Secrets C Reference Documentation

Secrets

Current Version: 11.0.0
Requires Chilkat Bundle License

Provides a unified API for managing secrets stored in the following locations:

  • Windows Credentials Manager
  • Apple Keychain
  • AWS Secrets Manager
  • Azure Key Vault
  • IBM Cloud Secrets Manager
  • Oracle Cloud Secrets
  • Doppler Secrets
  • In-Memory Secrets

Create/Dispose

HCkSecrets instance = CkSecrets_Create();
// ...
CkSecrets_Dispose(instance);
HCkSecrets CkSecrets_Create(void);

Creates an instance of the HCkSecrets object and returns a handle ("void *" pointer). The handle is passed in the 1st argument for the functions listed on this page.

void CkSecrets_Dispose(HCkSecrets handle);

Objects created by calling CkSecrets_Create must be freed by calling this method. A memory leak occurs if a handle is not disposed by calling this function. Also, any handle returned by a Chilkat "C" function must also be freed by the application by calling the appropriate Dispose method, such as CkSecrets_Dispose.

Callback Functions

void CkSecrets_setAbortCheck(HCkSecrets cHandle, BOOL (*fnAbortCheck)(void));

Provides the opportunity for a method call to be aborted. If TRUE is returned, the operation in progress is aborted. Return FALSE to allow the current method call to continue. This callback function is called periodically based on the value of the HeartbeatMs property. (If HeartbeatMs is 0, then no callbacks are made.) As an example, to make 5 AbortCheck callbacks per second, set the HeartbeatMs property equal to 200.

See Also:C Example using Callback Functions

void CkSecrets_setPercentDone(HCkSecrets cHandle, BOOL (*fnPercentDone)(int pctDone));

Provides the percentage completed for any method that involves network communications or time-consuming processing (assuming it is a method where a percentage completion can be measured). This callback is only called when it is possible to know a percentage completion, and when it makes sense to express the operation as a percentage completed. The pctDone argument will have a value from 1 to 100. For methods that complete very quickly, the number of PercentDone callbacks will vary, but the final callback should have a value of 100. For long running operations, no more than one callback per percentage point will occur (for example: 1, 2, 3, ... 98, 99, 100).

This callback counts as an AbortCheck callback, and takes the place of the AbortCheck event when it fires.

The return value indicates whether the method call should be aborted, or whether it should proceed. Return TRUE to abort, and FALSE to proceed.

void CkSecrets_setProgressInfo(HCkSecrets cHandle, void (*fnProgressInfo)(const char *name, const char *value));

This is a general callback that provides name/value information about what is happening at certain points during a method call. To see the information provided in ProgressInfo callbacks, if any, write code to handle this event and log the name/value pairs. Most are self-explanatory.

void CkSecrets_setTaskCompleted(HCkSecrets cHandle, void (*fnTaskCompleted)(HCkTask hTask));

Called in the background thread when an asynchronous task completes. (Note: When an async method is running, all callbacks are in the background thread.)

Properties

AutoSplit
BOOL CkSecrets_getAutoSplit(HCkSecrets cHandle);
void CkSecrets_putAutoSplit(HCkSecrets cHandle, BOOL newVal);
Introduced in version 10.1.0

The AutoSplit property is specific to "local_manager" secrets on Windows. The Windows Credentials Manager supports a maximum of 2560 bytes per secret. If a secret exceeds this size, it will be automatically compressed and split when created or updated, and automatically recomposed when retrieved.

A secret can be split into a maximum of 10 parts.

The default value is TRUE.

More Information and Examples
Windows Credentials Manager - AutoSplit Larger Secrets
top
Compression
BOOL CkSecrets_getCompression(HCkSecrets cHandle);
void CkSecrets_putCompression(HCkSecrets cHandle, BOOL newVal);
Introduced in version 10.1.0

If set to TRUE, then the contents of the secret will be stored compressed. The default value of this property is FALSE.

top
DebugLogFilePath
void CkSecrets_getDebugLogFilePath(HCkSecrets cHandle, HCkString retval);
void CkSecrets_putDebugLogFilePath(HCkSecrets cHandle, const char *newVal);
const char *CkSecrets_debugLogFilePath(HCkSecrets cHandle);

If set to a file path, this property logs the LastErrorText of each Chilkat method or property call to the specified file. This logging helps identify the context and history of Chilkat calls leading up to any crash or hang, aiding in debugging.

Enabling the VerboseLogging property provides more detailed information. This property is mainly used for debugging rare instances where a Chilkat method call causes a hang or crash, which should generally not happen.

Possible causes of hangs include:

  • A timeout property set to 0, indicating an infinite timeout.
  • A hang occurring within an event callback in the application code.
  • An internal bug in the Chilkat code causing the hang.

More Information and Examples
Example showing how to use DebugLogFilePath.
top
LastErrorHtml
void CkSecrets_getLastErrorHtml(HCkSecrets cHandle, HCkString retval);
const char *CkSecrets_lastErrorHtml(HCkSecrets cHandle);

Provides HTML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

top
LastErrorText
void CkSecrets_getLastErrorText(HCkSecrets cHandle, HCkString retval);
const char *CkSecrets_lastErrorText(HCkSecrets cHandle);

Provides plain text information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

More Information and Examples
Concept of LastErrorTextLastErrorText Standard Information
top
LastErrorXml
void CkSecrets_getLastErrorXml(HCkSecrets cHandle, HCkString retval);
const char *CkSecrets_lastErrorXml(HCkSecrets cHandle);

Provides XML-formatted information about the last called method or property. If a method call fails or behaves unexpectedly, check this property for details. Note that information is available regardless of the method call's success.

top
LastMethodSuccess
BOOL CkSecrets_getLastMethodSuccess(HCkSecrets cHandle);
void CkSecrets_putLastMethodSuccess(HCkSecrets cHandle, BOOL newVal);

Indicates the success or failure of the most recent method call: TRUE means success, FALSE means failure. This property remains unchanged by property setters or getters. This method is present to address challenges in checking for null or Nothing returns in certain programming languages.

top
Location
void CkSecrets_getLocation(HCkSecrets cHandle, HCkString retval);
void CkSecrets_putLocation(HCkSecrets cHandle, const char *newVal);
const char *CkSecrets_location(HCkSecrets cHandle);
Introduced in version 10.1.0

The location of the secrets. Possible values are:

  • "local_manager" - On Windows this is the Credentials Manager. On MacOS and iOS it is the Keychain. This is not yet an option on Linux or Android.
  • "aws_secrets_manager" - AWS Secrets Manager
  • "azure_key_vault" - Azure Key Vault
  • "ibm_cloud" - IBM Cloud Secrets Manager
  • "oracle_cloud" - Oracle Cloud Secrets
  • "doppler" - Doppler Secrets
  • "memory" - In-Memory Secrets

The default location is the "local_manager". On Linux and Android, "local_manager" will behave the same as "memory".

top
UncommonOptions
void CkSecrets_getUncommonOptions(HCkSecrets cHandle, HCkString retval);
void CkSecrets_putUncommonOptions(HCkSecrets cHandle, const char *newVal);
const char *CkSecrets_uncommonOptions(HCkSecrets cHandle);
Introduced in version 10.1.0

This is a catch-all property to be used for uncommon needs. This property defaults to the empty string and should typically remain empty.

top
Utf8
BOOL CkSecrets_getUtf8(HCkSecrets cHandle);
void CkSecrets_putUtf8(HCkSecrets cHandle, BOOL newVal);

When set to TRUE, all const char * arguments and return values are interpreted as UTF-8 strings. When set to FALSE, they are interpreted as ANSI strings.

In Chilkat v11.0.0 and later, the default value is TRUE. Before v11.0.0, it was FALSE.

top
VerboseLogging
BOOL CkSecrets_getVerboseLogging(HCkSecrets cHandle);
void CkSecrets_putVerboseLogging(HCkSecrets cHandle, BOOL newVal);

If set to TRUE, then the contents of LastErrorText (or LastErrorXml, or LastErrorHtml) may contain more verbose information. The default value is FALSE. Verbose logging should only be used for debugging. The potentially large quantity of logged information may adversely affect peformance.

top
Version
void CkSecrets_getVersion(HCkSecrets cHandle, HCkString retval);
const char *CkSecrets_version(HCkSecrets cHandle);

Version of the component/library, such as "10.1.0"

More Information and Examples
How to get the Chilkat version at runtime.
top

Methods

DeleteSecret
BOOL CkSecrets_DeleteSecret(HCkSecrets cHandle, HCkJsonObject jsonId);
Introduced in version 10.1.0

Deletes a secret. Cloud secrets managers will typically disable the secret and schedule the secret for deletion after some number of days.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Delete a SecretAWS Secrets Manager - Delete a SecretAzure Key Vault - Delete a SecretOracle Cloud Secrets - Delete a SecretIBM Cloud Secrets - Delete a SecretDoppler Secrets - Delete a Secret
top
DeleteSecretAsync (1)
HCkTask CkSecrets_DeleteSecretAsync(HCkSecrets cHandle, HCkJsonObject jsonId);
Introduced in version 10.1.0

Creates an asynchronous task to call the DeleteSecret method with the arguments provided.

Returns NULL on failure

top
GetSecretBd
BOOL CkSecrets_GetSecretBd(HCkSecrets cHandle, HCkJsonObject jsonId, HCkBinData bd);
Introduced in version 10.1.0

Fetches a binary secret and returns the content in bd.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Get a Binary SecretAWS Secrets Manager - Get a Binary SecretAzure Key Vault - Get a Binary SecretOracle Cloud Secrets - Get a Binary SecretIBM Cloud Secrets - Get a Binary SecretDoppler Secrets - Get a Binary Secret
top
GetSecretBdAsync (1)
HCkTask CkSecrets_GetSecretBdAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkBinData bd);
Introduced in version 10.1.0

Creates an asynchronous task to call the GetSecretBd method with the arguments provided.

Returns NULL on failure

top
GetSecretJson
BOOL CkSecrets_GetSecretJson(HCkSecrets cHandle, HCkJsonObject jsonId, HCkJsonObject jsonOut);
Introduced in version 10.1.0

Fetches a JSON secret and returns the content in jsonOut.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Get a JSON SecretAWS Secrets Manager - Get a JSON SecretAzure Key Vault - Get a JSON SecretOracle Cloud Secrets - Get a JSON SecretIBM Cloud Secrets - Get a JSON SecretDoppler Secrets - Get a JSON Secret
top
GetSecretJsonAsync (1)
HCkTask CkSecrets_GetSecretJsonAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkJsonObject jsonOut);
Introduced in version 10.1.0

Creates an asynchronous task to call the GetSecretJson method with the arguments provided.

Returns NULL on failure

top
GetSecretSb
BOOL CkSecrets_GetSecretSb(HCkSecrets cHandle, HCkJsonObject jsonId, HCkStringBuilder sb);
Introduced in version 10.1.0

Fetches a string secret and returns the content in sb.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Get a String Secret to a StringBuilder
top
GetSecretSbAsync (1)
HCkTask CkSecrets_GetSecretSbAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkStringBuilder sb);
Introduced in version 10.1.0

Creates an asynchronous task to call the GetSecretSb method with the arguments provided.

Returns NULL on failure

top
GetSecretStr
BOOL CkSecrets_GetSecretStr(HCkSecrets cHandle, HCkJsonObject jsonId, HCkString outStr);
const char *CkSecrets_getSecretStr(HCkSecrets cHandle, HCkJsonObject jsonId);
Introduced in version 10.1.0

Fetches a string secret and returns the content of the secret.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Get a String SecretAWS Secrets Manager - Get a String SecretAzure Key Vault - Get a String SecretOracle Cloud Secrets - Get a String SecretIBM Cloud Secrets - Get a String SecretDoppler Secrets - Get a String Secret
top
GetSecretStrAsync (1)
HCkTask CkSecrets_GetSecretStrAsync(HCkSecrets cHandle, HCkJsonObject jsonId);
Introduced in version 10.1.0

Creates an asynchronous task to call the GetSecretStr method with the arguments provided.

Returns NULL on failure

top
ListSecrets
BOOL CkSecrets_ListSecrets(HCkSecrets cHandle, HCkJsonObject json, HCkJsonObject jsonOut);
Introduced in version 10.1.0

Lists secrets matching the wildcarded or exact values passed in json. The results of the query are returned in jsonOut.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - List All SecretsWindows Credentials Manager / Apple Keychain - List Matching SecretsAWS Secrets Manager - List Matching SecretsAzure Key Vault - List Matching SecretsOracle Cloud Secrets - List Matching SecretsIBM Cloud Secrets - List Matching SecretsDoppler Secrets - List Matching Secrets
top
ListSecretsAsync (1)
HCkTask CkSecrets_ListSecretsAsync(HCkSecrets cHandle, HCkJsonObject json, HCkJsonObject jsonOut);
Introduced in version 10.1.0

Creates an asynchronous task to call the ListSecrets method with the arguments provided.

Returns NULL on failure

top
SetBootstrapSecret
BOOL CkSecrets_SetBootstrapSecret(HCkSecrets cHandle, HCkJsonObject jsonId, HCkSecrets secretContent);
Introduced in version 10.1.0

Accessing a cloud-based secrets manager requires authentication credentials, which cannot be stored in the manager itself. Instead, they must be securely stored locally.

One solution is to store the authentication credentials as a secret in the Windows Credentials Manager or Apple Keychain. These credentials serve as the "bootstrap secret" for authenticating with the cloud-based secrets manager.

jsonId contains the name of the bootstrap secret. secretContent contains the bootstrap's secret content.

Returns TRUE for success, FALSE for failure.

More Information and Examples
AWS Setup Bootstrap Secret in Local ManagerAWS Setup Bootstrap Secret in MemoryAzure Key Vault - Setup Bootstrap Secret in Local ManagerAzure Key Vault - Setup Bootstrap Secret in MemoryOracle Cloud Secrets - Setup Bootstrap Secret in Local ManagerOracle Cloud Secrets - Setup Bootstrap Secret in MemoryIBM Cloud Secrets - Setup Bootstrap Secret in Local ManagerIBM Cloud Secrets - Setup Bootstrap Secret in MemoryDoppler Secrets - Setup Bootstrap Secret in Local ManagerDoppler Secrets - Setup Bootstrap Secret in Memory
top
UpdateSecretBd
BOOL CkSecrets_UpdateSecretBd(HCkSecrets cHandle, HCkJsonObject jsonId, HCkBinData secret);
Introduced in version 10.1.0

Creates a binary secret if it does not yet exist, or updates an existing secret. The name of the secret is specified in jsonId, and the binary content of the secret in secret.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Create or Update a Binary SecretAWS Secrets Manager - Create or Update a Binary SecretAzure Key Vault - Create or Update a Binary SecretOracle Cloud Secrets - Create or Update a Binary SecretIBM Cloud Secrets - Create or Update a Binary SecretDoppler Secrets - Create or Update a Binary Secret
top
UpdateSecretBdAsync (1)
HCkTask CkSecrets_UpdateSecretBdAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkBinData secret);
Introduced in version 10.1.0

Creates an asynchronous task to call the UpdateSecretBd method with the arguments provided.

Returns NULL on failure

top
UpdateSecretJson
BOOL CkSecrets_UpdateSecretJson(HCkSecrets cHandle, HCkJsonObject jsonId, HCkJsonObject secret);
Introduced in version 10.1.0

Creates a JSON secret if it does not yet exist, or updates an existing secret. The name of the secret is specified in jsonId, and the JSON content of the secret in secret.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Create or Update a JSON SecretWindows Credentials Manager - AutoSplit Larger SecretsAzure Key Vault - Create or Update a JSON SecretOracle Cloud Secrets - Create or Update a JSON SecretIBM Cloud Secrets - Create or Update a JSON SecretDoppler Secrets - Create or Update a JSON Secret
top
UpdateSecretJsonAsync (1)
HCkTask CkSecrets_UpdateSecretJsonAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkJsonObject secret);
Introduced in version 10.1.0

Creates an asynchronous task to call the UpdateSecretJson method with the arguments provided.

Returns NULL on failure

top
UpdateSecretSb
BOOL CkSecrets_UpdateSecretSb(HCkSecrets cHandle, HCkJsonObject jsonId, HCkStringBuilder sb);
Introduced in version 10.1.0

Creates a string secret if it does not yet exist, or updates an existing secret. The name of the secret is specified in jsonId, and the string content of the secret in sb.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Create or Update a Secret from the Content of a StringBuilder
top
UpdateSecretSbAsync (1)
HCkTask CkSecrets_UpdateSecretSbAsync(HCkSecrets cHandle, HCkJsonObject jsonId, HCkStringBuilder sb);
Introduced in version 10.1.0

Creates an asynchronous task to call the UpdateSecretSb method with the arguments provided.

Returns NULL on failure

top
UpdateSecretStr
BOOL CkSecrets_UpdateSecretStr(HCkSecrets cHandle, HCkJsonObject jsonId, const char *secret);
Introduced in version 10.1.0

Creates a string secret if it does not yet exist, or updates an existing secret. The name of the secret is specified in jsonId, and the string content of the secret in secret.

Returns TRUE for success, FALSE for failure.

More Information and Examples
Windows Credentials Manager / Apple Keychain - Create or Update a SecretAzure Key Vault - Create or Update a SecretOracle Cloud Secrets - Create or Update a SecretIBM Cloud Secrets - Create or Update a SecretDoppler Secrets - Create or Update a Secret
top
UpdateSecretStrAsync (1)
HCkTask CkSecrets_UpdateSecretStrAsync(HCkSecrets cHandle, HCkJsonObject jsonId, const char *secret);
Introduced in version 10.1.0

Creates an asynchronous task to call the UpdateSecretStr method with the arguments provided.

Returns NULL on failure

top