1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
use serde::{Deserialize, Serialize};
use std::fmt::{Debug, Formatter};
use zeroize::ZeroizeOnDrop;
/// Wrapper around a [`String`] that hold sensitive/secret data. All the bytes
/// are zeroized (zeroed out) whenever the value is dropped.
///
/// This type should be used anytime you need a `String` that holds
/// sensitive or secret information.
///
/// Note: We purposely restrict the API to minimize accidental leaking and
/// copying of data. Think carefully before adding new methods!
#[derive(Default, Clone, Deserialize, Eq, PartialEq, Serialize, ZeroizeOnDrop)]
pub struct SecureString {
string: String,
}
impl Debug for SecureString {
fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
f.debug_struct("SecureString")
.field("string", &"REDACTED")
.finish()
}
}
impl SecureString {
/// Useful function for converting our test KMS_ARN into a SecureString. This should only be used
/// in non-production code! As of the writing of this doc-string, there is no reason to use this
/// in prod code.
pub fn from_str_slice(string: &str) -> SecureString {
SecureString {
string: string.to_string(),
}
}
/// Convert an existing `string` to a `SecureString` by taking ownership of
/// its data; this ensures no copies are made.
pub fn from_string(string: String) -> SecureString {
SecureString { string }
}
pub fn is_empty(&self) -> bool {
self.string.is_empty()
}
pub fn len(&self) -> usize {
self.string.len()
}
}
impl AsRef<str> for SecureString {
/// Access underlying bytes of this secure string.
///
/// Warning: Think very carefully before cloning the underlying `&str`, as there is
/// no guarantee they are getting zeroized once you clone them like this.
fn as_ref(&self) -> &str {
&self.string
}
}