Add keystore implementation and example.

.github/workflows/checks.yml

@@ -48,8 +48,10 @@ jobs:
       run: |
         cargo build --example request-key --features std
         sudo mv ./target/debug/examples/request-key /sbin/request-key
-    - name: Run tests
+    - name: Run tests (minimal including ignored)
       run: cargo test --verbose -- --include-ignored
+    - name: Run tests (keystore, std, no ignored)
+      run: cargo test --features keystore --verbose
 
   # Ensure clippy and formatting pass
   clippy:
@@ -63,7 +65,7 @@ jobs:
           override: true
           components: clippy
     - name: Run Clippy
-      run: cargo clippy --verbose -- --deny "warnings"
+      run: cargo clippy --features keystore --verbose -- --deny "warnings"
     - name: Run RustFmt
       run: cargo fmt -- --check
 

.github/workflows/coverage.yml

@@ -32,7 +32,7 @@ jobs:
             sudo mv ./target/debug/examples/request-key /sbin/request-key
 
         - name: Run cargo-tarpaulin
-          run: cargo-tarpaulin --lib -- --include-ignored
+          run: cargo-tarpaulin --lib --features keystore -- --include-ignored
 
         - name: Upload to codecov.io
           uses: codecov/codecov-action@v5

Cargo.toml

@@ -9,26 +9,37 @@ calls allowing user-space programs to perform key manipulation.
 """
 homepage = "https://github.com/landhb/linux-keyutils"
 repository = "https://github.com/landhb/linux-keyutils"
-keywords = ["keyutils", "keyctl", "linux","keyring", "secure-storage"]
+keywords = ["keyutils", "keyctl", "linux", "keyring", "secure-storage"]
 readme = "README.md"
 license = "Apache-2.0 OR MIT"
 
 [features]
 default = []
 std = ["bitflags/std"]
+keystore = ["dep:keyring", "std"]
 
 [[example]]
 name = "keyctl"
 required-features = ["std"]
 
+[[example]]
+name = "keystore"
+required-features = ["keystore"]
+
 [[example]]
 name = "request-key"
 required-features = ["std"]
 
 [dependencies]
 libc = {version = "0.2.158", default-features = false}
 bitflags = {version = "2.6", default-features = false}
+keyring = { version = "4.0.0-alpha", optional = true }
 
 [dev-dependencies]
+fastrand = "2.3.0"
+rpassword = "7.3.1"
 zeroize = "1.8.1"
-clap = {version = "4.5.16", default-features = false, features = ["std", "derive", "help"]}
+clap = {version = "4.5.16", default-features = false, features = ["std", "derive", "help"]}
+
+[package.metadata.docs.rs]
+features = "keystore"

README.md

@@ -22,6 +22,10 @@ For more information please view the full [documentation](https://docs.rs/linux-
 * For std programs `KeyError` implements `std::error::Error` when the `std` feature of this crate enabled.
 * Small footprint, the library only relies on the `libc` and `bitflags` crates.
 
+## Keyring Integration
+
+This library, when compiled with the `keystore` feature, provides a credential store for use with the [keyring crate](https://crates.io/crates/keyring). See the `keystore` module docs and the [keystore.rs example](examples/keystore.rs) for details.
+
 ## License
 
 Licensed under either of the following at your discretion:

examples/keystore.rs

@@ -0,0 +1,21 @@
+//! Example CLI app that creates, writes, reads, examines, and deletes an entry
+//! in the keyutils keystore using APIs from the keyring crate.
+//!
+//! This example must be compiled with the keystore feature specified.
+
+use keyring::{set_default_credential_builder, Entry};
+
+fn main() {
+    set_default_credential_builder(linux_keyutils::default_credential_builder());
+    let service = "service";
+    let username = "user";
+    let password = "<PASSWORD>";
+    let entry = Entry::new(service, username).unwrap();
+    entry.set_password(password).unwrap();
+    let retrieved = entry.get_password().unwrap();
+    if retrieved != password {
+        panic!("Passwords do not match");
+    }
+    println!("Entry: {:?}", entry);
+    entry.delete_credential().unwrap()
+}