Crate secure_gate

Crate secure_gate 

Source
Expand description

§secure-gate: Zero-cost secure wrappers for secrets

This crate provides safe, ergonomic wrappers for handling sensitive data in memory with zero runtime overhead. It supports both stack-allocated fixed-size secrets and heap-allocated dynamic secrets, with optional automatic zeroing on drop.

Key components:

§Features

  • zeroize: Enables automatic memory wiping on drop via zeroize and secrecy.
  • rand: Enables [SecureRandomExt::random()] for generating fixed-size secrets.
  • serde: Optional serialization support (deserialization disabled for Dynamic<T> for security).
  • Works in no_std + alloc environments.

§Quick Start

use secure_gate::{dynamic_alias, fixed_alias, Dynamic, Fixed};

fixed_alias!(Aes256Key, 32);
dynamic_alias!(Password, String);

let key: Aes256Key = [42u8; 32].into();
let pw: Password = "hunter2".into();

assert_eq!(key.expose_secret()[0], 42);
assert_eq!(pw.expose_secret(), "hunter2");

See individual modules for detailed documentation.

Macros§

dynamic_alias
Defines a type alias for a dynamic (heap-allocated) secret.
fixed_alias
Defines a type alias for a fixed-size byte secret.
secure
Creates a secret wrapper around the given value.
secure_zeroizing
Creates a zeroizing secret that automatically wipes itself on drop.

Structs§

Dynamic
A zero-cost, heap-allocated wrapper for sensitive data.
DynamicZeroizing
Zeroizing wrapper for heap-allocated secrets.
Fixed
A zero-cost, stack-allocated wrapper for sensitive data.

Traits§

Zeroize
Trait for securely erasing values from memory.
ZeroizeOnDrop
Marker trait signifying that this type will Zeroize::zeroize itself on Drop.

Type Aliases§

FixedZeroizing
Re-export of zeroize::Zeroizing<T> for stack-allocated secrets.
Zeroizing

Derive Macros§

Zeroize
Derive the Zeroize trait.
ZeroizeOnDrop
Derive the ZeroizeOnDrop trait.