Struct Crypto

Source

pub struct Crypto {
    pub keys: Keys,
}

Expand description

Main cryptographic operations instance.

Holds the keys and provides methods for encryption, decryption, and metadata extraction.

§Example

use signed_crypto::{Crypto, Keys};

let keys = Keys::new(&[0u8; 32], &[0u8; 32])?;
let crypto = Crypto::new(keys);

Fields§

§keys: Keys

The encryption and integrity keys.

Implementations§

Source §

impl Crypto

Source

pub const IV_BASE: usize = 0

Offset of the initialization vector in a package.

Source

pub const IV_SIZE: usize = 16

Size of the initialization vector in bytes.

Source

pub const IV_TIME_OFFSET: usize = 0

Offset of the timestamp within the IV.

Source

pub const IV_TIME_SIZE: usize = 8

Size of the timestamp in bytes.

Source

pub const IV_SERVER_ID_OFFSET: usize = 8

Offset of the server ID within the IV.

Source

pub const IV_SERVER_ID_SIZE: usize = 8

Size of the server ID in bytes.

Source

pub const SIGNATURE_SIZE: usize = 4

Size of the HMAC signature in bytes.

Source

pub const PAYLOAD_BASE: usize

Offset where the payload begins.

Source

pub const OVERHEAD_SIZE: usize

Total overhead size (IV + signature) in bytes.

Source

pub fn new(keys: Keys) -> Self

Creates a new Crypto instance.

§Example

use signed_crypto::{Crypto, Keys};

let keys = Keys::new(&[0u8; 32], &[0u8; 32])?;
let crypto = Crypto::new(keys);

Source

pub fn decode<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
where T: AsRef<[u8]>,

Decodes a URL-safe Base64 encoded string.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let encoded = "SGVsbG8=";
let decoded = crypto.decode(encoded)?;

Source

pub fn encode<T>(&self, data: T) -> String
where T: AsRef<[u8]>,

Encodes data as a URL-safe Base64 string.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let data = b"Hello";
let encoded = crypto.encode(data);

Source

pub fn decrypt(&self, cipher_data: &[u8]) -> Result<Vec<u8>, CryptoError>

Decrypts a package and verifies the HMAC signature.

§Errors

Returns CryptoError::InvalidSign if signature verification fails.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;
let encrypted = crypto.encrypt(&pkg)?;
let decrypted = crypto.decrypt(&encrypted)?;

Source

pub fn encrypt(&self, plain_data: &[u8]) -> Result<Vec<u8>, CryptoError>

Encrypts a package in-place.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;
let encrypted = crypto.encrypt(&pkg)?;

Source

pub fn create_init_vector( &self, timestamp: OffsetDateTime, server_id: i64, ) -> Vec<u8> ⓘ

Creates a custom initialization vector.

§Arguments

timestamp - The timestamp to embed
server_id - The server ID to embed

§Example

use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let iv = crypto.create_init_vector(OffsetDateTime::now_utc(), 12345);

Source

pub fn timestamp(&self, data: &[u8]) -> Option<OffsetDateTime>

Extracts the timestamp from a package’s initialization vector.

Returns None if the data is too short.

§Example

use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;
let encrypted = crypto.encrypt(&pkg)?;
let ts = crypto.timestamp(&encrypted).unwrap();

Source

pub fn server_id(&self, data: &[u8]) -> Option<i64>

Extracts the server ID from a package’s initialization vector.

Returns None if the data is too short.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;
let encrypted = crypto.encrypt(&pkg)?;
let server_id = crypto.server_id(&encrypted).unwrap();

Source

pub fn payload<'a>(&self, data: &'a [u8]) -> Option<&'a [u8]>

Extracts the payload from a package without decryption.

Returns None if the data is too short.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;
let payload = crypto.payload(&pkg).unwrap();
assert_eq!(payload, b"Hello");

Source

pub fn init_plain_data( &self, payload_size: usize, iv: Option<&[u8]>, ) -> Result<Vec<u8>, CryptoError>

Initializes a plain data package buffer.

If iv is None, generates a random IV with current timestamp.

§Arguments

payload_size - Size of the payload in bytes
iv - Optional custom initialization vector

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let pkg = crypto.init_plain_data(10, None)?;

Source

pub fn set_payload( &self, plain_data: &mut [u8], payload: &[u8], ) -> Result<(), CryptoError>

Sets the payload in a plain data package buffer.

§Errors

Returns CryptoError::PayloadSizeMismatch if the payload size does not match the expected size.

§Example

use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32])?);
let mut pkg = crypto.init_plain_data(5, None)?;
crypto.set_payload(&mut pkg, b"Hello")?;