Keystore-rs is a Rust library for securely storing and managing cryptographic keys.
- Secure ED25519 key generation
- Key storage and retrieval
- Supports macOS and Linux keychain integration
Add the following to your Cargo.toml:
[dependencies]
keystore-rs = "0.3.0"or
cargo add keystore-rsThe library provides two main storage implementations:
- FileStore: Encrypted file-based storage using AES-256-GCM
- KeyChain: System keychain integration (macOS/Linux)
use keystore_rs::{create_signing_key, KeyStore, FileStore};
use anyhow::Result;
fn main() -> Result<()> {
// Set up symmetric key for file encryption (required for FileStore)
std::env::set_var("SYMMETRIC_KEY", "your-32-byte-hex-encoded-key");
// Create a file-based keystore
let file_store = FileStore::new("~/.keystore/keys.json")?;
// Create and store a new signing key
let signing_key = create_signing_key();
file_store.add_signing_key("my-key-1", &signing_key)?;
// Retrieve the signing key (will return an error if it doesnt exist)
let retrieved_key = file_store.get_signing_key("my-key-1")?;
// Get or create a key (creates the key if it doesn't exist)
let key = file_store.get_or_create_signing_key("my-key-2")?;
Ok(())
}use keystore_rs::{create_signing_key, KeyStore, KeyChain};
use anyhow::Result;
fn main() -> Result<()> {
let keychain = KeyChain;
// Create and store a new signing key
let signing_key = create_signing_key();
keychain.add_signing_key("my-key-1", &signing_key)?;
// Retrieve the signing key
let retrieved_key = keychain.get_signing_key("my-key-1")?;
// Get or create a key (creates if doesn't exist)
let key = keychain.get_or_create_signing_key("my-key-2")?;
Ok(())
}Contributions are welcome! Please feel free to get in touch.
This project is licensed under the MIT License.