialization from/to
String
The library comes with 8 cargo features, including 4 default ones:
tokio
: enables the tokio async runtimeasync-std
: enables the async-std async runtimerustls
: enables the rustls cryptoopenssl
: enables the openssl cryptocommand
: enables the command-based secret backendkeyring
: enables the keyring-based secret backendderive
: enables serde supportvendored
: compiles and statically link to a copy of non-Rust vendors like OpenSSL
§Example
use secret::{keyring::KeyringEntry, Secret};
#[tokio::main]
async fn main() {
// raw secret
let mut secret = Secret::new_raw("secret");
assert_eq!(secret.get().await.unwrap(), "secret");
// shell command secret
let mut secret = Secret::new_command("echo 'secret'");
assert_eq!(secret.get().await.unwrap(), "secret");
// keyring secret
let entry = KeyringEntry::try_new("key")
.unwrap()
.try_with_secret("secret")
.await
.unwrap();
let mut secret = Secret::new_keyring_entry(entry);
assert_eq!(secret.get().await.unwrap(), "secret");
}
See the full API documentation on docs.rs.
§Sponsoring
Special thanks to the NLnet foundation and the European Commission that helped the project to receive financial support from various programs:
- NGI Assure in 2022
- NGI Zero Entrust in 2023
- NGI Zero Core in 2024 (still ongoing)
If you appreciate the project, feel free to donate using one of the following providers:
Re-exports§
Enums§
- The global
Error
enum of the library. - The secret.
Type Aliases§
- The global
Result
alias of the library.