RAII wrapper for encryption keys with secure memory management. More...
#include <secure_key_storage.h>
Public Member Functions | |
| secure_key (size_t size) | |
| Construct with specified size. | |
| secure_key (std::vector< uint8_t > data) | |
| Construct with data. | |
| ~secure_key () | |
| Destructor - securely clears key from memory. | |
| secure_key (const secure_key &)=delete | |
| secure_key & | operator= (const secure_key &)=delete |
| secure_key (secure_key &&other) noexcept | |
| secure_key & | operator= (secure_key &&other) noexcept |
| const std::vector< uint8_t > & | data () const |
| Get const reference to key data. | |
| std::vector< uint8_t > & | mutable_data () |
| Get mutable reference to key data (use with caution) | |
| size_t | size () const |
| Get key size in bytes. | |
Private Member Functions | |
| void | secure_clear () |
| Securely clear key data from memory. | |
Private Attributes | |
| std::vector< uint8_t > | data_ |
Detailed Description
RAII wrapper for encryption keys with secure memory management.
Features:
- Automatic memory cleanup on destruction
- Move-only semantics (prevents accidental copies)
- Secure random generation with OpenSSL (if available)
Definition at line 40 of file secure_key_storage.h.
Constructor & Destructor Documentation
◆ secure_key() [1/4]
|
inlineexplicit |
Construct with specified size.
- Parameters
-
size Key size in bytes (32 for AES-256)
Definition at line 46 of file secure_key_storage.h.
◆ secure_key() [2/4]
|
inlineexplicit |
Construct with data.
- Parameters
-
data Key data
Definition at line 54 of file secure_key_storage.h.
◆ ~secure_key()
|
inline |
Destructor - securely clears key from memory.
Definition at line 61 of file secure_key_storage.h.
References secure_clear().
◆ secure_key() [3/4]
|
delete |
◆ secure_key() [4/4]
|
inlinenoexcept |
Definition at line 70 of file secure_key_storage.h.
Member Function Documentation
◆ data()
|
inline |
Get const reference to key data.
Definition at line 88 of file secure_key_storage.h.
References data_.
Referenced by kcenon::logger::security::audit_logger::calculate_hmac(), kcenon::logger::encrypted_writer::decrypt_entry(), and kcenon::logger::security::secure_key_storage::save_key().
◆ mutable_data()
|
inline |
Get mutable reference to key data (use with caution)
Definition at line 95 of file secure_key_storage.h.
References data_.
Referenced by kcenon::logger::security::secure_key_storage::generate_key(), and kcenon::logger::security::secure_key_storage::load_key().
◆ operator=() [1/2]
|
delete |
◆ operator=() [2/2]
|
inlinenoexcept |
Definition at line 76 of file secure_key_storage.h.
References data_, and secure_clear().
◆ secure_clear()
|
inlineprivate |
Securely clear key data from memory.
Definition at line 110 of file secure_key_storage.h.
References data_.
Referenced by operator=(), and ~secure_key().
◆ size()
|
inline |
Get key size in bytes.
Definition at line 102 of file secure_key_storage.h.
References data_.
Referenced by kcenon::logger::security::audit_logger::calculate_hmac(), kcenon::logger::encrypted_writer::encrypted_writer(), kcenon::logger::encrypted_writer::rotate_key(), and kcenon::logger::security::secure_key_storage::save_key().
Member Data Documentation
◆ data_
|
private |
Definition at line 128 of file secure_key_storage.h.
Referenced by data(), mutable_data(), operator=(), secure_clear(), and size().
The documentation for this class was generated from the following file:
- include/kcenon/logger/security/secure_key_storage.h
