Struct cookie::Key

source ·
pub struct Key(/* private fields */);
Available on crate features private or signed only.
Expand description

A cryptographic master key for use with Signed and/or Private jars.

This structure encapsulates secure, cryptographic keys for use with both PrivateJar and SignedJar. A single instance of a Key can be used for both a PrivateJar and a SignedJar simultaneously with no notable security implications.

Implementations§

source§

impl Key

source

pub fn from(key: &[u8]) -> Key

Creates a new Key from a 512-bit cryptographically random string.

The supplied key must be at least 512-bits (64 bytes). For security, the master key must be cryptographically random.

Panics

Panics if key is less than 64 bytes in length.

For a non-panicking version, use Key::try_from() or generate a key with Key::generate() or Key::try_generate().

Example
use cookie::Key;

let key = { /* a cryptographically random key >= 64 bytes */ };

let key = Key::from(key);
source

pub fn derive_from(master_key: &[u8]) -> Self

Available on crate feature key-expansion only.

Derives new signing/encryption keys from a master key.

The master key must be at least 256-bits (32 bytes). For security, the master key must be cryptographically random. The keys are derived deterministically from the master key.

Panics

Panics if key is less than 32 bytes in length.

Example
use cookie::Key;

let master_key = { /* a cryptographically random key >= 32 bytes */ };

let key = Key::derive_from(master_key);
source

pub fn generate() -> Key

Generates signing/encryption keys from a secure, random source. Keys are generated nondeterministically.

Panics

Panics if randomness cannot be retrieved from the operating system. See Key::try_generate() for a non-panicking version.

Example
use cookie::Key;

let key = Key::generate();
source

pub fn try_generate() -> Option<Key>

Attempts to generate signing/encryption keys from a secure, random source. Keys are generated nondeterministically. If randomness cannot be retrieved from the underlying operating system, returns None.

Example
use cookie::Key;

let key = Key::try_generate();
source

pub fn signing(&self) -> &[u8]

Returns the raw bytes of a key suitable for signing cookies. Guaranteed to be at least 32 bytes.

Example
use cookie::Key;

let key = Key::generate();
let signing_key = key.signing();
source

pub fn encryption(&self) -> &[u8]

Returns the raw bytes of a key suitable for encrypting cookies. Guaranteed to be at least 32 bytes.

Example
use cookie::Key;

let key = Key::generate();
let encryption_key = key.encryption();
source

pub fn master(&self) -> &[u8]

Returns the raw bytes of the master key. Guaranteed to be at least 64 bytes.

Example
use cookie::Key;

let key = Key::generate();
let master_key = key.master();

Trait Implementations§

source§

impl Clone for Key

source§

fn clone(&self) -> Key

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl PartialEq<Key> for Key

source§

fn eq(&self, other: &Self) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl TryFrom<&[u8]> for Key

source§

fn try_from(key: &[u8]) -> Result<Self, Self::Error>

A fallible version of Key::from().

Succeeds when Key::from() succeds and returns an error where Key::from() panics, namely, if key is too short.

Example
use cookie::Key;

let key = { /* a cryptographically random key >= 64 bytes */ };
assert!(Key::try_from(key).is_ok());

// A key that's far too short to use.
let key = &[1, 2, 3, 4][..];
assert!(Key::try_from(key).is_err());
§

type Error = KeyError

The type returned in the event of a conversion error.

Auto Trait Implementations§

§

impl RefUnwindSafe for Key

§

impl Send for Key

§

impl Sync for Key

§

impl Unpin for Key

§

impl UnwindSafe for Key

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

source§

fn vzip(self) -> V