Struct rocket::config::SecretKey[][src]

pub struct SecretKey { /* fields omitted */ }
This is supported on crate feature secrets only.
Expand description

A cryptographically secure secret key.

A SecretKey is primarily used by private cookies. See the configuration guide for further details. It can be configured from 256-bit random material or a 512-bit master key, each as either a base64-encoded string or raw bytes.

use rocket::config::Config;

let figment = Config::figment()
    .merge(("secret_key", "hPRYyVRiMyxpw5sBB1XeCMN1kFsDCqKvBi2QJxBVHQk="));

let config = Config::from(figment);
assert!(!config.secret_key.is_zero());

When configured in the debug profile with the secrets feature enabled, a key set as 0 is automatically regenerated at launch time from the OS’s random source if available.

use rocket::config::Config;
use rocket::local::blocking::Client;

let figment = Config::figment()
    .merge(("secret_key", vec![0u8; 64]))
    .select("debug");

let rocket = rocket::custom(figment);
let client = Client::tracked(rocket).expect("okay in debug");
assert!(!client.rocket().config().secret_key.is_zero());

When running in any other profile with the secrets feature enabled, providing a key of 0 or not provided a key at all results in a failure at launch-time:

use rocket::config::Config;
use rocket::figment::Profile;
use rocket::local::blocking::Client;
use rocket::error::ErrorKind;

let profile = Profile::const_new("staging");
let figment = Config::figment()
    .merge(("secret_key", vec![0u8; 64]))
    .select(profile.clone());

let rocket = rocket::custom(figment);
let error = Client::tracked(rocket).expect_err("failure in non-debug");
assert!(matches!(error.kind(), ErrorKind::InsecureSecretKey(profile)));

Implementations

Creates a SecretKey from a 512-bit master key. For security, master must be cryptographically random.

Panics

Panics if master < 64 bytes.

Example

use rocket::config::SecretKey;

let key = SecretKey::from(&master);

Derives a SecretKey from 256 bits of cryptographically random material. For security, material must be cryptographically random.

Panics

Panics if material < 32 bytes.

Example

use rocket::config::SecretKey;

let key = SecretKey::derive_from(&material);

Attempts to generate a SecretKey from randomness retrieved from the OS. If randomness from the OS isn’t available, returns None.

Example

use rocket::config::SecretKey;

let key = SecretKey::generate();

Returns true if self is the 0-key.

Example

use rocket::config::SecretKey;

let master = vec![0u8; 64];
let key = SecretKey::from(&master);
assert!(key.is_zero());

Returns true if self was not automatically generated and is not zero.

Example

use rocket::config::SecretKey;

let master = vec![0u8; 64];
let key = SecretKey::generate().unwrap();
assert!(!key.is_provided());

let master = vec![0u8; 64];
let key = SecretKey::from(&master);
assert!(!key.is_provided());

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Deserialize this value from the given Serde deserializer. Read more

Formats the value using the given formatter. Read more

The associated error to be returned if derivation fails.

Derives an instance of Self from the incoming request metadata. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Converts self into T using Into<T>. Read more

Converts self into a target type. Read more

Causes self to use its Binary implementation when Debug-formatted.

Causes self to use its Display implementation when Debug-formatted. Read more

Causes self to use its LowerExp implementation when Debug-formatted. Read more

Causes self to use its LowerHex implementation when Debug-formatted. Read more

Causes self to use its Octal implementation when Debug-formatted.

Causes self to use its Pointer implementation when Debug-formatted. Read more

Causes self to use its UpperExp implementation when Debug-formatted. Read more

Causes self to use its UpperHex implementation when Debug-formatted. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Converts self into a collection.

Pipes by value. This is generally the method you want to use. Read more

Borrows self and passes that borrow into the pipe function. Read more

Mutably borrows self and passes that borrow into the pipe function. Read more

Borrows self, then passes self.borrow() into the pipe function. Read more

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more

Borrows self, then passes self.as_ref() into the pipe function.

Mutably borrows self, then passes self.as_mut() into the pipe function. Read more

Borrows self, then passes self.deref() into the pipe function.

Mutably borrows self, then passes self.deref_mut() into the pipe function. Read more

Pipes a value into a function that cannot ordinarily be called in suffix position. Read more

Pipes a trait borrow into a function that cannot normally be called in suffix position. Read more

Pipes a trait mutable borrow into a function that cannot normally be called in suffix position. Read more

Pipes a trait borrow into a function that cannot normally be called in suffix position. Read more

Pipes a trait mutable borrow into a function that cannot normally be called in suffix position. Read more

Pipes a dereference into a function that cannot normally be called in suffix position. Read more

Pipes a mutable dereference into a function that cannot normally be called in suffix position. Read more

Pipes a reference into a function that cannot ordinarily be called in suffix position. Read more

Pipes a mutable reference into a function that cannot ordinarily be called in suffix position. Read more

Should always be Self

Immutable access to a value. Read more

Mutable access to a value. Read more

Immutable access to the Borrow<B> of a value. Read more

Mutable access to the BorrowMut<B> of a value. Read more

Immutable access to the AsRef<R> view of a value. Read more

Mutable access to the AsMut<R> view of a value. Read more

Immutable access to the Deref::Target of a value. Read more

Mutable access to the Deref::Target of a value. Read more

Calls .tap() only in debug builds, and is erased in release builds.

Calls .tap_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_borrow() only in debug builds, and is erased in release builds. Read more

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_ref() only in debug builds, and is erased in release builds. Read more

Calls .tap_ref_mut() only in debug builds, and is erased in release builds. Read more

Calls .tap_deref() only in debug builds, and is erased in release builds. Read more

Calls .tap_deref_mut() only in debug builds, and is erased in release builds. Read more

Provides immutable access for inspection. Read more

Calls tap in debug builds, and does nothing in release builds.

Provides mutable access for modification. Read more

Calls tap_mut in debug builds, and does nothing in release builds.

Provides immutable access to the reference for inspection.

Calls tap_ref in debug builds, and does nothing in release builds.

Provides mutable access to the reference for modification.

Calls tap_ref_mut in debug builds, and does nothing in release builds.

Provides immutable access to the borrow for inspection. Read more

Calls tap_borrow in debug builds, and does nothing in release builds.

Provides mutable access to the borrow for modification.

Calls tap_borrow_mut in debug builds, and does nothing in release builds. Read more

Immutably dereferences self for inspection.

Calls tap_deref in debug builds, and does nothing in release builds.

Mutably dereferences self for modification.

Calls tap_deref_mut in debug builds, and does nothing in release builds. Read more

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

Converts the given value to a String. Read more

Attempts to convert self into T using TryInto<T>. Read more

Attempts to convert self into a target type. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.