Crate edcert [−] [src]
This crate is a simple digital signature crate and can be used to verify data integrity by using public-key cryptography. It uses the "super-fast, super-secure" elliptic curve and digital signature algorithm Ed25519.
It provides the struct Certificate
, which holds the public key, metadata and a signature.
The basics
A Certificate
can be signed by a master key, or another Certificate
. The top-most Certificate
must be signed with the master key, or it will not be valid. For validation, the master public
key will be given. This way, a Certificate
can only be valid, if it has been signed with a
trust chain, which top-most Certificate
has been signed with the right private key.
See also here.
Other crates
To use the edcert ecosystem, there are a few other crates to make your life simpler:
- edcert-letter, which provides a container for signed data, Letter<T>.
- edcert-restrevoke, which provides a REST-based revokation system.
- edcert-compressor, which provides methods to
(de)compress
Certificate
s using JSON/LZMA and manages loading/saving certificates for you. - edcert-tools, which provides a binary for generation, signing, validation, etc using edcert (and all of the above).
Modules
certificate |
This module contains the most important struct of this crate: The Certificate It holds a public key, meta data and a signature. It can also optionally hold a private key and sign data. |
ed25519 |
This module contains a wrapper around the libsodium implementation of ed25519. It reduces the size of signatures to 64 byte. |
fingerprint |
This module contains the trait |
meta |
This module contains the struct which holds the meta data of a Certificate. |
revoker |
This module provides a revoker, which can be used to check if a certificate has been revoked. |
root_validator |
This module provides a validator, which analyzes the trust chain to validate a Certificate. |
signature |
This module contains the signature struct, a container for the Ed25519 signature and a reference to the signer. |
trust_validator |
This module provides a validator, which analyzes the trust chain to validate a Certificate but instead of a single master signature, it uses a set of trusted certificates for validation. |
validator |
This module contains the |
Functions
copy_bytes |
This is a simple copy function. This should be equivalent to memcpy. |