search

iqlusioninc / crates

A collection of open source Rust crates from iqlusion
https://www.iqlusion.io
Apache License 2.0
450 stars 72 forks source link

secrecy: Flexible handle types? #1221

Open andrewwhitehead opened 2 weeks ago

andrewwhitehead commented 2 weeks ago

The ExposeSecret interface seems a little restricted by only being able to return references and not managed handles. I wonder how much a breaking change something this would be?

/// Expose a reference to an inner secret
pub trait ExposeSecret<S: ?Sized> {
    type Ref<'a>: Deref<Target=S> + 'a;

    /// Expose secret: this is the only method providing access to a secret.
    fn expose_secret(&self) -> Self::Ref<'_>;
}

/// Expose a mutable reference to an inner secret
pub trait ExposeSecretMut<S: ?Sized> {
    type RefMut<'a>: DerefMut<Target=S> + 'a;

    /// Expose secret: this is the only method providing access to a secret.
    fn expose_secret_mut(&mut self) -> Self::RefMut<'_>;
}
andrewwhitehead commented 1 week ago

Actually that definition doesn't work because the lifetime of S needs to be guaranteed. It would probably need to be something like this:

/// Expose a reference to an inner secret
pub trait ExposeSecret<'a, S: ?Sized> {
    type Ref: Deref<Target=S>;

    /// Expose secret: this is the only method providing access to a secret.
    fn expose_secret(&'a self) -> Self::Ref;
}

/// Expose a mutable reference to an inner secret
pub trait ExposeSecretMut<'a, S: ?Sized> {
    type RefMut: DerefMut<Target=S>;

    /// Expose secret: this is the only method providing access to a secret.
    fn expose_secret_mut(&'a mut self) -> Self::RefMut;
}

I'm also not sure why ExposeSecretMut doesn't require ExposeSecret, such as how DerefMut requires Deref.