Struct distant_core::SecretKey

pub struct SecretKey { /* fields omitted */ }

A type to represent a secret key.

As default it will randomly generate a SecretKey of 32 bytes.

Errors:

An error will be returned if:

• slice is empty.
• length is 0.
• length is not less than isize::MAX.

Panics:

A panic will occur if:

• Failure to generate random bytes securely.

Security:

• Avoid using unprotected_as_bytes() whenever possible, as it breaks all protections that the type implements.

• The trait PartialEq<&'_ [u8]> is implemented for this type so that users are not tempted to call unprotected_as_bytes to compare this sensitive value to a byte slice. The trait is implemented in such a way that the comparison happens in constant time. Thus, users should prefer SecretType == &[u8] over SecretType.unprotected_as_bytes() == &[u8]. Examples are shown below. The examples apply to any type that implements PartialEq<&'_ [u8]>.

use orion::pwhash::Password;

// Initialize a password with 32 random bytes.
let password = Password::generate(32)?;

// Secure, constant-time comparison with a byte slice
assert!(password != &[0; 32][..]);

// Secure, constant-time comparison with another Password
assert!(password != Password::generate(32)?);

Implementations

impl SecretKey

pub fn from_slice(slice: &[u8]) -> Result<SecretKey, UnknownCryptoError>

Construct from a given byte slice.

pub fn unprotected_as_bytes(&self) -> &[u8]

Return the object as byte slice. Warning: Should not be used unless strictly needed. This breaks protections that the type implements.

pub fn len(&self) -> usize

Return the length of the object.

pub fn generate(length: usize) -> Result<SecretKey, UnknownCryptoError>

Randomly generate using a CSPRNG. Not available in no_std context.

Trait Implementations

impl Debug for SecretKey

pub fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl Default for SecretKey

pub fn default() -> SecretKey

Randomly generate using a CSPRNG with recommended size. Not available in no_std context.

impl Drop for SecretKey

pub fn drop(&mut self)

Executes the destructor for this type.

impl<'_> PartialEq<&'_ [u8]> for SecretKey

pub fn eq(&self, other: &&[u8]) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl PartialEq<SecretKey> for SecretKey

pub fn eq(&self, other: &SecretKey) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl UnprotectedToHexKey for SecretKey

fn unprotected_to_hex_key(&self) -> String

impl Eq for SecretKey