Struct t_rust_less_lib::memguard::SecretBytes

pub struct SecretBytes { /* fields omitted */ }

Strictly memory protected bytes contain sensitive data.

This implementation borrows a lot of code and ideas from:

• https://crates.io/crates/memsec
• https://crates.io/crates/secrets
• https://download.libsodium.org/doc/memory_management

secrets is not good enough because it relies on libsodium which breaks the desired portability of this library (at least at the time of this writing).

memsec is not good enough because it focuses on protecting a generic type T which size is known at compile-time. In this library we are dealing with dynamic amounts of sensitive data and there is no point in securing a Vec<u8> via memsec … all we would achieve is protecting the pointer to sensitive data in unsecured space.

Implementations

impl SecretBytes

pub fn from_secured(bytes: &[u8]) -> Self

Copy from slice of bytes.

This is not a regular From implementation because the caller has to ensure that the original bytes are zeroed out (or are already in some secured memspace. This different signature should be a reminder of that.

pub fn with_capacity(capacity: usize) -> SecretBytes

pub fn with_capacity_for_chars(capacity_for_chars: usize) -> SecretBytes

pub fn zeroed(size: usize) -> SecretBytes

pub fn random<T>(rng: &mut T, size: usize) -> SecretBytes where
    T: RngCore + CryptoRng, 

pub fn is_empty(&self) -> bool

pub fn len(&self) -> usize

pub fn capacity(&self) -> usize

pub fn borrow(&self) -> Ref<'_>

pub fn borrow_mut(&mut self) -> RefMut<'_>

pub fn locks(&self) -> isize

Trait Implementations

impl Clone for SecretBytes

fn clone(&self) -> Self

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SecretBytes

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for SecretBytes

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error> where
    D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl Drop for SecretBytes

fn drop(&mut self)

Executes the destructor for this type.

impl From<&'_ mut [u8]> for SecretBytes

fn from(bytes: &mut [u8]) -> Self

Performs the conversion.

impl From<String> for SecretBytes

fn from(str: String) -> Self

Performs the conversion.

impl From<Vec<u8, Global>> for SecretBytes

fn from(bytes: Vec<u8>) -> Self

Performs the conversion.

impl PartialEq<SecretBytes> for SecretBytes

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Serialize for SecretBytes

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error> where
    S: Serializer, 

Serialize this value into the given Serde serializer.

impl Zeroize for SecretBytes

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Eq for SecretBytes

impl Send for SecretBytes

impl Sync for SecretBytes