[][src]Struct sequoia_openpgp::crypto::mem::Encrypted

pub struct Encrypted { /* fields omitted */ }

Encrypted memory.

This type encrypts sensitive data, such as secret keys, in memory while they are unused, and decrypts them on demand. This protects against cross-protection-boundary readout via microarchitectural flaws like Spectre or Meltdown, via attacks on physical layout like Rowbleed, and even via coldboot attacks.

The key insight is that these kinds of attacks are imperfect, i.e. the recovered data contains bitflips, or the attack only provides a probability for any given bit. Applied to cryptographic keys, these kind of imperfect attacks are enough to recover the actual key.

This implementation on the other hand, derives a sealing key from a large area of memory, the "pre-key", using a key derivation function. Now, any single bitflip in the readout of the pre-key will avalanche through all the bits in the sealing key, rendering it unusable with no indication of where the error occurred.

This kind of protection was pioneered by OpenSSH. The commit adding it can be found here.


use sequoia_openpgp::crypto::mem::Encrypted;

let e = Encrypted::new(vec![0, 1, 2].into());
e.map(|p| {
    // e is temporarily decrypted and made available to the closure.
    assert_eq!(p.as_ref(), &[0, 1, 2]);
    // p is cleared once the function returns.


impl Encrypted[src]

pub fn new(p: Protected) -> Self[src]

Encrypts the given chunk of memory.

pub fn map<F, T>(&self, fun: F) -> T where
    F: FnMut(&Protected) -> T, 

Maps the given function over the temporarily decrypted memory.

Trait Implementations

impl Eq for Encrypted[src]

impl PartialEq<Encrypted> for Encrypted[src]

fn ne(&self, other: &Rhs) -> bool

This method tests for !=.

impl Clone for Encrypted[src]

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Hash for Encrypted[src]

fn hash_slice<H>(data: &[Self], state: &mut H) where
    H: Hasher

Feeds a slice of this type into the given [Hasher]. Read more

impl Debug for Encrypted[src]

Auto Trait Implementations

impl Send for Encrypted

impl Sync for Encrypted

Blanket Implementations

impl<T> From for T[src]

impl<T, U> Into for T where
    U: From<T>, 

impl<T> ToOwned for T where
    T: Clone

type Owned = T

impl<T, U> TryFrom for T where
    U: Into<T>, 

type Error = Infallible

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized

impl<T> BorrowMut for T where
    T: ?Sized

impl<T> Any for T where
    T: 'static + ?Sized

impl<T, U> TryInto for T where
    U: TryFrom<T>, 

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.