pub struct Vault { /* private fields */ }Expand description
An open, in-memory vault.
Dropping the value drops the underlying decrypted material. Best-effort
memory zeroing is delegated to the keepass crate where supported.
Implementations§
Source§impl Vault
impl Vault
Sourcepub fn create(path: &Path, password: &str) -> Result<Self>
pub fn create(path: &Path, password: &str) -> Result<Self>
Create a new kdbx file at path, encrypted with password.
Errors if the file already exists.
Sourcepub fn open(path: &Path, password: &str) -> Result<Self>
pub fn open(path: &Path, password: &str) -> Result<Self>
Open an existing kdbx file with a password.
Sourcepub fn save(&mut self) -> Result<()>
pub fn save(&mut self) -> Result<()>
Persist in-memory state back to the original path (atomic replace).
pub fn path(&self) -> &Path
Sourcepub fn add_entry(&mut self, title: &str) -> Result<EntryId>
pub fn add_entry(&mut self, title: &str) -> Result<EntryId>
Add a new entry. The title is interpreted as a /-separated path:
the leading segments name a group hierarchy (created as needed,
mkdir -p semantics), and the trailing segment becomes the entry
title. A title with no / lands at the root group, matching the
previous behavior.
A leading Root segment (case-insensitive) names the root group
itself, so add_entry("Root/github") is identical to add_entry("github").
Examples:
add_entry("github")→ “github” in the root groupadd_entry("Work/SSH/github")→ group “Work” > “SSH”, entry “github”
Empty segments (//, /foo, foo/) and the empty title are rejected
with Error::InvalidPath. Group lookups are case-insensitive (matches
keepass-rs and KeePassXC behavior), so work/ssh resolves to an
existing Work/SSH. Returns the entry’s stable ID.
Sourcepub fn list_entries(&self) -> Vec<EntrySummary>
pub fn list_entries(&self) -> Vec<EntrySummary>
List all entries in the vault (recursively across all groups).
Sourcepub fn get_entry(&self, id: &EntryId) -> Option<EntrySummary>
pub fn get_entry(&self, id: &EntryId) -> Option<EntrySummary>
Look up an entry by ID. Returns None if no such entry exists.
Sourcepub fn find_by_title(&self, title: &str) -> Option<EntryId>
pub fn find_by_title(&self, title: &str) -> Option<EntryId>
Look up an entry by title or path.
- Plain title with no
/: returns the first entry whose leaf title matches (current behavior). Search is exact (case-sensitive) on the leaf title across all groups. - Path with
/: navigatesgroup/sub/.../leafand matches only the entry at exactly that path. Group navigation is case-insensitive (matching keepass-rs); the leaf title comparison is exact.
Returns None if no such entry exists, or if any group segment in
the path is missing.
Sourcepub fn set_field(
&mut self,
id: &EntryId,
field: &str,
value: &str,
) -> Result<()>
pub fn set_field( &mut self, id: &EntryId, field: &str, value: &str, ) -> Result<()>
Set or replace a string field on an entry. Standard fields:
"Title", "UserName", "Password", "URL", "Notes". Custom fields permitted.
Sourcepub fn attach_binary(
&mut self,
id: &EntryId,
name: &str,
bytes: &[u8],
) -> Result<()>
pub fn attach_binary( &mut self, id: &EntryId, name: &str, bytes: &[u8], ) -> Result<()>
Attach a binary blob (e.g. an SSH private key) to an entry under name.
Replaces any existing attachment with the same name.
Bytes are stored as a real KDBX4 inner-header binary attachment with a
<Binary Ref="N"/> reference inside the entry, matching what KeePassXC
writes. The Protected flag is left at the default (off) — KeePassXC
likewise stores SSH private keys without it.
Sourcepub fn read_binary(&self, id: &EntryId, name: &str) -> Result<Option<Vec<u8>>>
pub fn read_binary(&self, id: &EntryId, name: &str) -> Result<Option<Vec<u8>>>
Read an attachment’s bytes. Returns Ok(None) if the entry exists but has no such attachment.
Errors if the entry itself does not exist.
Sourcepub fn remove_binary(&mut self, id: &EntryId, name: &str) -> Result<()>
pub fn remove_binary(&mut self, id: &EntryId, name: &str) -> Result<()>
Remove an attachment from an entry. No-op if the attachment is missing.
Sourcepub fn delete_entry(&mut self, id: &EntryId) -> Result<()>
pub fn delete_entry(&mut self, id: &EntryId) -> Result<()>
Delete an entry by ID.
Sourcepub fn get_field(&self, id: &EntryId, field: &str) -> Result<Option<String>>
pub fn get_field(&self, id: &EntryId, field: &str) -> Result<Option<String>>
Read a single string field from an entry. Returns None if the field
is missing. Errors if the entry itself does not exist.
Used by the materialization layer to read Materialize.* custom fields
from entries that opt in.
Sourcepub fn fields_with_prefix(
&self,
id: &EntryId,
prefix: &str,
) -> Result<Vec<String>>
pub fn fields_with_prefix( &self, id: &EntryId, prefix: &str, ) -> Result<Vec<String>>
Return the names of every custom string field on an entry whose name
starts with prefix. Field names are returned in unspecified order.
Errors if the entry does not exist.
Used by the materialization layer so the daemon can quickly tell which
entries opt in (any entry with at least one Materialize.* field).