Crate itsdangerous

source · []
Expand description

A rust re-implementation of the Python library itsdangerous.

Essentially, this crate provides various helpers to pass data to untrusted environments and get it back safe and sound. Data is cryptographically signed to ensure that it has not been tampered with.

Signers

  • Signer, a signer that signs/unsigns arbitrary values.
  • TimestampSigner, a signer that signs/unsigns arbitrary values attaching a signed timestamp so you know when the value was signed.

Basic Example

use std::time::Duration;
use itsdangerous::{default_builder, Signer};

// Create a signer using the default builder, and an arbitrary secret key.
let signer = default_builder("secret key").build();

// Sign an arbitrary string, and send it somewhere dangerous.
let signed = signer.sign("hello world!");

// Unsign the string and validate that it hasn't been tampered with.
let unsigned = signer.unsign(&signed).expect("Signature was not valid");
assert_eq!(unsigned, "hello world!");

Modules

algorithm
key_derivation

Structs

InvalidSeparator

Error that occurs when trying to construct a Separator with a char is in the base64 url-safe alphabet.

MultiSerializer

The MultiSerializer provides the ability to sign values with a given serializer, but also try a series of fallback serializers. This is useful if you are rotating keys, and want to sign things using a new key, but allow an old serializer to unsign values.

NullEncoding
Separator

A separator character that can be used in crate::SignerBuilder::with_separator.

SignerBuilder
TimestampExpired
URLSafeEncoding
UnsignedTimedSerializerValue

Represents a value + timestamp that has been successfully unsigned by TimedSerializer::unsign.

UnsignedValue

Represents a value + timestamp that has been successfully unsigned by TimestampSigner::unsign.

UnverifiedTimedValue
UnverifiedValue

An UnverifiedValue is just that. A deserialized value that has not been verified against against a signer. This is useful if you want to deserialize something without verifying the signature, because you might need data in the unsigned value in order to look up the signing key in a database somewhere.

Enums

BadSignature

Errors that can occur while unsigning a “signed value”.

BadTimedSignature

Errors that can occur while unsigning a “signed value” using the timed signer.

PayloadError

Traits

AsSigner

Returns a referenec to the underlying Signer.

Encoding
IntoTimestampSigner
Serializer
Signer

A signer can sign and unsign bytes, validating the signature provided.

TimedSerializer
TimestampSigner

A TimestampSigner wraps an inner Signer, giving it the ability to dish out signatures with timestamps.

Functions

default_builder

Constructs a default signer builder, using the sha1 digest, hmac, and the django concat key derivation.

serializer_with_signer
timed_serializer_with_signer