Struct orion::hazardous::stream::chacha20::SecretKey

pub struct SecretKey { /* private fields */ }

A type to represent the SecretKey that Chacha20, XChaCha20, ChaCha20-Poly1305 and XChaCha20-Poly1305 use.

Errors:

An error will be returned if:

• slice is not 32 bytes.

Panics:

A panic will occur if:

• Failure to generate random bytes securely.

Security:

• Avoid using unprotected_as_bytes() whenever possible, as it breaks all protections that the type implements.

• The trait PartialEq<&'_ [u8]> is implemented for this type so that users are not tempted to call unprotected_as_bytes to compare this sensitive value to a byte slice. The trait is implemented in such a way that the comparison happens in constant time. Thus, users should prefer SecretType == &[u8] over SecretType.unprotected_as_bytes() == &[u8]. Examples are shown below. The examples apply to any type that implements PartialEq<&'_ [u8]>.

use orion::hazardous::stream::chacha20::SecretKey;

// Initialize a secret key with random bytes.
let secret_key = SecretKey::generate();

// Secure, constant-time comparison with a byte slice
assert_ne!(secret_key, &[0; 32][..]);

// Secure, constant-time comparison with another SecretKey
assert_ne!(secret_key, SecretKey::generate());

Implementations

impl SecretKey

pub fn from_slice(slice: &[u8]) -> Result<SecretKey, UnknownCryptoError>

Construct from a given byte slice.

pub fn unprotected_as_bytes(&self) -> &[u8]

Return the object as byte slice. Warning: Should not be used unless strictly needed. This breaks protections that the type implements.

pub fn generate() -> SecretKey

Randomly generate using a CSPRNG. Not available in no_std context.

pub fn len(&self) -> usize

Return the length of the object.

pub fn is_empty(&self) -> bool

Return true if this object does not hold any data, false otherwise.

NOTE: This method should always return false, since there shouldn’t be a way to create an empty instance of this object.

Trait Implementations

impl Debug for SecretKey

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for SecretKey

fn drop(&mut self)

Executes the destructor for this type.

impl From<[u8; 32]> for SecretKey

fn from(bytes: [u8; 32]) -> SecretKey

Make an object from a byte array.

impl PartialEq<&[u8]> for SecretKey

fn eq(&self, other: &&[u8]) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialEq<SecretKey> for SecretKey

fn eq(&self, other: &SecretKey) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for SecretKey