Crate sifredb

Crate sifredb

Expand description

§`SifreDB`

Field-level encryption library with envelope encryption, blind indexes, and support for multiple key management backends.

§Features

AEAD encryption (ChaCha20-Poly1305, AES-GCM)
Deterministic encryption (AES-SIV) for equality queries
Blind indexes for searchable encryption
Envelope encryption with KEK/DEK separation
Multi-tenant key isolation
Key rotation support

§Example

use sifredb::prelude::*;

let provider = FileKeyProvider::new("./keys")?;
let vault = Vault::new(provider, CipherMode::default());
let context = EncryptionContext::new("users", "email");

let ciphertext = vault.encrypt(b"alice@example.com", &context)?;
let plaintext = vault.decrypt(&ciphertext, &context)?;

Modules§

context: Context types for encryption and indexing operations.
deterministic: Deterministic encryption using AES-SIV for equality queries.
error: Error types for SifreDB operations.
key_provider: Key provider abstraction for key management.
prelude: Convenience re-exports for common use.