secrecy.rs 🤐
A simple secret-keeping library for Rust.
About
secrecy is a simple, safe (i.e. forbid(unsafe_code)
library which
provides wrapper types and traits for secret management in Rust, namely the
Secret<T>
type for wrapping another value in a "secret cell" which attempts
to limit exposure (only available through a special ExposeSecret
trait).
This helps to ensure secrets aren't accidentally copied, logged, or otherwise exposed (as much as possible), and also ensures secrets are securely wiped from memory when dropped.
Requirements
- Rust 1.36+
serde support
Optional serde
support for parsing owned secret values is available, gated
under the serde
cargo feature.
It uses the Deserialize
and DeserializeOwned
traits to implement
deserializing secret types which also impl these traits.
This doesn't guarantee serde
(or code providing input to serde
) won't
accidentally make additional copies of the secret, but does the best it can
with what it is given and tries to minimize risk of exposure as much as
possible.
License
Copyright © 2019 iqlusion
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.