Crate paranoid_vault

crate paranoid_vault

Functions

fn default_vault_path() -> PathBuf
fn read_master_password(env_name: &str) -> Result<String, VaultError>
fn unlock_vault_for_options(options: &VaultOpenOptions) -> Result<UnlockedVault, VaultError>

Enums

enum VaultAuth
PasswordEnv(String)
Password(SecretString)
Certificate
cert_path: PathBuf
key_path: PathBuf
key_passphrase_env: Option<String>
key_passphrase: Option<SecretString>
enum VaultError
InvalidArguments(String)
VaultExists(String)
VaultNotFound(String)
UnlockFailed
ItemNotFound(String)
ExportPathCollision(String)
RandomFailure(String)
CryptoFailure(String)
CertificateFailure(String)
DeviceStoreFailure(String)
Sqlite(rusqlite::Error)
Io(std::io::Error)
Json(serde_json::Error)
Argon2(String)
Generator(String)
enum VaultItemKind
Login
SecureNote
Card
Identity

Implementations

impl VaultItemKind

Functions

fn as_str(&self) -> &'static str
fn parse(value: &str) -> Result<Self, VaultError>
enum VaultItemPayload
Login(LoginRecord)
SecureNote(SecureNoteRecord)
Card(CardRecord)
Identity(IdentityRecord)

Structs and Unions

struct CardRecord
title: String
cardholder_name: String
number: String
expiry_month: String
expiry_year: String
security_code: String
billing_zip: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
struct GenerateStoreLoginRecord
target_login_id: Option<String>
title: Option<String>
username: Option<String>
url: Option<String>
notes: Option<String>
folder: Option<String>
tags: Option<Vec<String>>
struct IdentityRecord
title: String
full_name: String
email: Option<String>
phone: Option<String>
address: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
struct LoginRecord
title: String
username: String
password: String
url: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
password_history: Vec<PasswordHistoryEntry>
struct NativeSessionHardening

Implementations

impl NativeSessionHardening

Functions

fn arm_clipboard_clear(&mut self, contents: String)
fn clear_clipboard_tracking(&mut self)
fn clipboard_clear_after(&self) -> Duration
fn expire_activity_for_test(&mut self)
fn expire_clipboard_for_test(&mut self)
fn idle_lock_after(&self) -> Duration
fn note_activity(&mut self)
fn should_auto_lock(&self) -> bool
fn take_due_clipboard_contents(&mut self) -> Option<SecretString>
fn take_pending_clipboard_contents(&mut self) -> Option<SecretString>
fn with_timeouts(clipboard_clear_after: Duration, idle_lock_after: Duration) -> Self

Traits implemented

impl Default for NativeSessionHardening
struct NewCardRecord
title: String
cardholder_name: String
number: String
expiry_month: String
expiry_year: String
security_code: String
billing_zip: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
struct NewIdentityRecord
title: String
full_name: String
email: Option<String>
phone: Option<String>
address: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
struct NewLoginRecord
title: String
username: String
password: String
url: Option<String>
notes: Option<String>
folder: Option<String>
tags: Vec<String>
struct NewSecureNoteRecord
title: String
content: String
folder: Option<String>
tags: Vec<String>
struct PasswordHistoryEntry
password: String
changed_at_epoch: i64
struct SecretString(Zeroizing<String>)

Implementations

impl SecretString

Functions

fn as_str(&self) -> &str
fn clear(&mut self)
fn is_empty(&self) -> bool
fn new(value: String) -> Self
fn pop(&mut self) -> Option<char>
fn push(&mut self, ch: char)

Traits implemented

impl PartialEq for SecretString
impl Eq for SecretString
impl fmt::Debug for SecretString
struct SecureNoteRecord
title: String
content: String
folder: Option<String>
tags: Vec<String>
struct UpdateCardRecord
title: Option<String>
cardholder_name: Option<String>
number: Option<String>
expiry_month: Option<String>
expiry_year: Option<String>
security_code: Option<String>
billing_zip: Option<Option<String>>
notes: Option<Option<String>>
folder: Option<Option<String>>
tags: Option<Vec<String>>
struct UpdateIdentityRecord
title: Option<String>
full_name: Option<String>
email: Option<Option<String>>
phone: Option<Option<String>>
address: Option<Option<String>>
notes: Option<Option<String>>
folder: Option<Option<String>>
tags: Option<Vec<String>>
struct UpdateLoginRecord
title: Option<String>
username: Option<String>
password: Option<String>
url: Option<Option<String>>
notes: Option<Option<String>>
folder: Option<Option<String>>
tags: Option<Vec<String>>
struct UpdateSecureNoteRecord
title: Option<String>
content: Option<String>
folder: Option<Option<String>>
tags: Option<Vec<String>>
struct VaultHeader
format_version: u32
created_at_epoch: i64
migration_state: String
kdf: VaultKdfParams
keyslots: Vec<VaultKeyslot>

Implementations

impl VaultHeader

Functions

fn assess_keyslot_health(&self, id: &str) -> Result<VaultKeyslotHealth, VaultError>
fn assess_keyslot_health_with_provider_probe(&self, id: &str, provider_probe: VaultKeyslotProviderProbe) -> Result<VaultKeyslotHealth, VaultError>
fn assess_keyslot_removal(&self, id: &str) -> Result<VaultKeyslotRemovalImpact, VaultError>
fn keyslot_health_summaries(&self) -> Vec<VaultKeyslotHealth>
fn keyslot_health_summaries_with_provider_probe(&self, provider_probe: VaultKeyslotProviderProbe) -> Vec<VaultKeyslotHealth>
fn recovery_posture(&self) -> VaultRecoveryPosture
fn recovery_recommendations(&self) -> Vec<String>
fn seal_posture(&self, provider_probe: VaultKeyslotProviderProbe) -> VaultSealPosture

Derives the vault’s seal posture (paranoid-seal state plus per-keyslot provider evidence) directly from header/keyslot data, usable without unlocking the vault. This is the single production posture-derivation site; all callers (CLI, TUI, capability detection) go through this or through seal_posture_for_path.

struct VaultItem
id: String
kind: VaultItemKind
created_at_epoch: i64
updated_at_epoch: i64
payload: VaultItemPayload
struct VaultItemFilter
query: Option<String>
kind: Option<VaultItemKind>
folder: Option<String>
tag: Option<String>

Implementations

impl VaultItemFilter
struct VaultItemSummary
id: String
kind: VaultItemKind
title: String
subtitle: String
location: Option<String>
folder: Option<String>
updated_at_epoch: i64
duplicate_password_count: usize
struct VaultOpenOptions
path: PathBuf
auth: VaultAuth
mnemonic_phrase_env: Option<String>
mnemonic_phrase: Option<SecretString>
mnemonic_slot: Option<String>
device_slot: Option<String>
use_device_auto: bool

Implementations

impl VaultOpenOptions

Functions

fn password_env(&self) -> &str
fn unlock_description(&self) -> String