Expand description
A rust re-implementation of the Python library itsdangerous.
Essentially, this crate provides various helpers to pass data to untrusted environments and get it back safe and sound. Data is cryptographically signed to ensure that it has not been tampered with.
§Signers
Signer, a signer that signs/unsigns arbitrary values.TimestampSigner, a signer that signs/unsigns arbitrary values attaching a signed timestamp so you know when the value was signed.
§Basic Example
use std::time::Duration;
use itsdangerous::{default_builder, Signer};
// Create a signer using the default builder, and an arbitrary secret key.
let signer = default_builder("secret key").build();
// Sign an arbitrary string, and send it somewhere dangerous.
let signed = signer.sign("hello world!");
// Unsign the string and validate that it hasn't been tampered with.
let unsigned = signer.unsign(&signed).expect("Signature was not valid");
assert_eq!(unsigned, "hello world!");Modules§
Structs§
- Invalid
Separator - Error that occurs when trying to construct a Separator with a char is in the base64 url-safe alphabet.
- Multi
Serializer - The
MultiSerializerprovides the ability to sign values with a given serializer, but also try a series of fallback serializers. This is useful if you are rotating keys, and want to sign things using a new key, but allow an old serializer to unsign values. - Null
Encoding - Separator
- A separator character that can be used in
crate::SignerBuilder::with_separator. - Signer
Builder - Timestamp
Expired - URLSafe
Encoding - Unsigned
Timed Serializer Value - Represents a value + timestamp that has been successfully unsigned by
TimedSerializer::unsign. - Unsigned
Value - Represents a value + timestamp that has been successfully unsigned by
TimestampSigner::unsign. - Unverified
Timed Value - Unverified
Value - An
UnverifiedValueis just that. A deserialized value that has not been verified against against a signer. This is useful if you want to deserialize something without verifying the signature, because you might need data in the unsigned value in order to look up the signing key in a database somewhere.
Enums§
- BadSignature
- Errors that can occur while unsigning a “signed value”.
- BadTimed
Signature - Errors that can occur while unsigning a “signed value” using the timed signer.
- Payload
Error
Traits§
- AsSigner
- Returns a referenec to the underlying
Signer. - Encoding
- Into
Timestamp Signer - Serializer
- Signer
- A signer can sign and unsign bytes, validating the signature provided.
- Timed
Serializer - Timestamp
Signer - A TimestampSigner wraps an inner Signer, giving it the ability to dish out signatures with timestamps.
Functions§
- default_
builder - Constructs a default signer builder, using the
sha1digest,hmac, and thedjango concatkey derivation. - serializer_
with_ signer - timed_
serializer_ with_ signer