Skip to main content

Secret

bdrck::crypto::secret

Struct Secret 

Source 
pub struct Secret { /* private fields */ }
Expand description

Secret is somewhat like a Vec, but for sensitive data. It guarantees that its contents won’t be swapped out, and it also guarantees that the contents won’t be visible to any other process, or even the kernel.

NOTE: This requires a fairly recent kernel (5.14+), with CONFIG_SECRETMEM enabled. Currently there is no fallback implementation, so if requirements aren’t met, then constructing Secrets will simply return an error.

NOTE: Memory allocated this way does count towards RLIMIT_MEMLOCK. In modern kernels this defaults to 8 MiB, but it may perhaps need to be increased depending on how you’re using this.

Implementations§

Source§

impl Secret

Source

pub fn new() -> Self

Create a new Secret buffer, initially with length zero. Before the buffer can be meaningfully used, resize will have to be called.

Source

pub fn with_len(len: usize) -> Result<Self>

Create a new Secret buffer with the given initial length. The given initial length can be zero.

Source

pub fn resize(&mut self, len: usize) -> Result<()>

Resize the buffer’s length in bytes. If the new length is smaller, the existing data is truncated. If the new length is larger, the new bytes will be zeros.

Source

pub fn len(&self) -> usize

Return this buffer’s length in bytes.

Source

pub unsafe fn slice_ptr(&self) -> *mut u8

Returns a pointer to this Secret’s underlying memory. The returned pointer is guaranteed to be suitable for constructing a slice, even if this Secret is empty. This pointer is guaranteed to be non-NULL.

Source

pub unsafe fn as_slice(&self) -> &[u8]

Access the underlying secret data. This function is unsafe primarily because you’re touching secrets that shouldn’t be exposed, so be very careful what you do with the data!

Source

pub unsafe fn as_mut_slice(&mut self) -> &mut [u8]

Mutably access the underlying secret data. This function is unsafe primarily because you’re touching secrets that shouldn’t be exposed, so be very careful what you do with the data!

Source

pub fn try_clone(&self) -> Result<Self>

Try to copy this Secret’s contents into a new Secret.

Trait Implementations§

Source§

impl Default for Secret

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl Drop for Secret

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl Send for Secret

Source§

impl Sync for Secret

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more