module Crypto::Secret
Overview
Interface to hold sensitive information (often cryptographic keys)
Only for direct use by cryptographic library authors
For all other applications use a preexisting class that includes Crypto::Secret
Which class should I use?
Crypto::Secret::Key- Use with small (<= 4096 bytes) keysCrypto::Secret::Large- Use for decrypted data that may stress mlock limitsCrypto::Secret::Not- Only use when you're sure the data isn't secret. 0 overhead. No wiping.
Other shards may provide additional Secret types (sodium.cr)
EXPERIMENTAL
Extended Modules
Direct including types
Defined in:
crypto-secret/bidet.crcrypto-secret/large.cr
crypto-secret/lib.cr
crypto-secret/not.cr
crypto-secret/secret.cr
crypto-secret/stateful.cr
Instance Method Summary
-
#==(other : Secret) : Bool
Timing safe memory compare
-
#==(other : Bytes) : Bool
Timing safe memory compare
- #bytesize : Int32
-
#copy_from(data : Bytes) : Nil
Copies from data
- #dup
- #finalize
-
#hexstring : String
For debugging.
-
#inspect(io : IO) : Nil
Hide internal state to prevent leaking in to logs
-
#move_from(data : Bytes) : Nil
Copies then wipes data
-
#noaccess : self
Makes a region allocated inaccessible depending on implementation.
-
#random : self
Fills
Secretwith secure random data -
#readonly : self
Marks a region allocated using as read-only depending on implementation.
-
#readwrite : self
Marks a region allocated using as read & write depending on implementation.
- #reset
-
#wipe
Zeroes data
-
#wipe(&)
Secret is wiped after exiting the block
Macro Summary
Instance Method Detail
Makes a region allocated inaccessible depending on implementation. It cannot be read or written, but the data are preserved.
Marks a region allocated using as read-only depending on implementation.
Marks a region allocated using as read & write depending on implementation.