#[repr(u8)]pub enum KeySecurity {
Weak = 0,
Medium = 1,
NotTracked = 2,
}
Expand description
This indicates the security of the key by keeping track of whether the secret key material was handled carefully. If the secret is exposed in any way, or leaked and the memory not zeroed, the key security drops to Weak.
This is a Best Effort tag. There are ways to leak the key and still have this tag claim the key is Medium security. So Medium really means it might not have leaked, whereas Weak means we know that it definately did leak.
We offer no Strong security via the PrivateKey structure. If we support hardware tokens in the future, it will probably be via a different structure.
Variants§
Weak = 0
This means that the key was exposed in a way such that this library cannot ensure it’s secrecy, usually either by being exported as a hex string, or by being imported from the same. Often in these cases it is displayed on the screen or left in the cut buffer or in freed memory that was not subsequently zeroed.
Medium = 1
This means that the key might not have been directly exposed. But it still might have as there are numerous ways you can leak it such as exporting it and then decrypting the exported key, using unsafe rust, transmuting it into a different type that doesn’t protect it, or using a privileged process to scan memory. Additionally, more advanced techniques can get at your key such as hardware attacks like spectre, rowhammer, and power analysis.
NotTracked = 2
Not tracked
Trait Implementations§
source§impl Clone for KeySecurity
impl Clone for KeySecurity
source§fn clone(&self) -> KeySecurity
fn clone(&self) -> KeySecurity
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for KeySecurity
impl Debug for KeySecurity
source§impl Hash for KeySecurity
impl Hash for KeySecurity
source§impl PartialEq for KeySecurity
impl PartialEq for KeySecurity
source§impl TryFrom<u8> for KeySecurity
impl TryFrom<u8> for KeySecurity
impl Copy for KeySecurity
impl Eq for KeySecurity
impl StructuralPartialEq for KeySecurity
Auto Trait Implementations§
impl Freeze for KeySecurity
impl RefUnwindSafe for KeySecurity
impl Send for KeySecurity
impl Sync for KeySecurity
impl Unpin for KeySecurity
impl UnwindSafe for KeySecurity
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
source§unsafe fn clone_to_uninit(&self, dst: *mut T)
unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)