#![no_std]
#![deny(
warnings,
missing_docs,
trivial_casts,
trivial_numeric_casts,
unused_qualifications
)]
#![forbid(unsafe_code)]
#![doc(html_root_url = "https://docs.rs/secrecy/0.2.2")]
use core::fmt::{self, Debug};
#[cfg(feature = "serde")]
use serde::de::{Deserialize, DeserializeOwned, Deserializer};
use zeroize::Zeroize;
pub struct Secret<S>
where
S: Zeroize,
{
inner_secret: S,
}
impl<S> Secret<S>
where
S: Zeroize,
{
pub fn new(secret: S) -> Self {
Secret {
inner_secret: secret,
}
}
}
impl<S> ExposeSecret<S> for Secret<S>
where
S: Zeroize,
{
fn expose_secret(&self) -> &S {
&self.inner_secret
}
}
impl<S> Clone for Secret<S>
where
S: CloneableSecret,
{
fn clone(&self) -> Self {
Secret {
inner_secret: self.inner_secret.clone(),
}
}
}
impl<S> Debug for Secret<S>
where
S: Zeroize + DebugSecret,
{
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Secret({})", S::debug_secret())
}
}
#[cfg(feature = "serde")]
impl<'de, S> Deserialize<'de> for Secret<S>
where
S: Zeroize + Clone + DebugSecret + DeserializeOwned + Sized,
{
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
S::deserialize(deserializer).map(Secret::new)
}
}
impl<S> Drop for Secret<S>
where
S: Zeroize,
{
fn drop(&mut self) {
self.inner_secret.zeroize();
}
}
pub trait CloneableSecret: Clone + Zeroize {}
pub trait ExposeSecret<S> {
fn expose_secret(&self) -> &S;
}
pub trait DebugSecret {
fn debug_secret() -> &'static str;
}