Struct KeyHandle 

pub struct KeyHandle { /* private fields */ }

Opaque, redacted reference to a key stored inside a KeyVault.

A KeyHandle is cheap to clone (it is Copy-shaped — currently Clone + Copy) and safe to pass across threads. It exposes no methods that return raw key bytes; all operations that need the underlying material are performed by the vault on the caller’s behalf.

Examples

use key_vault::KeyHandle;

// Handles are only constructed by the vault. In tests you can construct one
// via the unit-tested helper. The important property is opacity:
let rendered = format!("{h:?}");
assert!(rendered.contains("redacted"));

Equality

KeyHandle implements both PartialEq and subtle::ConstantTimeEq. The latter is the equality check the vault uses internally: it compares both inner identifiers in constant time regardless of input values, eliminating timing side-channels even though the underlying ids are not themselves secret.

Trait Implementations

impl Clone for KeyHandle

fn clone(&self) -> KeyHandle

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl ConstantTimeEq for KeyHandle

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal.

fn ct_ne(&self, other: &Self) -> Choice

Determine if two items are NOT equal.

impl Debug for KeyHandle

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Hash for KeyHandle

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for KeyHandle

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Copy for KeyHandle

impl Eq for KeyHandle