Crate itsdangerous
source · [−]Expand description
A rust re-implementation of the Python library itsdangerous
.
Essentially, this crate provides various helpers to pass data to untrusted environments and get it back safe and sound. Data is cryptographically signed to ensure that it has not been tampered with.
Signers
Signer
, a signer that signs/unsigns arbitrary values.TimestampSigner
, a signer that signs/unsigns arbitrary values attaching a signed timestamp so you know when the value was signed.
Basic Example
use std::time::Duration;
use itsdangerous::{default_builder, Signer};
// Create a signer using the default builder, and an arbitrary secret key.
let signer = default_builder("secret key").build();
// Sign an arbitrary string, and send it somewhere dangerous.
let signed = signer.sign("hello world!");
// Unsign the string and validate that it hasn't been tampered with.
let unsigned = signer.unsign(&signed).expect("Signature was not valid");
assert_eq!(unsigned, "hello world!");
Modules
Structs
Error that occurs when trying to construct a Separator with a char is in the base64 url-safe alphabet.
The MultiSerializer
provides the ability to sign values with a
given serializer, but also try a series of fallback serializers.
This is useful if you are rotating keys, and want to sign things
using a new key, but allow an old serializer to unsign values.
A separator character that can be used in crate::SignerBuilder::with_separator
.
Represents a value + timestamp that has been successfully unsigned by TimedSerializer::unsign
.
Represents a value + timestamp that has been successfully unsigned by TimestampSigner::unsign
.
An UnverifiedValue
is just that. A deserialized value that has not been verified against
against a signer. This is useful if you want to deserialize something without verifying
the signature, because you might need data in the unsigned value in order to look up the
signing key in a database somewhere.
Enums
Errors that can occur while unsigning a “signed value”.
Errors that can occur while unsigning a “signed value” using the timed signer.
Traits
A signer can sign and unsign bytes, validating the signature provided.
A TimestampSigner wraps an inner Signer, giving it the ability to dish out signatures with timestamps.
Functions
Constructs a default signer builder, using the sha1
digest, hmac
,
and the django concat
key derivation.