Skip to main content

Crate signed_crypto

Crate signed_crypto 

Source
Expand description

§signed-crypto

A Rust library for encrypted payloads with built-in integrity verification.

§Package Format

Encrypted payloads follow this structure:

initVector:16 || E(payload:?) || I(signature:4)

where:

  • initVector = timestamp:8 || serverId:8
  • E(payload) = AES-256/CTR64 encryption with encryption key
  • I(signature) = First 4 bytes of HMAC-SHA256(integrityKey, payload || initVector)

§Example

use signed_crypto::{Crypto, Keys};

// WARNING: Never use all-zero keys in production!
// Generate secure random keys using a cryptographic RNG.
let keys = Keys::new(&[0u8; 32], &[0u8; 32]).unwrap();
let crypto = Crypto::new(keys);

// Encrypt → URL-safe Base64 string
let encoded = crypto.package(b"Hello, world!", None).unwrap();

// Decrypt → original payload
let payload = crypto.unpackage(&encoded).unwrap();
assert_eq!(payload, b"Hello, world!");

Structs§

Crypto
Main cryptographic operations instance.
Keys
Holds the encryption and integrity keys.

Enums§

CryptoError
Errors that can occur during cryptographic operations.