windows_native_keyring_store/lib.rs
1/*!
2
3# Windows native credential store for the keyring crate
4
5This module implements a credential store for the keyring crate that uses the
6Windows Credential Manager as its back end.
7
8## Usage
9
10To make this store the default for creation of keyring entries, execute this code:
11```
12keyring_core::set_default_store(windows_native_keyring_store::Store::new().unwrap())
13```
14
15## Mapping service and user values to credentials
16
17Each entry in keyring is mapped to a _generic credential_ in the Windows Credential Manager.
18The identifier for each credential in Windows is a `target_name` string. If an entry is created with
19an explicit `target` modifier, that value is used as the `target_name`.
20Otherwise, a `target_name` string is generated by concatenating a prefix string, the `user`,
21a delimiter string, the `service`, and a suffix string. The prefix, delimiter, and suffix strings
22are part of the store configuration. Their default values are: empty strings for the prefix and suffix,
23and a '.' for the delimiter.
24
25Note that service and user strings, by default, can contain the delimiter
26string, so it is possible for entries with different service and user strings to
27map to the same description (and thus the same credential in the store). If you
28are worried about this, you can avoid it by configuring your store to forbid the
29delimiter string in the service string.
30
31## Attributes
32
33There are three string attributes that are held on each Windows generic credential:
34`target_alias`, `username`, and `comment`. The `username` attribute will be set
35from the `user` specifier when an entry is created.
36All three attributes can be read and set using the
37[get_attributes](keyring_core::Entry::get_attributes] and
38[update_attributes](keyring_core::Entry::update_attributes) methods.
39
40## Warning
41
42Tests show that operating on the same entry from different threads
43does not reliably sequence the operations in the same order they
44are initiated. (For example, setting a password on one thread and
45then immediately spawning another to get the password returns a
46`NoEntry` error on the spawned thread.) So be careful not to
47access the same entry on multiple threads simultaneously.
48
49 */
50
51pub mod cred;
52pub mod store;
53pub use store::Store;
54#[cfg(test)]
55mod tests;
56mod utils;