Struct runtime::GuardedVec[][src]

pub struct GuardedVec<T: Bytes> { /* fields omitted */ }

A guarded type for protecting variable-length secrets allocated on the heap.

Provides the following features and guarantees:

  • Causes segfault upon access without using a borrow.
  • Protected using mprotect:
    • Prot::NoAccess - when the box has no current borrows.
    • Prot::ReadOnly - when the box has at least one current immutable borrow.
    • Prot::ReadWrite - when the box has a current mutable borrow (can only have one at a time).
  • The allocated memory uses guard pages both proceeding and following the memory. Overflows and large underflows cause immediate termination of the program.
  • A canary proceeds the memory location to detect smaller underflows. The program will drop the underlying memory and terminate if detected.
  • The Memory is locked with mlock.
  • When the memory is freed, munlock is called.
  • The memory is zeroed when no longer in use via sodium_free.
  • Guarded types can be compared in constant time.
  • Guarded types can not be printed using Debug.
  • The interior data of a Guarded type may not be Clone. GuardedVec includes serialization which converts the data into a vector before its serialized by serde. Upon deserialization, the data is returned back to a new GuardedVec.


impl<T: Bytes> GuardedVec<T>[src]

pub fn new<F>(len: usize, f: F) -> Self where
    F: FnOnce(&mut [T]), 

pub fn try_new<U, E, F>(f: F) -> Result<Self, E> where
    F: FnOnce(&mut [T]) -> Result<U, E>, 

pub fn len(&self) -> usize[src]

pub fn is_empty(&self) -> bool[src]

pub fn size(&self) -> usize[src]

pub fn borrow(&self) -> Ref<'_, T>[src]

pub fn borrow_mut(&mut self) -> RefMut<'_, T>[src]

impl<T: Bytes + Randomized> GuardedVec<T>[src]

pub fn random(len: usize) -> Self[src]

impl<T: Bytes + Zeroed> GuardedVec<T>[src]

pub fn zero(len: usize) -> Self[src]

Trait Implementations

impl<T: Clone + Bytes> Clone for GuardedVec<T>[src]

impl<T: Bytes> Debug for GuardedVec<T>[src]

impl<'de, T: Bytes> Deserialize<'de> for GuardedVec<T> where
    T: Deserialize<'de>, 

impl<T: Eq + Bytes> Eq for GuardedVec<T>[src]

impl<T: Bytes + Zeroed> From<&'_ mut [T]> for GuardedVec<T>[src]

impl<T: Bytes + ConstEq> PartialEq<GuardedVec<T>> for GuardedVec<T>[src]

impl<T: Bytes + Send> Send for GuardedVec<T>[src]

impl<T: Bytes> Serialize for GuardedVec<T> where
    T: Serialize

impl<T: Bytes> StructuralEq for GuardedVec<T>[src]

impl<T: Bytes + Sync> Sync for GuardedVec<T>[src]

Auto Trait Implementations

impl<T> !RefUnwindSafe for GuardedVec<T>

impl<T> Unpin for GuardedVec<T>

impl<T> UnwindSafe for GuardedVec<T> where
    T: RefUnwindSafe

