pub struct Key { /* private fields */ }
private
or signed
only.Expand description
A cryptographic master key for use with Signed
and/or Private
jars.
This structure encapsulates secure, cryptographic keys for use with both
PrivateJar
and SignedJar
. A
single instance of a Key
can be used for both a PrivateJar
and a
SignedJar
simultaneously with no notable security implications.
Implementations
sourceimpl Key
impl Key
sourcepub fn from(key: &[u8]) -> Key
pub fn from(key: &[u8]) -> Key
Creates a new Key
from a 512-bit cryptographically random string.
The supplied key must be at least 512-bits (64 bytes). For security, the master key must be cryptographically random.
Panics
Panics if key
is less than 64 bytes in length.
Example
use cookie::Key;
let key = { /* a cryptographically random key >= 64 bytes */ };
let key = Key::from(key);
sourcepub fn from_master(master_key: &[u8]) -> Self
pub fn from_master(master_key: &[u8]) -> Self
Derives new signing/encryption keys from a master key.
The master key must be at least 256-bits (32 bytes). For security, the master key must be cryptographically random. The keys are derived deterministically from the master key.
Panics
Panics if key
is less than 32 bytes in length.
Example
use cookie::Key;
let master_key = { /* a cryptographically random key >= 32 bytes */ };
let key = Key::from_master(master_key);
sourcepub fn generate() -> Key
pub fn generate() -> Key
Generates signing/encryption keys from a secure, random source. Keys are generated nondeterministically.
Panics
Panics if randomness cannot be retrieved from the operating system. See
Key::try_generate()
for a non-panicking version.
Example
use cookie::Key;
let key = Key::generate();
sourcepub fn try_generate() -> Option<Key>
pub fn try_generate() -> Option<Key>
Attempts to generate signing/encryption keys from a secure, random
source. Keys are generated nondeterministically. If randomness cannot be
retrieved from the underlying operating system, returns None
.
Example
use cookie::Key;
let key = Key::try_generate();