This crate is a simple digital signature crate and can be used to verify data integrity by using public-key cryptography. It uses the "super-fast, super-secure" elliptic curve and digital signature algorithm Ed25519.
It provides the struct
Certificate, which holds the public key, metadata and a signature.
Certificate can be signed by a master key, or another
Certificate. The top-most
must be signed with the master key, or it will not be valid. For validation, the master public
key will be given. This way, a
Certificate can only be valid, if it has been signed with a
trust chain, which top-most
Certificate has been signed with the right private key.
See also here.
To use the edcert ecosystem, there are a few other crates to make your life simpler:
- edcert-letter, which provides a container for signed data, Letter<T>.
- edcert-restrevoke, which provides a REST-based revokation system.
- edcert-compressor, which provides methods to
Certificates using JSON/LZMA and manages loading/saving certificates for you.
- edcert-tools, which provides a binary for generation, signing, validation, etc using edcert (and all of the above).
This module contains the most important struct of this crate: The Certificate It holds a public key, meta data and a signature. It can also optionally hold a private key and sign data.
This module contains a wrapper around the libsodium implementation of ed25519. It reduces the size of signatures to 64 byte.
This module contains the trait
This module contains the struct which holds the meta data of a Certificate.
This module provides a revoker, which can be used to check if a certificate has been revoked.
This module provides a validator, which analyzes the trust chain to validate a Certificate.
This module contains the signature struct, a container for the Ed25519 signature and a reference to the signer.
This module provides a validator, which analyzes the trust chain to validate a Certificate but instead of a single master signature, it uses a set of trusted certificates for validation.
This module contains the
This is a simple copy function. This should be equivalent to memcpy.