Skip to main content

SecretArrayVec

sanitization_arrayvec

Struct SecretArrayVec 

Source 
pub struct SecretArrayVec<T: SecureSanitize, const CAP: usize> { /* private fields */ }
Expand description

Clear-on-drop wrapper around ArrayVec.

Live elements are sanitized before the vector is cleared. Spare uninitialized storage is not treated as secret material because it has never held a T.

Implementations§

Source§

impl<T: SecureSanitize, const CAP: usize> SecretArrayVec<T, CAP>

Source

pub const fn new() -> Self

Create an empty secret array vector.

Source

pub const fn from_arrayvec(inner: ArrayVec<T, CAP>) -> Self

Wrap an existing ArrayVec.

Source

pub fn len(&self) -> usize

Number of initialized elements.

Source

pub const fn capacity(&self) -> usize

Maximum number of elements.

Source

pub fn is_empty(&self) -> bool

Returns true when there are no initialized elements.

Source

pub fn push(&mut self, value: T) -> Result<(), CapacityError<T>>

Push one sanitizable element.

Source

pub fn as_slice(&self) -> &[T]

Borrow initialized elements.

Source

pub fn as_mut_slice(&mut self) -> &mut [T]

Mutably borrow initialized elements.

Source

pub fn with_secret<R>(&self, inspect: impl FnOnce(&[T]) -> R) -> R

Run a closure with read-only access to initialized elements.

Source

pub fn with_secret_mut<R>(&mut self, edit: impl FnOnce(&mut [T]) -> R) -> R

Run a closure with mutable access to initialized elements.

Source

pub fn clear_secret(&mut self)

Sanitize all live elements and clear the vector.

Source

pub fn into_cleared(self)

Consume after first sanitizing all live elements.

Trait Implementations§

Source§

impl<T: SecureSanitize, const CAP: usize> Debug for SecretArrayVec<T, CAP>

Source§

fn fmt(&self, formatter: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<T: SecureSanitize, const CAP: usize> Default for SecretArrayVec<T, CAP>

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl<T: SecureSanitize, const CAP: usize> Drop for SecretArrayVec<T, CAP>

Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

fn pin_drop(self: Pin<&mut Self>)

🔬This is a nightly-only experimental API. (pin_ergonomics)
Execute the destructor for this type, but different to Drop::drop, it requires self to be pinned. Read more
Source§

impl<T: SecureSanitize, const CAP: usize> SecureSanitize for SecretArrayVec<T, CAP>

Source§

fn secure_sanitize(&mut self)

Clear the sensitive bytes owned by this value.

Auto Trait Implementations§

§

impl<T, const CAP: usize> Freeze for SecretArrayVec<T, CAP>
where T: Freeze,

§

impl<T, const CAP: usize> RefUnwindSafe for SecretArrayVec<T, CAP>
where T: RefUnwindSafe,

§

impl<T, const CAP: usize> Send for SecretArrayVec<T, CAP>
where T: Send,

§

impl<T, const CAP: usize> Sync for SecretArrayVec<T, CAP>
where T: Sync,

§

impl<T, const CAP: usize> Unpin for SecretArrayVec<T, CAP>
where T: Unpin,

§

impl<T, const CAP: usize> UnsafeUnpin for SecretArrayVec<T, CAP>
where T: UnsafeUnpin,

§

impl<T, const CAP: usize> UnwindSafe for SecretArrayVec<T, CAP>
where T: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.