Lib.rs

Cryptography
#identity #spire #api #workload #jwt #verifiable #spiffe

spire-api

Rust library for the SPIRE APIs

by Max Lambrecht and 5 contributors

5 unstable releases

0.3.2 Nov 7, 2024
0.3.1 Oct 7, 2024
0.3.0 Sep 12, 2024
0.2.0 Mar 7, 2024
0.1.0 Sep 3, 2023

#359 in Cryptography

Download history 172/week @ 2024-09-09 37/week @ 2024-09-16 24/week @ 2024-09-23 72/week @ 2024-09-30 209/week @ 2024-10-07 13/week @ 2024-10-14 7/week @ 2024-10-21 10/week @ 2024-10-28 125/week @ 2024-11-04 7/week @ 2024-11-11

149 downloads per month

Apache-2.0

1MB
20K SLoC

Go 16K SLoC // 0.1% comments Rust 4K SLoC // 0.0% comments

Rust SPIRE API Library

This library provides support for SPIRE specific APIs in Rust.

Features

  • Delegated Identity API support: Facilitates authorized workloads to obtain SVIDs (SPIFFE Verifiable Identity Documents) and bundles on behalf of others that cannot be directly attested by SPIRE Agent. This feature enhances identity support for complex scenarios, including those where workloads cannot be directly recognized by SPIRE.

Installation

Include this line in your Cargo.toml:

[dependencies]
spire-api = "0.3.2"

Usage

Fetch a delegated X.509 and JWT SVIDs providing a set of selectors:

use spire_api::DelegatedIdentityClient;

let client = DelegatedIdentityClient::default().await?;

let x509_svid = client.fetch_x509_svid(DelegateAttestationRequest::Selectors(vec![
  selectors::Selector::Unix(selectors::Unix::Uid(1000)),
])).await?;

For more documentation, refer to the spire-api crate documentation.

Delegated Identity API

For more information about the SPIRE Delegated Identity API, refer to the official documentation.

License

This library is licensed under the Apache License. See the LICENSE.md file for details.

Dependencies

~12–24MB
~361K SLoC