Expand description
A data type suitable for storing sensitive information such as passwords and private keys in memory, that implements:
- Automatic zeroing in
Drop
- Constant time comparison in
PartialEq
(does not short circuit on the first different character; but terminates instantly if strings have different length) - Outputting
***SECRET***
to prevent leaking secrets into logs infmt::Debug
andfmt::Display
- Automatic
mlock
to protect against leaking into swap (any unix) - Automatic
madvise(MADV_NOCORE/MADV_DONTDUMP)
to protect against leaking into core dumps (FreeBSD, DragonflyBSD, Linux)
Comparisons using the PartialEq
implementation are undefined behavior (and most likely wrong) if T
has any padding bytes.
Be careful with SecStr::from
: if you have a borrowed string, it will be copied.
Use SecStr::new
if you have a Vec<u8>
.
Implementations
sourceimpl<T> SecVec<T>where
T: Sized + Copy,
impl<T> SecVec<T>where
T: Sized + Copy,
pub fn new(cont: Vec<T>) -> Self
sourcepub fn unsecure(&self) -> &[T]ⓘNotable traits for &mut [u8]impl Write for &mut [u8]impl Read for &[u8]
pub fn unsecure(&self) -> &[T]ⓘNotable traits for &mut [u8]impl Write for &mut [u8]impl Read for &[u8]
Borrow the contents of the string.
sourcepub fn unsecure_mut(&mut self) -> &mut [T]ⓘNotable traits for &mut [u8]impl Write for &mut [u8]impl Read for &[u8]
pub fn unsecure_mut(&mut self) -> &mut [T]ⓘNotable traits for &mut [u8]impl Write for &mut [u8]impl Read for &[u8]
Mutably borrow the contents of the string.
sourcepub fn resize(&mut self, new_len: usize, value: T)
pub fn resize(&mut self, new_len: usize, value: T)
Resizes the SecVec
in-place so that len is equal to new_len
.
If new_len
is smaller the inner vector is truncated.
If new_len
is larger the inner vector will grow, placing value
in all new cells.
This ensures that the new memory region is secured if reallocation occurs.
Similar to Vec::resize
Trait Implementations
sourceimpl<T> PartialEq<SecVec<T>> for SecVec<T>where
T: Sized + Copy + NoPaddingBytes,
impl<T> PartialEq<SecVec<T>> for SecVec<T>where
T: Sized + Copy + NoPaddingBytes,
impl<T> Eq for SecVec<T>where
T: Sized + Copy + NoPaddingBytes,
Auto Trait Implementations
impl<T> RefUnwindSafe for SecVec<T>where
T: RefUnwindSafe,
impl<T> Send for SecVec<T>where
T: Send,
impl<T> Sync for SecVec<T>where
T: Sync,
impl<T> Unpin for SecVec<T>where
T: Unpin,
impl<T> UnwindSafe for SecVec<T>where
T: UnwindSafe,
Blanket Implementations
sourceimpl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more