Secret

commonware_cryptography::secret

Struct Secret 

Source 
pub struct Secret<T>(/* private fields */);
Expand description

A wrapper for secret values that prevents accidental leakage.

  • Debug and Display show [REDACTED]
  • Zeroized on drop
  • Access requires explicit expose() call

§Type Constraints

Only use with flat data types that have no pointers (e.g. [u8; N]). See module-level documentation for details.

Implementations§

Source§

impl<T> Secret<T>

Source

pub const fn new(value: T) -> Self

Creates a new Secret wrapping the given value.

Source

pub fn expose<R>(&self, f: impl for<'a> FnOnce(&'a T) -> R) -> R

Exposes the secret value for read-only access within a closure.

§Note

The closure uses a higher-ranked trait bound (for<'a>) to prevent the returned value from containing references to the secret data. This ensures the reference cannot escape the closure scope. However, this does not prevent copying or cloning the secret value within the closure (e.g., secret.expose(|s| s.clone())). Callers should avoid leaking secrets through such patterns.

Additionally, any temporaries derived from the secret (e.g. s.as_slice()) may leave secret data on the stack that will not be automatically zeroized. Callers should wrap such temporaries in zeroize::Zeroizing if they contain sensitive data.

Source

pub fn expose_unwrap(self) -> T

Consumes the Secret and returns the inner value, zeroizing the original memory location.

Use this when you need to transfer ownership of the secret value (e.g., for APIs that consume the value).

Trait Implementations§

Source§

impl<T: Clone> Clone for Secret<T>

Source§

fn clone(&self) -> Self

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<T> Debug for Secret<T>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<T> Display for Secret<T>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<T> Drop for Secret<T>

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl<T: CtEq> PartialEq for Secret<T>

Source§

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl<T: CtEq> Eq for Secret<T>

Source§

impl<T> ZeroizeOnDrop for Secret<T>

Auto Trait Implementations§

§

impl<T> Freeze for Secret<T>
where T: Freeze,

§

impl<T> RefUnwindSafe for Secret<T>
where T: RefUnwindSafe,

§

impl<T> Send for Secret<T>
where T: Send,

§

impl<T> Sync for Secret<T>
where T: Sync,

§

impl<T> Unpin for Secret<T>
where T: Unpin,

§

impl<T> UnwindSafe for Secret<T>
where T: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V