1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
//! Configuration for a [`Processor`].
//!
//! Check out the [`ProcessorConfig`] struct for more information.
//!
//! [`Processor`]: crate::Processor
//! [`ProcessorConfig`]: crate::ProcessorConfig
pub use inner::{CryptoAlgorithm, CryptoRule, FallbackConfig};
pub(crate) mod inner {
use crate::Key;
/// `Config` specifies how the server should handle incoming and outgoing cookies
/// with respect to security and encoding.
///
/// In particular, it specifies whether cookie values and names should be
/// percent-encoded, and whether cookie values should be encrypted or signed.
///
/// Check out the documentation for the fields of this struct for more information.
///
/// # [`Processor`]
///
/// To action the rules specified in this struct, you must convert it into a [`Processor`]:
///
/// ```rust
/// use biscotti::{Processor, ProcessorConfig, Key};
/// use biscotti::config::{CryptoRule, CryptoAlgorithm};
///
/// let mut config = ProcessorConfig::default();
/// config.crypto_rules.push(CryptoRule {
/// cookie_names: vec!["session".to_string()],
/// algorithm: CryptoAlgorithm::Encryption,
/// // You'll use a key loaded from *somewhere* in production—e.g.
/// // from a file, environment variable, or a secret management service.
/// key: Key::generate(),
/// fallbacks: vec![],
/// });
/// let processor: Processor = config.into();
/// ```
///
/// [`Processor`]: crate::Processor
#[derive(Debug, Clone)]
#[non_exhaustive]
#[cfg_attr(feature = "serde", derive(serde::Deserialize, serde::Serialize))]
pub struct ProcessorConfig {
/// If `true`, all cookie values and names are automatically:
///
/// - percent-decoded, when parsing request cookies out of the `Cookie` header.
/// - percent-encoded, when building the `Set-Cookie` header from response cookies.
///
/// If `false`, cookie values and names are used as is.
///
/// By default, this field is `true`.
#[cfg_attr(feature = "serde", serde(default = "percent_encode_default"))]
pub percent_encode: bool,
/// By default:
///
/// - Values for response cookies are sent to the client unencrypted and unsigned
/// - Values for request cookies are assumed to be unencrypted and unsigned
///
/// You can opt into higher cryptographic guarantees for specific cookies using
/// one or more [`CryptoRule`]s.
#[cfg_attr(feature = "serde", serde(default = "crypto_rules_default"))]
pub crypto_rules: Vec<CryptoRule>,
}
fn percent_encode_default() -> bool {
true
}
fn crypto_rules_default() -> Vec<CryptoRule> {
vec![]
}
/// `CryptoRule` specifies whether certain cookies should be encrypted or signed.
#[derive(Debug, Clone)]
#[cfg_attr(feature = "serde", derive(serde::Deserialize, serde::Serialize))]
pub struct CryptoRule {
/// The names of the cookies to which this rule applies.
pub cookie_names: Vec<String>,
/// How the cookies should be secured: either encryption or signing.
pub algorithm: CryptoAlgorithm,
/// The key to use for encryption or signing.
///
/// # Requirements
///
/// The key must be at least 64 bytes long and should be generated using a
/// cryptographically secure random number generator.
pub key: Key,
/// Fallbacks are used to decrypt/verify request cookies that failed to
/// be decrypted/verified using the primary key.
/// Fallbacks are never used to encrypt/sign response cookies.
///
/// # Key rotation
///
/// Fallbacks exist to enable **key and algorithm rotation**.
/// From time to time, you may want to change the key used to sign or encrypt cookies, or update
/// the algorithm.
/// If you do this naively
/// (e.g. change [`CryptoRule::key`] or [`CryptoRule::algorithm`] to a new value),
/// the server will immediately start rejecting all existing cookies
/// because they were signed/encrypted with the old key/algorithm.
///
/// With fallbacks, you can start using the new configuration _without_ invalidating all existing
/// cookies.
/// The process for key rotation goes as follows:
///
/// 1. Generate a new key
/// 2. Set `key` to the new key,
/// and add the old key to the `fallbacks` vector, using the same algorithm
/// 3. Wait for the expiration of all cookies signed/encrypted with the old key
/// 4. Remove the old key from the `fallbacks` vector
#[cfg_attr(feature = "serde", serde(default))]
pub fallbacks: Vec<FallbackConfig>,
}
#[derive(Debug, Clone)]
#[cfg_attr(feature = "serde", derive(serde::Deserialize, serde::Serialize))]
/// A fallback configuration for either decrypting or verifying a cookie.
///
/// Check out [`CryptoRule::fallbacks`] for more information.
pub struct FallbackConfig {
/// The key to use for encryption or signing.
pub key: Key,
/// How the cookies should be secured.
pub algorithm: CryptoAlgorithm,
}
/// The two cryptographic processes that can be applied to a cookie value.
#[derive(Debug, Clone, Copy)]
#[cfg_attr(feature = "serde", derive(serde::Deserialize, serde::Serialize))]
#[cfg_attr(feature = "serde", serde(rename_all = "snake_case"))]
#[non_exhaustive]
pub enum CryptoAlgorithm {
/// The cookie value will be encrypted using [AEAD-AES-256-GCM-SIV](https://www.rfc-editor.org/rfc/rfc8452.html).
///
/// Encryption guarantees **confidentiality** of the value as well as its
/// **integrity**.
Encryption,
/// The cookie will be signed using [HMAC-SHA256](https://www.rfc-editor.org/rfc/rfc2104.html).
///
/// Signing guarantees **integrity** of the value.
Signing,
}
impl Default for ProcessorConfig {
fn default() -> Self {
ProcessorConfig {
percent_encode: percent_encode_default(),
crypto_rules: crypto_rules_default(),
}
}
}
}