Struct runtime::Secret [−][src]
pub struct Secret<T: Bytes> { /* fields omitted */ }
A Type for guarding secrets allocated to the stack.
Provides the following security features and guarentees:
- The Memory is locked with [
mlock
]. - When the memory is freed, [
munlock
] is called. - the memory is zeroed out when no longer in use.
- values are compared in constant time.
- values are prevented from being Debugged.
- Values can not be cloned.
Implementations
impl<T: Bytes> Secret<T>
[src]
pub fn new<F, A>(f: F) -> A where
F: FnOnce(RefMut<'_, T>) -> A,
[src]
F: FnOnce(RefMut<'_, T>) -> A,
Creates a new Secret
and invokes the provided callback with
a wrapper to the protected memory.
let sec = [0u8, 1u8]; // Wraps the sec data in a secret. Secret::<[u8; 2]>::new(|mut s| { s.copy_from_slice(&sec[..]); });
impl<T: Bytes + Zeroed> Secret<T>
[src]
pub fn zero<F, A>(f: F) -> A where
F: FnOnce(RefMut<'_, T>) -> A,
[src]
F: FnOnce(RefMut<'_, T>) -> A,
Creates a new Secret
filled with zeroed bytes and invokes the
callback with a wrapper to the protected memory.
Secret::<u8>::zero(|s| { assert_eq!(*s, 0); });
pub fn from<F, A>(v: &mut T, f: F) -> A where
F: FnOnce(RefMut<'_, T>) -> A,
[src]
F: FnOnce(RefMut<'_, T>) -> A,
Creates a new Secret
from existing, unprotected data, and
immediately zeroes out the memory of the data being moved in.
let mut value = [1u8, 2u8]; // the contents of `value` will be copied into the Secret before // being zeroed out Secret::from(&mut value, |s| { assert_eq!(*s, [1, 2]); }); // the contents of `value` have been zeroed assert_eq!(value, [0, 0]);
impl<T: Bytes + Randomized> Secret<T>
[src]
pub fn random<F, U>(f: F) -> U where
F: FnOnce(RefMut<'_, T>) -> U,
[src]
F: FnOnce(RefMut<'_, T>) -> U,
Creates a new Secret
filled with random bytes and invokes
the callback with a wrapper to the protected memory.
Secret::<u128>::random(|s| { // s is filled with random bytes })
Trait Implementations
Auto Trait Implementations
impl<T> RefUnwindSafe for Secret<T> where
T: RefUnwindSafe,
T: RefUnwindSafe,
impl<T> Send for Secret<T> where
T: Send,
T: Send,
impl<T> Sync for Secret<T> where
T: Sync,
T: Sync,
impl<T> Unpin for Secret<T> where
T: Unpin,
T: Unpin,
impl<T> UnwindSafe for Secret<T> where
T: UnwindSafe,
T: UnwindSafe,
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,