Skip to main content

HmacEnvelope

cratestack_core::envelope

Struct HmacEnvelope 

Source 
pub struct HmacEnvelope<K: KeyProvider> { /* private fields */ }
Expand description

HMAC-SHA-256 backed envelope. Sealed messages are self-describing CBOR maps: signature recipients can decode the envelope, fetch the key by kid, and verify without out-of-band coordination.

Implementations§

Source§

impl<K: KeyProvider> HmacEnvelope<K>

Source

pub fn new(keys: Arc<K>, signing_kid: impl Into<String>) -> Self

Source

pub fn with_clock_skew_secs(self, secs: i64) -> Self

Source

pub fn with_nonce_store(self, store: Arc<dyn NonceStore>) -> Self

Attach a nonce store so open rejects replays. Without this, the envelope is only protected by the clock-skew window — an attacker who captured a sealed message can replay it inside that window.

Source

pub async fn seal(&self, payload: Value) -> Result<SealedEnvelope, CoolError>

Seal a request body. The returned bytes are a CBOR-encoded SealedEnvelope payload — the sender wraps these in their codec of choice on the way out.

Source

pub async fn open(&self, envelope: &SealedEnvelope) -> Result<Value, CoolError>

Verify a sealed envelope. Returns the body on success. Constant- time MAC compare; clock-skew window enforced; envelope kid is resolved through the configured provider so callers can rotate keys without changing the recipient.

Trait Implementations§

Source§

impl<K: Clone + KeyProvider> Clone for HmacEnvelope<K>

Source§

fn clone(&self) -> HmacEnvelope<K>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Auto Trait Implementations§

§

impl<K> Freeze for HmacEnvelope<K>

§

impl<K> !RefUnwindSafe for HmacEnvelope<K>

§

impl<K> Send for HmacEnvelope<K>

§

impl<K> Sync for HmacEnvelope<K>

§

impl<K> Unpin for HmacEnvelope<K>

§

impl<K> UnsafeUnpin for HmacEnvelope<K>

§

impl<K> !UnwindSafe for HmacEnvelope<K>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.