secret-box 0.1.1

Safe boxing mechanism for sensitive values with automatic zeroization
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97

# secret-box

Safe boxing mechanism for sensitive values in Rust.

## Core features

- **Explicit secret access** via `ExposeSecret` trait - makes secret access auditable in code reviews
- **Automatic memory zeroization** on drop using the `zeroize` crate
- **Debug redaction** prevents accidental logging of secrets
- **Optional serde support** with opt-in serialization to prevent accidental secret exfiltration

## Installation

```toml
[dependencies]
secret-box = "0.1"

# with serde support 
# [dependencies]
# secret-box = { version = "0.1", features = ["serde"] }
```

## Basic Usage

```rust
use secret_box::{SecretBox, ExposeSecret};

// Create a secret password
let password: SecretBox<String> = SecretBox::new(Box::new("super_secret".to_string()));

// Access requires explicit expose_secret()
println!("Password length: {}", password.expose_secret().len());

// Debug output is redacted
println!("{:?}", password); // Prints: SecretBox<String>([REDACTED])

// Secret is automatically zeroized when dropped
```

## API Overview

### `SecretBox<S>`

The main wrapper type for secrets. Generic over any type that implements `Zeroize`.

```rust
// From pre-boxed value
let secret = SecretBox::new(Box::new("password".to_string()));

// Initialize in-place on heap (safest method)
let secret: SecretBox<Vec<u8>> = SecretBox::init_with_mut(|v: &mut Vec<u8>| {
    v.extend_from_slice(b"secret_bytes");
});

// From String or Vec<u8> directly
let secret: SecretBox<String> = "password".to_string().into();
let secret: SecretBox<Vec<u8>> = vec![1, 2, 3].into();
```

### `ExposeSecret<S>`

Trait for accessing the secret value. This is the only way to access the secret, making secret access explicit and auditable.

```rust
use secret_box::ExposeSecret;

let secret = SecretBox::new(Box::new("password".to_string()));
let value: &String = secret.expose_secret();
```

### Serde Support

With the `serde` feature enabled:

- **Deserialization**: `SecretBox<T>` can be deserialized from any type that implements `DeserializeOwned`
- **Serialization**: Requires implementing the `SerializableSecret` marker trait to prevent accidental secret exfiltration

```rust
use secret_box::{SecretBox, ExposeSecret, SerializableSecret};
use serde::{Deserialize, Serialize};

#[derive(Deserialize)]
struct Config {
    api_key: SecretBox<String>,
}

// Deserialize secrets from config
let json = r#"{"api_key":"secret123"}"#;
let config: Config = serde_json::from_str(json).unwrap();

// Note: SecretBox<String> cannot be serialized without implementing SerializableSecret
// This prevents accidental secret leakage via serialization
```

## License

Apache-2.0