secstr
A Rust library that implements a data type (wrapper around Vec<u8>
) suitable for storing sensitive information such as passwords and private keys in memory.
Inspired by Haskell securemem and .NET SecureString.
Featuring:
- constant time comparison (does not short circuit on the first different character; but terminates instantly if strings have different length)
- automatically zeroing out in the destructor
mlock
protection if possible- formatting as
***SECRET***
to prevent leaking into logs - (optionally) using libsodium (through sodiumoxide's libsodium-sys) for the zeroing and comparison
- (optionally) de/serializable into anything Serde supports as a byte string
Usage
extern crate secstr;
use *;
let pw = from;
// Compared in constant time:
// (Obviously, you should store hashes in real apps, not plaintext passwords)
let are_pws_equal = pw == from; // true
// Formatting, printing without leaking secrets into logs
let text_to_print = format!; // "***SECRET***"
// Clearing memory
// THIS IS DONE AUTOMATICALLY IN THE DESTRUCTOR
// (but you can force it)
let mut my_sec = from;
my_sec.zero_out;
assert_eq!;
Be careful with SecStr::from
: if you have a borrowed string, it will be copied.
Use SecStr::new
if you have a Vec<u8>
.
Contributing
Please feel free to submit pull requests!
By participating in this project you agree to follow the Contributor Code of Conduct and to release your contributions under the Unlicense.
The list of contributors is available on GitHub.
License
This is free and unencumbered software released into the public domain.
For more information, please refer to the UNLICENSE
file or unlicense.org.