pub fn seal<T: Encode>(
value: &T,
key: Option<&str>,
) -> Result<Vec<u8>, SerializationError>Expand description
Encode value to an opaque byte blob sealed with key.
If key is None the default key "serialization/deserialization" is
used. The resulting blob can only be decoded by open with the same
key.
§Errors
Returns SerializationError::Encode if bincode cannot serialize the
value.
Examples found in repository?
examples/veil_seal_open.rs (line 38)
25fn main() {
26 let key = "my-secret-key";
27
28 let original = Payload {
29 user: "alice".into(),
30 score: 9001,
31 tags: vec!["rust".into(), "crypto".into()],
32 };
33
34 println!("Original : {original:?}");
35
36 // ── Seal ──────────────────────────────────────────────────────────────────
37 // Transforms Payload into an opaque byte blob.
38 let blob = seal(&original, Some(key)).expect("seal failed");
39 println!("Sealed : {} bytes (opaque — no structure visible)", blob.len());
40
41 // ── Open ──────────────────────────────────────────────────────────────────
42 // Reconstructs Payload from the opaque blob using the same key.
43 let recovered: Payload = open(&blob, Some(key)).expect("open failed");
44 println!("Recovered: {recovered:?}");
45
46 assert_eq!(original, recovered, "round-trip mismatch!");
47 println!("\nRound-trip successful ✓");
48
49 // ── Wrong key rejects ─────────────────────────────────────────────────────
50 let bad: Result<Payload, _> = open(&blob, Some("wrong-key"));
51 assert!(bad.is_err(), "wrong key should fail to open");
52 println!("Wrong-key rejection ✓");
53}