Skip to main content

Crypto

Struct Crypto 

Source
pub struct Crypto {
    pub keys: Keys,
}
Expand description

Main cryptographic operations instance.

Holds the keys and provides methods for encryption, decryption, and metadata extraction.

§Example

use signed_crypto::{Crypto, Keys};

let keys = Keys::new(&[0u8; 32], &[0u8; 32]).unwrap();
let crypto = Crypto::new(keys);

Fields§

§keys: Keys

The encryption and integrity keys.

Implementations§

Source§

impl Crypto

Source

pub const IV_BASE: usize = 0

Offset of the initialization vector in a package.

Source

pub const IV_SIZE: usize = 16

Size of the initialization vector in bytes.

Source

pub const IV_TIME_OFFSET: usize = 0

Offset of the timestamp within the IV.

Source

pub const IV_TIME_SIZE: usize = 8

Size of the timestamp in bytes.

Source

pub const IV_SERVER_ID_OFFSET: usize = 8

Offset of the server ID within the IV.

Source

pub const IV_SERVER_ID_SIZE: usize = 8

Size of the server ID in bytes.

Source

pub const SIGNATURE_SIZE: usize = 4

Size of the HMAC signature in bytes.

Source

pub const PAYLOAD_BASE: usize

Offset where the payload begins.

Source

pub const OVERHEAD_SIZE: usize

Total overhead size (IV + signature) in bytes.

Source

pub fn new(keys: Keys) -> Self

Creates a new Crypto instance.

§Example
use signed_crypto::{Crypto, Keys};

let keys = Keys::new(&[0u8; 32], &[0u8; 32]).unwrap();
let crypto = Crypto::new(keys);
Source

pub fn decode<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
where T: AsRef<[u8]>,

Decodes a URL-safe Base64 encoded string.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = "SGVsbG8=";
let decoded = crypto.decode(encoded).unwrap();
Source

pub fn encode<T>(&self, data: T) -> String
where T: AsRef<[u8]>,

Encodes data as a URL-safe Base64 string.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let data = b"Hello";
let encoded = crypto.encode(data);
Source

pub fn decrypt(&self, cipher_data: &[u8]) -> Result<Vec<u8>, CryptoError>

Decrypts a package and verifies the HMAC signature.

§Errors

Returns CryptoError::InvalidSign if signature verification fails.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let decrypted = crypto.decrypt(&encrypted).unwrap();
Source

pub fn encrypt(&self, plain_data: &[u8]) -> Result<Vec<u8>, CryptoError>

Encrypts a package in-place.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
Source

pub fn package<T>( &self, payload: T, iv: Option<&[u8]>, ) -> Result<String, CryptoError>
where T: AsRef<[u8]>,

Packages a payload into a URL-safe Base64 encoded encrypted string.

§Arguments
  • payload - The data to encrypt
  • iv - Optional custom initialization vector; a random IV with the current timestamp is generated when None
§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();
Source

pub fn unpackage<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
where T: AsRef<[u8]>,

Unpackages and decrypts a URL-safe Base64 encoded encrypted string.

§Errors

Returns CryptoError::InvalidSign if signature verification fails.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();
let payload = crypto.unpackage(&encoded).unwrap();
assert_eq!(payload, b"Hello, world!");
Source

pub fn package_to<T, W>( &self, payload: T, iv: Option<&[u8]>, out: &mut W, ) -> Result<(), CryptoError>
where T: AsRef<[u8]>, W: Write,

Packages a payload and writes the URL-safe Base64 encoded encrypted result into the provided writer.

§Arguments
  • payload - The data to encrypt
  • iv - Optional custom initialization vector; a random IV with the current timestamp is generated when None
  • out - Any writer that receives the Base64-encoded encrypted package
§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut buf = Vec::new();
crypto.package_to(b"Hello, world!", None, &mut buf).unwrap();
Source

pub fn unpackage_to<T, W>( &self, data: T, out: &mut W, ) -> Result<(), CryptoError>
where T: AsRef<[u8]>, W: Write,

Unpackages and decrypts a URL-safe Base64 encoded string, writing the decrypted payload into the provided writer.

§Errors

Returns CryptoError::InvalidSign if signature verification fails.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();
let mut buf = Vec::new();
crypto.unpackage_to(&encoded, &mut buf).unwrap();
assert_eq!(buf, b"Hello, world!");
Source

pub fn create_init_vector( &self, timestamp: OffsetDateTime, server_id: i64, ) -> Vec<u8>

Creates a custom initialization vector.

§Arguments
  • timestamp - The timestamp to embed
  • server_id - The server ID to embed
§Example
use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let iv = crypto.create_init_vector(OffsetDateTime::now_utc(), 12345);
Source

pub fn timestamp(&self, data: &[u8]) -> Option<OffsetDateTime>

Extracts the timestamp from a package’s initialization vector.

Returns None if the data is too short.

§Example
use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let ts = crypto.timestamp(&encrypted).unwrap();
Source

pub fn server_id(&self, data: &[u8]) -> Option<i64>

Extracts the server ID from a package’s initialization vector.

Returns None if the data is too short.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let server_id = crypto.server_id(&encrypted).unwrap();
Source

pub fn payload<'a>(&self, data: &'a [u8]) -> Option<&'a [u8]>

Extracts the payload from a package without decryption.

Returns None if the data is too short.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let payload = crypto.payload(&pkg).unwrap();
assert_eq!(payload, b"Hello");
Source

pub fn init_plain_data( &self, payload_size: usize, iv: Option<&[u8]>, ) -> Result<Vec<u8>, CryptoError>

Initializes a plain data package buffer.

If iv is None, generates a random IV with current timestamp.

§Arguments
  • payload_size - Size of the payload in bytes
  • iv - Optional custom initialization vector
§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let pkg = crypto.init_plain_data(10, None).unwrap();
Source

pub fn set_payload( &self, plain_data: &mut [u8], payload: &[u8], ) -> Result<(), CryptoError>

Sets the payload in a plain data package buffer.

§Errors

Returns CryptoError::PayloadSizeMismatch if the payload size does not match the expected size.

§Example
use signed_crypto::{Crypto, Keys};

let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
where ST: ?Sized, DT: ?Sized,

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Read<Exclusive, BecauseExclusive> for T
where T: ?Sized,

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V