Struct rocket::config::SecretKey [−][src]
pub struct SecretKey { /* fields omitted */ }
Expand description
A cryptographically secure secret key.
A SecretKey
is primarily used by private cookies. See the configuration
guide for further details. It can be configured from 256-bit random
material or a 512-bit master key, each as either a base64-encoded string or
raw bytes.
use rocket::config::Config; let figment = Config::figment() .merge(("secret_key", "hPRYyVRiMyxpw5sBB1XeCMN1kFsDCqKvBi2QJxBVHQk=")); let config = Config::from(figment); assert!(!config.secret_key.is_zero());
When configured in the debug profile with the secrets
feature enabled, a
key set as 0
is automatically regenerated at launch time from the OS’s
random source if available.
use rocket::config::Config; use rocket::local::blocking::Client; let figment = Config::figment() .merge(("secret_key", vec![0u8; 64])) .select("debug"); let rocket = rocket::custom(figment); let client = Client::tracked(rocket).expect("okay in debug"); assert!(!client.rocket().config().secret_key.is_zero());
When running in any other profile with the secrets
feature enabled,
providing a key of 0
or not provided a key at all results in a failure at
launch-time:
use rocket::config::Config; use rocket::figment::Profile; use rocket::local::blocking::Client; use rocket::error::ErrorKind; let profile = Profile::const_new("staging"); let figment = Config::figment() .merge(("secret_key", vec![0u8; 64])) .select(profile.clone()); let rocket = rocket::custom(figment); let error = Client::tracked(rocket).expect_err("failure in non-debug"); assert!(matches!(error.kind(), ErrorKind::InsecureSecretKey(profile)));
Implementations
Attempts to generate a SecretKey
from randomness retrieved from the
OS. If randomness from the OS isn’t available, returns None
.
Example
use rocket::config::SecretKey; let key = SecretKey::generate();
Returns true
if self
is the 0
-key.
Example
use rocket::config::SecretKey; let master = vec![0u8; 64]; let key = SecretKey::from(&master); assert!(key.is_zero());
Returns true
if self
was not automatically generated and is not zero.
Example
use rocket::config::SecretKey; let master = vec![0u8; 64]; let key = SecretKey::generate().unwrap(); assert!(!key.is_provided()); let master = vec![0u8; 64]; let key = SecretKey::from(&master); assert!(!key.is_provided());
Trait Implementations
Deserialize this value from the given Serde deserializer. Read more
type Error = Infallible
type Error = Infallible
The associated error to be returned if derivation fails.
Auto Trait Implementations
impl RefUnwindSafe for SecretKey
impl UnwindSafe for SecretKey
Blanket Implementations
Mutably borrows from an owned value. Read more
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more
Converts self
into a collection.
type Output = T
type Output = T
Should always be Self
pub fn vzip(self) -> V