Struct hdk::prelude::capability::CapSecret

pub struct CapSecret(_);

A CapSecret is used by a caller to prove to a callee access to a committed CapGrant.

It is a random, unique identifier for the capability, which is shared by the grantor to allow access to others. The grantor can optionally further restrict usage of the secret to specific agents.

@todo enforce that secrets are unique across all grants in a chain.

Trait Implementations

impl AsRef<[u8]> for CapSecret

pub fn as_ref(&self) -> &[u8]

Performs the conversion.

impl Clone for CapSecret

pub fn clone(&self) -> CapSecret

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Copy for CapSecret

impl Debug for CapSecret

The only meaningful debug information for a cryptograhpic secret is the literal bytes. Also, encodings like base64 are not constant time so debugging could open some weird side channel issue trying to be ‘human friendly’. It seems better to never try to encode secrets.

@todo maybe we want something like HIDDEN by default and putting the actual bytes behind a feature flag?

See https://docs.rs/subtle-encoding/0.5.1/subtle_encoding/

pub fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for CapSecret

pub fn deserialize<D>(
    deserializer: D
) -> Result<CapSecret, <D as Deserializer<'de>>::Error> where
    D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl Eq for CapSecret

impl From<[u8; 64]> for CapSecret

Trivial new type derivation. Secrets should have private interiors and be constructed directly from fixed length arrays of known length.

pub fn from(b: [u8; 64]) -> CapSecret

Performs the conversion.

impl From<CapSecret> for CapAccess

Implements secret.into() shorthand for CapAccess::Transferable(secret)

pub fn from(secret: CapSecret) -> CapAccess

Performs the conversion.

impl PartialEq<CapSecret> for CapSecret

Constant time equality check. This mitigates timing attacks where a remote agent can reverse engineer data by measuring tiny changes in latency associated with optimised equality checks. More matching bytes = more latency = vulnerability. This type of attack has been successfully demonstrated over a network despite varied latencies.

pub fn eq(&self, other: &CapSecret) -> bool

This method tests for self and other values to be equal, and is used by ==.

#[must_use]pub fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Serialize for CapSecret

pub fn serialize<S>(
    &self,
    serializer: S
) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error> where
    S: Serializer, 

Serialize this value into the given Serde serializer.

impl<'_> TryFrom<&'_ [u8]> for CapSecret

type Error = SecurePrimitiveError

The type returned in the event of a conversion error.

pub fn try_from(
    slice: &[u8]
) -> Result<CapSecret, <CapSecret as TryFrom<&'_ [u8]>>::Error>

Performs the conversion.

impl<'_> TryFrom<&'_ CapSecret> for SerializedBytes

type Error = SerializedBytesError

The type returned in the event of a conversion error.

pub fn try_from(t: &CapSecret) -> Result<SerializedBytes, SerializedBytesError>

Performs the conversion.

impl TryFrom<CapSecret> for SerializedBytes

type Error = SerializedBytesError

The type returned in the event of a conversion error.

pub fn try_from(t: CapSecret) -> Result<SerializedBytes, SerializedBytesError>

Performs the conversion.

impl TryFrom<SerializedBytes> for CapSecret

type Error = SerializedBytesError

The type returned in the event of a conversion error.

pub fn try_from(sb: SerializedBytes) -> Result<CapSecret, SerializedBytesError>

Performs the conversion.

impl TryFromRandom for CapSecret

fn try_from_random() -> ExternResult<Self>