Module dryoc::auth [−][src]
Secret-key message authentication
Auth
implements libsodium’s secret-key authentication, based on
HMAC-SHA512-256.
Use Auth
to authenticate messages when:
- you want to authenticate arbitrary messages
- you have a pre-shared key between both parties
- (optionally) you want to share the authentication tag publicly
Rustaceous API example, one-time interface
use dryoc::auth::*; use dryoc::types::*; // Generate a random key let key = Key::gen(); // Compute the mac in one shot. Here we clone the key for the purpose of this // example, but normally you would not do this as you never want to re-use a // key. let mac = Auth::compute_to_vec(key.clone(), b"Data to authenticate"); // Verify the mac Auth::compute_and_verify(&mac, key, b"Data to authenticate").expect("verify failed");
Rustaceous API example, incremental interface
use dryoc::auth::*; use dryoc::types::*; // Generate a random key let key = Key::gen(); // Initialize the MAC, clone the key (don't do this) let mut mac = Auth::new(key.clone()); mac.update(b"Multi-part"); mac.update(b"data"); let mac = mac.finalize_to_vec(); // Verify it's correct, clone the key (don't do this) let mut verify_mac = Auth::new(key.clone()); verify_mac.update(b"Multi-part"); verify_mac.update(b"data"); verify_mac.verify(&mac).expect("verify failed"); // Check that invalid data fails, consume the key let mut verify_mac = Auth::new(key); verify_mac.update(b"Multi-part"); verify_mac.update(b"bad data"); verify_mac .verify(&mac) .expect_err("verify should have failed");
Modules
protected | nightly Protected memory type aliases for |
Structs
Auth | secret-key authentication implementation based on Poly1305, compatible with
libsodium’s |
Type Definitions
Key | Stack-allocated key for secret-key authentication. |
Mac | Stack-allocated message authentication code for secret-key authentication. |