pub struct Crypto {
pub keys: Keys,
}Expand description
Main cryptographic operations instance.
Holds the keys and provides methods for encryption, decryption, and metadata extraction.
§Example
use signed_crypto::{Crypto, Keys};
let keys = Keys::new(&[0u8; 32], &[0u8; 32]).unwrap();
let crypto = Crypto::new(keys);Fields§
§keys: KeysThe encryption and integrity keys.
Implementations§
Source§impl Crypto
impl Crypto
Sourcepub const IV_TIME_OFFSET: usize = 0
pub const IV_TIME_OFFSET: usize = 0
Offset of the timestamp within the IV.
Sourcepub const IV_TIME_SIZE: usize = 8
pub const IV_TIME_SIZE: usize = 8
Size of the timestamp in bytes.
Sourcepub const IV_SERVER_ID_OFFSET: usize = 8
pub const IV_SERVER_ID_OFFSET: usize = 8
Offset of the server ID within the IV.
Sourcepub const IV_SERVER_ID_SIZE: usize = 8
pub const IV_SERVER_ID_SIZE: usize = 8
Size of the server ID in bytes.
Sourcepub const SIGNATURE_SIZE: usize = 4
pub const SIGNATURE_SIZE: usize = 4
Size of the HMAC signature in bytes.
Sourcepub const PAYLOAD_BASE: usize
pub const PAYLOAD_BASE: usize
Offset where the payload begins.
Sourcepub const OVERHEAD_SIZE: usize
pub const OVERHEAD_SIZE: usize
Total overhead size (IV + signature) in bytes.
Sourcepub fn new(keys: Keys) -> Self
pub fn new(keys: Keys) -> Self
Creates a new Crypto instance.
§Example
use signed_crypto::{Crypto, Keys};
let keys = Keys::new(&[0u8; 32], &[0u8; 32]).unwrap();
let crypto = Crypto::new(keys);Sourcepub fn decode<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
pub fn decode<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
Decodes a URL-safe Base64 encoded string.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = "SGVsbG8=";
let decoded = crypto.decode(encoded).unwrap();Sourcepub fn encode<T>(&self, data: T) -> String
pub fn encode<T>(&self, data: T) -> String
Encodes data as a URL-safe Base64 string.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let data = b"Hello";
let encoded = crypto.encode(data);Sourcepub fn decrypt(&self, cipher_data: &[u8]) -> Result<Vec<u8>, CryptoError>
pub fn decrypt(&self, cipher_data: &[u8]) -> Result<Vec<u8>, CryptoError>
Decrypts a package and verifies the HMAC signature.
§Errors
Returns CryptoError::InvalidSign if signature verification fails.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let decrypted = crypto.decrypt(&encrypted).unwrap();Sourcepub fn encrypt(&self, plain_data: &[u8]) -> Result<Vec<u8>, CryptoError>
pub fn encrypt(&self, plain_data: &[u8]) -> Result<Vec<u8>, CryptoError>
Encrypts a package in-place.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();Sourcepub fn package<T>(
&self,
payload: T,
iv: Option<&[u8]>,
) -> Result<String, CryptoError>
pub fn package<T>( &self, payload: T, iv: Option<&[u8]>, ) -> Result<String, CryptoError>
Packages a payload into a URL-safe Base64 encoded encrypted string.
§Arguments
payload- The data to encryptiv- Optional custom initialization vector; a random IV with the current timestamp is generated whenNone
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();Sourcepub fn unpackage<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
pub fn unpackage<T>(&self, data: T) -> Result<Vec<u8>, CryptoError>
Unpackages and decrypts a URL-safe Base64 encoded encrypted string.
§Errors
Returns CryptoError::InvalidSign if signature verification fails.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();
let payload = crypto.unpackage(&encoded).unwrap();
assert_eq!(payload, b"Hello, world!");Sourcepub fn package_to<T, W>(
&self,
payload: T,
iv: Option<&[u8]>,
out: &mut W,
) -> Result<(), CryptoError>
pub fn package_to<T, W>( &self, payload: T, iv: Option<&[u8]>, out: &mut W, ) -> Result<(), CryptoError>
Packages a payload and writes the URL-safe Base64 encoded encrypted result into the provided writer.
§Arguments
payload- The data to encryptiv- Optional custom initialization vector; a random IV with the current timestamp is generated whenNoneout- Any writer that receives the Base64-encoded encrypted package
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut buf = Vec::new();
crypto.package_to(b"Hello, world!", None, &mut buf).unwrap();Sourcepub fn unpackage_to<T, W>(
&self,
data: T,
out: &mut W,
) -> Result<(), CryptoError>
pub fn unpackage_to<T, W>( &self, data: T, out: &mut W, ) -> Result<(), CryptoError>
Unpackages and decrypts a URL-safe Base64 encoded string, writing the decrypted payload into the provided writer.
§Errors
Returns CryptoError::InvalidSign if signature verification fails.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let encoded = crypto.package(b"Hello, world!", None).unwrap();
let mut buf = Vec::new();
crypto.unpackage_to(&encoded, &mut buf).unwrap();
assert_eq!(buf, b"Hello, world!");Sourcepub fn create_init_vector(
&self,
timestamp: OffsetDateTime,
server_id: i64,
) -> Vec<u8> ⓘ
pub fn create_init_vector( &self, timestamp: OffsetDateTime, server_id: i64, ) -> Vec<u8> ⓘ
Creates a custom initialization vector.
§Arguments
timestamp- The timestamp to embedserver_id- The server ID to embed
§Example
use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let iv = crypto.create_init_vector(OffsetDateTime::now_utc(), 12345);Sourcepub fn timestamp(&self, data: &[u8]) -> Option<OffsetDateTime>
pub fn timestamp(&self, data: &[u8]) -> Option<OffsetDateTime>
Extracts the timestamp from a package’s initialization vector.
Returns None if the data is too short.
§Example
use signed_crypto::{Crypto, Keys};
use time::OffsetDateTime;
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let ts = crypto.timestamp(&encrypted).unwrap();Sourcepub fn server_id(&self, data: &[u8]) -> Option<i64>
pub fn server_id(&self, data: &[u8]) -> Option<i64>
Extracts the server ID from a package’s initialization vector.
Returns None if the data is too short.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let encrypted = crypto.encrypt(&pkg).unwrap();
let server_id = crypto.server_id(&encrypted).unwrap();Sourcepub fn payload<'a>(&self, data: &'a [u8]) -> Option<&'a [u8]>
pub fn payload<'a>(&self, data: &'a [u8]) -> Option<&'a [u8]>
Extracts the payload from a package without decryption.
Returns None if the data is too short.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();
let payload = crypto.payload(&pkg).unwrap();
assert_eq!(payload, b"Hello");Sourcepub fn init_plain_data(
&self,
payload_size: usize,
iv: Option<&[u8]>,
) -> Result<Vec<u8>, CryptoError>
pub fn init_plain_data( &self, payload_size: usize, iv: Option<&[u8]>, ) -> Result<Vec<u8>, CryptoError>
Initializes a plain data package buffer.
If iv is None, generates a random IV with current timestamp.
§Arguments
payload_size- Size of the payload in bytesiv- Optional custom initialization vector
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let pkg = crypto.init_plain_data(10, None).unwrap();Sourcepub fn set_payload(
&self,
plain_data: &mut [u8],
payload: &[u8],
) -> Result<(), CryptoError>
pub fn set_payload( &self, plain_data: &mut [u8], payload: &[u8], ) -> Result<(), CryptoError>
Sets the payload in a plain data package buffer.
§Errors
Returns CryptoError::PayloadSizeMismatch if the payload size
does not match the expected size.
§Example
use signed_crypto::{Crypto, Keys};
let crypto = Crypto::new(Keys::new(&[0u8; 32], &[0u8; 32]).unwrap());
let mut pkg = crypto.init_plain_data(5, None).unwrap();
crypto.set_payload(&mut pkg, b"Hello").unwrap();