Expand description
Secret-key message authentication
Auth
implements libsodium’s secret-key authentication, based on
HMAC-SHA512-256.
Use Auth
to authenticate messages when:
- you want to authenticate arbitrary messages
- you have a pre-shared key between both parties
- (optionally) you want to share the authentication tag publicly
Rustaceous API example, one-time interface
use dryoc::auth::*;
use dryoc::types::*;
// Generate a random key
let key = Key::gen();
// Compute the mac in one shot. Here we clone the key for the purpose of this
// example, but normally you would not do this as you never want to re-use a
// key.
let mac = Auth::compute_to_vec(key.clone(), b"Data to authenticate");
// Verify the mac
Auth::compute_and_verify(&mac, key, b"Data to authenticate").expect("verify failed");
Rustaceous API example, incremental interface
use dryoc::auth::*;
use dryoc::types::*;
// Generate a random key
let key = Key::gen();
// Initialize the MAC, clone the key (don't do this)
let mut mac = Auth::new(key.clone());
mac.update(b"Multi-part");
mac.update(b"data");
let mac = mac.finalize_to_vec();
// Verify it's correct, clone the key (don't do this)
let mut verify_mac = Auth::new(key.clone());
verify_mac.update(b"Multi-part");
verify_mac.update(b"data");
verify_mac.verify(&mac).expect("verify failed");
// Check that invalid data fails, consume the key
let mut verify_mac = Auth::new(key);
verify_mac.update(b"Multi-part");
verify_mac.update(b"bad data");
verify_mac
.verify(&mac)
.expect_err("verify should have failed");
Modules
Structs
- secret-key authentication implementation based on Poly1305, compatible with libsodium’s
crypto_Auth_*
functions.
Type Definitions
- Stack-allocated key for secret-key authentication.
- Stack-allocated message authentication code for secret-key authentication.