Stronghold
Store secrets and keys using the IOTA Stronghold secret management engine.
Supported Platforms
This plugin requires a Rust version of at least 1.77.2
Platform | Level | Notes |
---|---|---|
windows | ||
linux | ||
macos | ||
android | ||
ios |
Setup
Install the stronghold plugin to get started.
Use your project’s package manager to add the dependency:
-
Run the following command in the
src-tauri
folder to add the plugin to the project’s dependencies inCargo.toml
: -
Modify
lib.rs
to initialize the plugin: -
Install the JavaScript Guest bindings using your preferred JavaScript package manager:
Usage
The plugin must be initialized with a password hash function, which takes the password string and must return a 32 bytes hash derived from it.
Initialize with argon2 password hash function
The Stronghold plugin offers a default hash function using the argon2 algorithm.
Initialize with custom password hash function
Alternatively you can provide your own hash algorithm by using the tauri_plugin_stronghold::Builder::new
constructor.
Usage from JavaScript
The stronghold plugin is available in JavaScript.
Permissions
By default all potentially dangerous plugin commands and scopes are blocked and cannot be accessed. You must modify the permissions in your capabilities
configuration to enable these.
See the Capabilities Overview for more information and the step by step guide to use plugin permissions.
Default Permission
This permission set configures what kind of operations are available from the stronghold plugin.
Granted Permissions
All non-destructive operations are enabled by default.
allow-create-client
allow-get-store-record
allow-initialize
allow-execute-procedure
allow-load-client
allow-save-secret
allow-save-store-record
allow-save
Permission Table
Identifier | Description |
---|---|
|
Enables the create_client command without any pre-configured scope. |
|
Denies the create_client command without any pre-configured scope. |
|
Enables the destroy command without any pre-configured scope. |
|
Denies the destroy command without any pre-configured scope. |
|
Enables the execute_procedure command without any pre-configured scope. |
|
Denies the execute_procedure command without any pre-configured scope. |
|
Enables the get_store_record command without any pre-configured scope. |
|
Denies the get_store_record command without any pre-configured scope. |
|
Enables the initialize command without any pre-configured scope. |
|
Denies the initialize command without any pre-configured scope. |
|
Enables the load_client command without any pre-configured scope. |
|
Denies the load_client command without any pre-configured scope. |
|
Enables the remove_secret command without any pre-configured scope. |
|
Denies the remove_secret command without any pre-configured scope. |
|
Enables the remove_store_record command without any pre-configured scope. |
|
Denies the remove_store_record command without any pre-configured scope. |
|
Enables the save command without any pre-configured scope. |
|
Denies the save command without any pre-configured scope. |
|
Enables the save_secret command without any pre-configured scope. |
|
Denies the save_secret command without any pre-configured scope. |
|
Enables the save_store_record command without any pre-configured scope. |
|
Denies the save_store_record command without any pre-configured scope. |
© 2024 Tauri Contributors. CC-BY / MIT