Comments (5)
Thanks for reporting this.
For context: one of the goals of this crate (which could definitely be better documented) is preventing accidental secret leakage through mechanisms such as Debug
logging.
To enforce that concern, DebugSecret::debug_secret
presently returns a &static str
.
I think you're right that having DebugSecret
contingent on Vec<S> where S: DebugSecret
is not ideal. I think instead of asking the downstream type to opt into DebugSecret
, instead the type signature for DebugSecret::debug_secret
could be changed to use const fn
, which would uphold the same invariant of no data-dependent debug logging, but in a way that's more flexible than a &'static str
.
By leveraging const fn
, a DebugSecret
impl on Vec<S>
could incorporate the core::any::type_name of S
.
Is that what you'd ultimately like for debugging information? If so, it seems possible.
from crates.
That definitely sounds like a sensible solution that would solve our problem.
Is that what you'd ultimately like for debugging information? If so, it seems possible.
Actually, it's not really debugging that I'm interested in, but serialization. However, Serialize
and Deserialize
are tied to DebugSecret
, and thus my request :) I should've mentioned that previously.
We're trying to protect a secret while working with it in memory, but to also be able to serialize it at the right point. Don't know if that would be better achieved through other means, like exposing the contents of the secret and then serializing, but it feels more error-prone.
from crates.
You might take a look at the docs for SerializableSecret
:
https://docs.rs/secrecy/0.6.0/secrecy/trait.SerializableSecret.html
...which, upon further inspection, does not appear to be properly used in the bounds for the Serialize
impl on Secret
(!)
To prevent accidental exfiltration of secrets, SerializableSecret
was supposed to act as a marker trait, and one deliberately not impl'd for SecretVec
.
The alternatives are:
- Make your own newtype that wraps
Vec<_>
(of whatever type you're interested in) - Use serde's
serialize_with
as noted in theSerializableSecret
docs.
All that said, it seems this crate could use a little work and documentation improvements. Hopefully I'll have time to make a pass over it in the next few days to clear some of that up and fix the issues brought up here.
from crates.
Thanks for pointing that out! For some reason I was completely blind to the existence of SerializableSecret
in the crate...
I'll probably go down the route of using serialize_with
, seems more idiomatic.
from crates.
#463 should address the issues with the trait bounds: serde
serialization is no longer bounded by DebugSecret
.
from crates.
Related Issues (20)
- bip32: why can't private ExtendedKey instances convert to `ExtendedPublicKeys` with `TryFrom`? HOT 2
- secrecy: how should one use `SecretBytesMut`? HOT 2
- Is it possible to get derived address from a private key generated by bip32 crate?
- Cannot clone a `SecretVec<u8>` as `u8` is not `CloneableSecret` HOT 1
- secrecy: Using the serde feature in a no-std environment
- secrecy: Add an example to deserialize a SecretString
- RUSTSEC-2021-0073: Conversion from `prost_types::Timestamp` to `SystemTime` can cause an overflow and panic
- zeroize 1.4.0 manifest problems HOT 3
- error: failed to download `zeroize v1.4.1` ... consider adding `cargo-features = ["resolver"]` to the manifest HOT 3
- zeroize attribute accepted on struct fields, to no effect HOT 2
- `hkd32::Error` does not implement `std::error::Error` HOT 1
- impl Default for Zeroizing (possibly guarded by DefaultIsZeroes) HOT 2
- bip32: Build breakage, possibly due to conflicting generic-array dependencies. HOT 2
- `#[zeroize(drop)]` no-op in zeroize_derive v1.1 for `enum`s HOT 2
- Please publish a patch release of zeroize_derive 1.1 that fixes #876 but keeps the MSRV constant HOT 2
- RUSTSEC-2020-0071: Potential segfault in the time crate
- Implement `Zeroize` for `NonZeroX` HOT 1
- zeroize: implement `Zeroize` for `PhantomData` HOT 3
- MSRV in bip32 README is incorrect HOT 1
- secrecy: Zeroize an serde_json::Value HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from crates.