Struct fernet::Fernet [−][src]
Implementations
impl Fernet
[src]
Fernet
encapsulates encrypt and decrypt operations for a particular synchronous key.
pub fn new(key: &str) -> Option<Fernet>
[src]
Returns a new fernet instance with the provided key. The key should be
32-bytes, url-safe base64-encoded. Generating keys with Fernet::generate_key
is recommended. DO NOT USE A HUMAN READABLE PASSWORD AS A KEY. Returns
None
if the key is not 32-bytes base64 encoded.
pub fn generate_key() -> String
[src]
Generates a new, random, key. Can be safely passed to Fernet::new()
.
Store this somewhere safe!
pub fn encrypt(&self, data: &[u8]) -> String
[src]
Encrypts data into a token. Returns a value (which is base64-encoded) that can be
passed to Fernet::decrypt
for decryption and verification..
pub fn encrypt_at_time(&self, data: &[u8], current_time: u64) -> String
[src]
Encrypts data with the current_time. Returns a value (which is base64-encoded) that can be
passed to Fernet::decrypt
.
This function has the capacity to be used incorrectly or insecurely due to
to the “current_time” parameter. current_time must be the systems time::SystemTime::now()
with duraction_since(time::UNIX_EPOCH)
as seconds.
The motivation for a function like this is for your application to be able to test ttl expiry of tokens in your API. This allows you to pass in mock time data to assert correct behaviour of your application. Care should be taken to ensure you always pass in correct current_time values for deployments.
pub fn decrypt(&self, token: &str) -> Result<Vec<u8>, DecryptionError>
[src]
Decrypts a ciphertext. Returns either Ok(plaintext)
if decryption is
successful or Err(DecryptionError)
if there are any errors. Errors could
include incorrect key or tampering with the data.
pub fn decrypt_with_ttl(
&self,
token: &str,
ttl_secs: u64
) -> Result<Vec<u8>, DecryptionError>
[src]
&self,
token: &str,
ttl_secs: u64
) -> Result<Vec<u8>, DecryptionError>
Decrypts a ciphertext with a time-to-live. Returns either Ok(plaintext)
if decryption is successful or Err(DecryptionError)
if there are any errors.
Note if the token timestamp + ttl > current time, then this will also yield a
DecryptionError. The ttl is measured in seconds. This is a relative time, not
the absolute time of expiry. IE you would use 60 as a ttl_secs if you wanted
tokens to be considered invalid after that time.
pub fn decrypt_at_time(
&self,
token: &str,
ttl: Option<u64>,
current_time: u64
) -> Result<Vec<u8>, DecryptionError>
[src]
&self,
token: &str,
ttl: Option<u64>,
current_time: u64
) -> Result<Vec<u8>, DecryptionError>
Decrypt a ciphertext with a time-to-live, and the current time.
Returns either Ok(plaintext)
if decryption is
successful or Err(DecryptionError)
if there are any errors.
This function has the capacity to be used incorrectly or insecurely due to to the “current_time” parameter. current_time must be the systems time::SystemTime::now() with duraction_since(time::UNIX_EPOCH) as seconds.
The motivation for a function like this is for your application to be able to test ttl expiry of tokens in your API. This allows you to pass in mock time data to assert correct behaviour of your application. Care should be taken to ensure you always pass in correct current_time values for deployments.
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Fernet
impl Send for Fernet
impl Sync for Fernet
impl Unpin for Fernet
impl UnwindSafe for Fernet
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,