#secret-management #secret #secure #memory #wipe #memory-safe

no-std secrecy

Wrapper types and traits for secret management which help ensure they aren't accidentally copied, logged, or otherwise exposed (as much as possible), and also ensure secrets are securely wiped from memory when dropped

20 releases (10 breaking)

0.10.3 Oct 9, 2024
0.9.0-pre.0 Jul 30, 2024
0.8.0 Jul 18, 2021
0.7.0 Jul 8, 2020
0.0.0 Oct 4, 2018

#20 in Cryptography

Download history 450191/week @ 2024-09-26 463061/week @ 2024-10-03 465108/week @ 2024-10-10 491421/week @ 2024-10-17 493982/week @ 2024-10-24 474467/week @ 2024-10-31 513542/week @ 2024-11-07 636943/week @ 2024-11-14 504382/week @ 2024-11-21 449301/week @ 2024-11-28 555361/week @ 2024-12-05 589652/week @ 2024-12-12 291952/week @ 2024-12-19 187502/week @ 2024-12-26 478748/week @ 2025-01-02 664934/week @ 2025-01-09

1,739,973 downloads per month
Used in 1,875 crates (255 directly)

Apache-2.0 OR MIT

16KB
204 lines

secrecy.rs 🤐 iqlusion

Crate Docs Apache 2.0/MIT Licensed MSRV Safety Dance Build Status

A simple secret-keeping library for Rust.

Documentation

About

secrecy is a simple, safe (i.e. forbid(unsafe_code) library which provides wrapper types and traits for secret management in Rust, namely the Secret<T> type for wrapping another value in a "secret cell" which attempts to limit exposure (only available through a special ExposeSecret trait).

This helps to ensure secrets aren't accidentally copied, logged, or otherwise exposed (as much as possible), and also ensures secrets are securely wiped from memory when dropped.

Minimum Supported Rust Version

Rust 1.60 or newer.

In the future, we reserve the right to change MSRV (i.e. MSRV is out-of-scope for this crate's SemVer guarantees), however when we do it will be accompanied by a minor version bump.

serde support

Optional serde support for parsing owned secret values is available, gated under the serde cargo feature.

It uses the Deserialize and DeserializeOwned traits to implement deserializing secret types which also impl these traits.

This doesn't guarantee serde (or code providing input to serde) won't accidentally make additional copies of the secret, but does the best it can with what it is given and tries to minimize risk of exposure as much as possible.

License

Copyright © 2019-2024 iqlusion

secrecy is distributed under the terms of either the MIT license or the Apache License (Version 2.0), at your option.

See LICENSE (Apache License, Version 2.0) file in the iqlusioninc/crates toplevel directory of this repository or LICENSE-MIT for details.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~190KB