Crate cipherstash_client

CipherStash Client SDK

Website | Docs | Discussions

The CipherStash SDK is the main way of interacting with CipherStash services. It includes clients for talking to ZeroKMS, CipherStash Token Service (CTS) and the services used to power Audit.

It also contains all the indexing and encryption logic used in CipherStash products.

Getting Started

To get started add the cipherstash-client dependency to your Cargo.toml

[dependencies]
cipherstash-client = "0.12"

Creating a ZeroKMS Client

Use the ZeroKMSConfig to create a new ZeroKMS client. With this you can:

• Manage datasets, config and clients
• Encrypt and decrypt data

use cipherstash_client::ZeroKMSConfig;

#[tokio::main]
async fn main() {
  let client = ZeroKMSConfig::builder()
    .with_env()
    .build()
    .expect("failed to build config")
    .create_client();

  let dataset = client.create_dataset("users", "A dataset used to encrypt my users' information")
    .await
    .expect("failed to create dataset");
}

Creating a CTS Client

Use the CtsConfig struct to create a new CTSClient. With this you can:

• Manage access keys and identity tokens

use cipherstash_client::{ CtsConfig, ConsoleConfig, CTSClient };

#[tokio::main]
async fn main() {
  let console_config = ConsoleConfig::builder()
    .with_env()
    .build()
    .expect("failed to build config");

  let cts_config = CtsConfig::builder()
    .with_env()
    .build()
    .expect("failed to build config");

  let client = CTSClient::new(cts_config.base_url(), console_config.credentials());

  let access_key = client.create_access_key("Test Access Key", "WORKSPACE-A")
    .await
    .expect("failed to create access key");
}

Re-exports

• pub use config::ConsoleConfig;
• pub use config::CtsConfig;
• pub use config::ZeroKMSConfig;
• pub use cts_client::CTSClient;
• pub use zerokms::ZeroKMS;
• pub use zerokms_protocol::cipherstash_config as schema;

Modules

• config
  Module for structs used to configure various internal service clients.
• console
  Module for interacting with the CipherStash Console API.
• credentials
  Module for credential providers for various internal services.
• cts_client
  Module for the CipherStash Token Service client library
• ejsonpath
  ejsonpath is a parser and evaluator for a subset of JSONPath.
• encryption
  Module for CipherStash encryption schemes and indexers
• logger_client
  Module for interacting with the CipherStash Logging and Audit API.
• management
  Module for the client library for managing customer hosted resources
• reqwest_client
  Module with a reusable reqwest client with built in retry logic
• zerokms
  The zerokms module provides a client for interacting with the ZeroKMS service.