1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
#![no_std]
#![deny(
warnings,
missing_docs,
trivial_casts,
trivial_numeric_casts,
unused_qualifications
)]
#![forbid(unsafe_code)]
#![doc(html_root_url = "https://docs.rs/secrecy/0.2.2")]
use core::fmt::{self, Debug};
#[cfg(feature = "serde")]
use serde::de::{Deserialize, DeserializeOwned, Deserializer};
use zeroize::Zeroize;
pub struct Secret<S>
where
S: Zeroize,
{
inner_secret: S,
}
impl<S> Secret<S>
where
S: Zeroize,
{
pub fn new(secret: S) -> Self {
Secret {
inner_secret: secret,
}
}
}
impl<S> ExposeSecret<S> for Secret<S>
where
S: Zeroize,
{
fn expose_secret(&self) -> &S {
&self.inner_secret
}
}
impl<S> Clone for Secret<S>
where
S: CloneableSecret,
{
fn clone(&self) -> Self {
Secret {
inner_secret: self.inner_secret.clone(),
}
}
}
impl<S> Debug for Secret<S>
where
S: Zeroize + DebugSecret,
{
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "Secret({})", S::debug_secret())
}
}
#[cfg(feature = "serde")]
impl<'de, S> Deserialize<'de> for Secret<S>
where
S: Zeroize + Clone + DebugSecret + DeserializeOwned + Sized,
{
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
S::deserialize(deserializer).map(Secret::new)
}
}
impl<S> Drop for Secret<S>
where
S: Zeroize,
{
fn drop(&mut self) {
self.inner_secret.zeroize();
}
}
pub trait CloneableSecret: Clone + Zeroize {}
pub trait ExposeSecret<S> {
fn expose_secret(&self) -> &S;
}
pub trait DebugSecret {
fn debug_secret() -> &'static str;
}