Skip to main content

CachedPassphraseProvider

auths_core::signing

Struct CachedPassphraseProvider 

Source 
pub struct CachedPassphraseProvider { /* private fields */ }
Expand description

A PassphraseProvider that caches passphrases from an inner provider.

Cached values are stored in Zeroizing<String> for automatic zeroing on drop and expire after the configured TTL (time-to-live).

This is useful for agent sessions where prompting for every signing operation would be disruptive, but credentials shouldn’t persist indefinitely.

§Security Considerations

  • Cached passphrases are wrapped in Zeroizing<String> for secure memory cleanup
  • TTL prevents stale credentials from persisting
  • Call clear_cache() on logout or lock events

Implementations§

Source§

impl CachedPassphraseProvider

Source

pub fn new( inner: Arc<dyn PassphraseProvider + Send + Sync>, ttl: Duration, ) -> Self

Creates a new CachedPassphraseProvider wrapping the given provider.

§Arguments
  • inner - The underlying provider to fetch passphrases from on cache miss
  • ttl - How long cached passphrases remain valid before expiring
Source

pub fn unlock(&self, passphrase: &str)

Pre-fill the cache with a passphrase for session-based unlock.

This allows callers to unlock once and re-use the passphrase for the configured TTL without re-prompting. The passphrase is stored only in Rust memory (never crosses FFI boundary after this call).

The default prompt key is used so all subsequent signing operations that use the same prompt will hit the cache.

Source

pub fn remaining_ttl(&self) -> Option<Duration>

Returns the remaining TTL in seconds, or None if no cached passphrase.

Source

pub fn clear_cache(&self)

Clears all cached passphrases.

Call this on logout, lock, or when the session ends to ensure cached credentials don’t persist in memory.

Trait Implementations§

Source§

impl PassphraseProvider for CachedPassphraseProvider

Source§

fn get_passphrase( &self, prompt_message: &str, ) -> Result<Zeroizing<String>, AgentError>

Securely obtains a passphrase, potentially by prompting the user. Read more
Source§

fn on_incorrect_passphrase(&self, prompt_message: &str)

Notifies the provider that the passphrase returned for prompt_message was wrong. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V