Struct hdk::prelude::CapSecret [−][src]
pub struct CapSecret(_);
Expand description
A CapSecret is used by a caller to prove to a callee access to a committed CapGrant.
It is a random, unique identifier for the capability, which is shared by the grantor to allow access to others. The grantor can optionally further restrict usage of the secret to specific agents.
@todo enforce that secrets are unique across all grants in a chain.
Trait Implementations
Generate an arbitrary value of Self
from the given unstructured data. Read more
fn arbitrary_take_rest(u: Unstructured<'a>) -> Result<Self, Error>
fn arbitrary_take_rest(u: Unstructured<'a>) -> Result<Self, Error>
Generate an arbitrary value of Self
from the entirety of the given unstructured data. Read more
The only meaningful debug information for a cryptograhpic secret is the literal bytes. Also, encodings like base64 are not constant time so debugging could open some weird side channel issue trying to be ‘human friendly’. It seems better to never try to encode secrets.
@todo maybe we want something like HIDDEN by default and putting the actual bytes behind a feature flag?
See https://docs.rs/subtle-encoding/0.5.1/subtle_encoding/
pub fn deserialize<D>(
deserializer: D
) -> Result<CapSecret, <D as Deserializer<'de>>::Error> where
D: Deserializer<'de>,
pub fn deserialize<D>(
deserializer: D
) -> Result<CapSecret, <D as Deserializer<'de>>::Error> where
D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Trivial new type derivation. Secrets should have private interiors and be constructed directly from fixed length arrays of known length.
Implements secret.into() shorthand for CapAccess::Transferable(secret)
Constant time equality check. This mitigates timing attacks where a remote agent can reverse engineer data by measuring tiny changes in latency associated with optimised equality checks. More matching bytes = more latency = vulnerability. This type of attack has been successfully demonstrated over a network despite varied latencies.
pub fn serialize<S>(
&self,
serializer: S
) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error> where
S: Serializer,
pub fn serialize<S>(
&self,
serializer: S
) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error> where
S: Serializer,
Serialize this value into the given Serde serializer. Read more
type Error = SerializedBytesError
type Error = SerializedBytesError
The type returned in the event of a conversion error.
Performs the conversion.
type Error = SerializedBytesError
type Error = SerializedBytesError
The type returned in the event of a conversion error.
Performs the conversion.
type Error = SerializedBytesError
type Error = SerializedBytesError
The type returned in the event of a conversion error.
Performs the conversion.
Auto Trait Implementations
impl RefUnwindSafe for CapSecret
impl UnwindSafe for CapSecret
Blanket Implementations
Mutably borrows from an owned value. Read more
Compare self to key
and return true
if they are equal.
fn instrument(self, span: Span) -> Instrumented<Self>ⓘNotable traits for Instrumented<T>impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;
fn instrument(self, span: Span) -> Instrumented<Self>ⓘNotable traits for Instrumented<T>impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;
impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more
fn in_current_span(self) -> Instrumented<Self>ⓘNotable traits for Instrumented<T>impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;
fn in_current_span(self) -> Instrumented<Self>ⓘNotable traits for Instrumented<T>impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;
impl<T> Future for Instrumented<T> where
T: Future, type Output = <T as Future>::Output;