Struct Protected 

pub struct Protected<T>(/* private fields */);

The most basic controlled type. It ensures inner types are Zeroize and implements Debug and Display safely (i.e. inner sensitive values are redacted).

Implementations

impl<T> Protected<T>

pub const fn new(x: T) -> Self

where T: Zeroize,

Create a new Protected from an inner value.

impl<T> Protected<Protected<T>>

pub fn flatten(self) -> Protected<T>

Flatten a Protected of Protected into a single Protected. Similar to Option::flatten.

use vitaminc_protected::{Controlled, Protected};
let x = Protected::new(Protected::new([0u8; 32]));
let y = x.flatten();
assert_eq!(y.risky_unwrap(), [0u8; 32]);

Like Option, flattening only removes one level of nesting at a time.

impl<T> Protected<Option<T>>

pub fn transpose(self) -> Option<Protected<T>>

Transpose a Protected of Option into an Option of Protected. Similar to Option::transpose.

use vitaminc_protected::Protected;
let x = Protected::new(Some([0u8; 32]));
let y = x.transpose();
assert!(y.is_some())

Trait Implementations

impl<T> BitXor for Protected<T>

where T: BitXor + Zeroize, <T as BitXor>::Output: Zeroize,

type Output = Protected<<T as BitXor>::Output>

The resulting type after applying the ^ operator.

fn bitxor(self, rhs: Self) -> Self::Output

Performs the ^ operation.

impl<T> Clone for Protected<T>

where T: Clone,

fn clone(&self) -> Self

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<T> Controlled for Protected<T>

where T: Zeroize,

type Inner = T

fn risky_unwrap(self) -> Self::Inner

Unwraps the inner value of the Controlled type. This is a risky operation because it consumes the Controlled type and returns the inner value negating the protections that the Controlled type provides.

fn init_from_inner(x: Self::Inner) -> Self

fn risky_ref(&self) -> &T

Provides a reference to the inner value. This is a risky operation because it bypasses the protections that the Controlled type provides. Use with caution!

fn inner_mut(&mut self) -> &mut Self::Inner

fn new(inner: Self::Inner) -> Self

where Self: Sized,

Initialize a new instance of the Controlled type from the inner value.

fn generate<F>(f: F) -> Self

where Self: Sized, F: FnOnce() -> Self::Inner,

Generate a new instance of the Controlled type from a function that returns the inner value.

fn generate_ok<F, E>(f: F) -> Result<Self, E>

where Self: Sized, F: FnOnce() -> Result<Self::Inner, E>,

Generate a new Controlled type from a function that returns a Result with the inner value.

fn map<B, F>(self, f: F) -> <Self as ReplaceT<B>>::Output

where Self: Sized + ReplaceT<B>, F: FnOnce(<Self as Controlled>::Inner) -> B, <Self as ReplaceT<B>>::Output: Controlled<Inner = B>, B: Zeroize,

Map the inner value of this Controlled type. Conceptually similar to Option::map`.

fn map_ok<B, F, E>(self, f: F) -> Result<<Self as ReplaceT<B>>::Output, E>

where Self: Sized + ReplaceT<B>, F: FnOnce(<Self as Controlled>::Inner) -> Result<B, E>, <Self as ReplaceT<B>>::Output: Controlled<Inner = B>, B: Zeroize,

Similar to map but the closure returns a Result with the new inner value. The result is a Result with the new Controlled type.

fn zip<Other, Out, F>(self, b: Other, f: F) -> Protected<Out>

where Self: Sized, Other: Controlled, Out: Zeroize, F: FnOnce(Self::Inner, Other::Inner) -> Out,

Zip two Controlled values of the same type together with a function that combines them.

fn zip_ref<'a, A, Other, Out, F>( self, other: &'a Other, f: F, ) -> <Self as ReplaceT<Out>>::Output

where A: ?Sized + 'a, Self: Sized + ReplaceT<Out>, <Self as ReplaceT<Out>>::Output: Controlled<Inner = Out>, Other: AsProtectedRef<'a, A>, Out: Zeroize, F: FnOnce(Self::Inner, &A) -> Out,

Like zip but the second argument is a reference.

fn update<F>(&mut self, f: F)

where F: FnMut(&mut Self::Inner),

Similar to map but using references to that the inner value is updated in place.

fn update_with<Other, F>(&mut self, other: Other, f: F)

where F: FnMut(&mut Self::Inner, Other::Inner), Other: Controlled,

Update the inner value with another Controlled value. The inner value of the second argument is passed to the closure.

fn update_with_ref<'a, A, F>(&mut self, other: ProtectedRef<'a, A>, f: F)

where A: ?Sized + 'a, F: FnMut(&mut Self::Inner, &A),

Like update_with but the second argument is a reference.

fn iter<'a, I>(&'a self) -> impl Iterator<Item = Protected<I>>

where <Self as Controlled>::Inner: AsRef<[I]>, I: Copy + 'a,

Iterate over the inner value and wrap each element in a Protected. I must be Copy because Protected always takes ownership of the inner value.

fn replace(&mut self, new: Self) -> Self

where Self: Sized,

Replace the inner value with a new one. The new value must be Self.

fn risky_inner_mut(&mut self) -> &mut Self::Inner

Provides a mutable reference to the inner value. This is a risky operation because it bypasses the protections that the Controlled type provides. Use with caution!

impl<T> Debug for Protected<T>

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl<T, A> Extend<A> for Protected<T>

where T: Extend<A>,

fn extend<I>(&mut self, iter: I)

where I: IntoIterator<Item = A>,

Extends a collection with the contents of an iterator.

fn extend_one(&mut self, item: A)

🔬This is a nightly-only experimental API. (extend_one)

Extends a collection with exactly one element.

fn extend_reserve(&mut self, additional: usize)

🔬This is a nightly-only experimental API. (extend_one)

Reserves capacity in a collection for the given number of additional elements.

impl<const N: usize> From<[char; N]> for Protected<String>

fn from(x: [char; N]) -> Self

Converts to this type from the input type.

impl<const N: usize, U> From<GenericArray<u8, U>> for Protected<[u8; N]>

where U: ArrayLength<u8>, [u8; N]: From<GenericArray<u8, U>>,

fn from(x: GenericArray<u8, U>) -> Self

Converts to this type from the input type.

impl<T: Zeroize> From<T> for Protected<T>

fn from(x: T) -> Self

Converts to this type from the input type.

impl<const N: usize, T> Index<Protected<usize>> for [T; N]

Allows the use a of a Paranoid usize to index an array.

type Output = T

The returned type after indexing.

fn index(&self, index: Protected<usize>) -> &Self::Output

Performs the indexing (container[index]) operation.

impl<const N: usize, T> IndexMut<Protected<usize>> for [T; N]

fn index_mut(&mut self, index: Protected<usize>) -> &mut Self::Output

Performs the mutable indexing (container[index]) operation.

impl<T, K> ReplaceT<K> for Protected<T>

where Protected<K>: Controlled,

type Output = Protected<K>

impl<T> Zeroed for Protected<T>

where T: Zeroed,

fn zeroed() -> Self

impl<T> Zeroize for Protected<T>

where T: Zeroize,

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl<T> Acceptable<DefaultScope> for Protected<T>

impl<T> Copy for Protected<T>

where T: Copy,

impl<T: Zeroize> ZeroizeOnDrop for Protected<T>