Module dryoc::classic::crypto_auth

Secret-key authentication

Implements secret-key authentication using HMAC-SHA512-256, compatible with libsodium’s crypto_auth_* functions.

Classic API single-part example

use dryoc::classic::crypto_auth::{crypto_auth, crypto_auth_keygen, crypto_auth_verify, Mac};

let key = crypto_auth_keygen();
let mut mac = Mac::default();

crypto_auth(&mut mac, b"Data to authenticate", &key);

// This should be valid
crypto_auth_verify(&mac, b"Data to authenticate", &key).expect("failed to authenticate");

// This should not be valid
crypto_auth_verify(&mac, b"Invalid data", &key).expect_err("should not authenticate");

Classic API multi-part example

use dryoc::classic::crypto_auth::{
    crypto_auth_final, crypto_auth_init, crypto_auth_keygen, crypto_auth_update,
    crypto_auth_verify, Mac,
};

let key = crypto_auth_keygen();
let mut mac = Mac::default();

let mut state = crypto_auth_init(&key);
crypto_auth_update(&mut state, b"Multi-part");
crypto_auth_update(&mut state, b"data");
crypto_auth_final(state, &mut mac);

// This should be valid
crypto_auth_verify(&mac, b"Multi-partdata", &key).expect("failed to authenticate");

// This should not be valid
crypto_auth_verify(&mac, b"Invalid data", &key).expect_err("should not authenticate");

Structs

• AuthState
  Internal state for crypto_auth.

Functions

• crypto_auth
  Authenticates message using key, and places the result into mac.
• crypto_auth_final
  Finalizes the message authentication code for state, and places the result into output.
• crypto_auth_init
  Initializes the incremental interface for HMAC-SHA512-256 secret-key authentication, using key. Returns a state struct which is required for subsequent calls to crypto_auth_update and crypto_auth_final.
• crypto_auth_keygen
  Generates a random key using copy_randombytes, suitable for use with crypto_auth_init and crypto_auth.
• crypto_auth_update
  Updates state for the secret-key authentication function, based on input.
• crypto_auth_verify
  Verifies that mac is the correct authenticator for message using key. Returns Ok(()) if the message authentication code is valid.

Type Definitions

• Key
  Key for secret-key message authentication.
• Mac
  Message authentication code type for use with secret-key authentication.