Struct MemoryEnclave 

pub struct MemoryEnclave { /* private fields */ }

An in-memory AES-256-GCM sealed secret.

Plaintext is encrypted under the process-global Coffer master key. open() returns the plaintext in a PoolSlot (slab-backed if the plaintext fits in the smallest tier’s slot size, otherwise standalone). A hot cache in the slab avoids decryption when the same MemoryEnclave is opened multiple times in quick succession.

When dropped, the hot cache entry for this enclave is evicted.

Security note: hot cache

After the first successful open(), the plaintext is cached in the locked slab until this MemoryEnclave is dropped (or until LRU pressure evicts it). The cached copy lives in a guard-paged, mlock’d slab slot — but it is present for the lifetime of this value. For secrets that should not persist in memory, drop the MemoryEnclave promptly after use.

Implementations

impl MemoryEnclave

pub fn seal(plaintext: &[u8]) -> Result<Self>

Seal plaintext under the Coffer key.

pub fn seal_buffer(buf: &mut SecureBuffer) -> Result<Self>

Seal a SecureBuffer’s contents (melt → read → re-freeze).

pub fn seal_slot(slot: &PoolSlot) -> Result<Self>

Seal a PoolSlot’s contents. The caller is responsible for dropping the slot (which zeroizes it).

pub fn open(&self) -> Result<PoolSlot>

Decrypt and return the plaintext in a PoolSlot.

Hot cache fast path: if this enclave was recently opened, the plaintext is copied from the slab cache into a new transient PoolSlot without AES-GCM decryption.

pub fn plaintext_len(&self) -> usize

pub fn id(&self) -> u64

Trait Implementations

impl Debug for MemoryEnclave

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Drop for MemoryEnclave

fn drop(&mut self)

Executes the destructor for this type.

fn pin_drop(self: Pin<&mut Self>)

🔬This is a nightly-only experimental API. (pin_ergonomics)

Execute the destructor for this type, but different to Drop::drop, it requires self to be pinned.