Crate edcert [−] [src]
This crate is a simple digital signature crate and can be used to verify data integrity by using public-key cryptography. It uses the "super-fast, super-secure" elliptic curve and digital signature algorithm Ed25519.
It provides the struct
Certificate, which holds the public key, metadata and a signature.
Certificate can be signed by a master key, or another
Certificate. The top-most
must be signed with the master key, or it will not be valid. For validation, the master public
key will be given. This way, a
Certificate can only be valid, if it has been signed with a
trust chain, which top-most
Certificate has been signed with the right private key.
See also here.
To use the edcert ecosystem, there are a few other crates to make your life simpler:
- edcert-letter, which provides a container for signed data, Letter<T>.
- edcert-restrevoke, which provides a REST-based revokation system.
- edcert-compressor, which provides methods to
Certificates using JSON/LZMA and manages loading/saving certificates for you.
- edcert-tools, which provides a binary for generation, signing, validation, etc using edcert (and all of the above).
This module contains the most important struct of this crate: The Certificate It holds a public key, meta data and a signature. It can also optionally hold a private key and sign data.
This module contains a wrapper around the libsodium implementation of ed25519. It reduces the size of signatures to 64 byte.
This module contains the struct which holds the meta data of a Certificate.
This module provides a revoker, which can be used to check, if a certificate has been revoked.
This module provides a validator, which analyzes the trust chain to validate a Certificate.
This module contains the signature struct, a container for the Ed25519 signature and a reference to the signer.
This module provides a validator, which analyzes the trust chain to validate a Certificate but instead of a single master signature, it uses a set of trusted certificates for validation.
This module contains the
This is a simple copy function. This should be replaced by memcpy or something...