Change private jar docs to reflect that they are also signed (#22)

* Change private jar docs to reflect that they are also signed These docs are copied from the underlying 'cookie' crate * Revise wording to reflect Cookies container
imbolc · Dec 2, 2022 · cc7dabe · cc7dabe
1 parent 1453d40
commit cc7dabe
Showing 1 changed file with 17 additions and 5 deletions.
diff --git a/src/private.rs b/src/private.rs
@@ -1,30 +1,42 @@
 use crate::Cookies;
 use cookie::{Cookie, Key};
 
-/// A child cookie jar that encrypts its cookies.
+/// A cookie jar that provides authenticated encryption for its cookies.
+///
+/// A _private_ child jar signs and encrypts all the cookies added to it and
+/// verifies and decrypts cookies retrieved from it. Any cookies stored in
+/// `PrivateCookies` are simultaneously assured confidentiality, integrity, and
+/// authenticity. In other words, clients cannot discover nor tamper with the
+/// contents of a cookie, nor can they fabricate cookie data.
 pub struct PrivateCookies<'a> {
     cookies: Cookies,
     key: &'a Key,
 }
 
 impl<'a> PrivateCookies<'a> {
-    /// Creates an instance of `PrivateCookies` with parent `cookies` and key `key`. This method is
-    /// typically called indirectly via the `private` method of [`Cookies`].
+    /// Creates an instance of `PrivateCookies` with parent `cookies` and key `key`.
+    /// This method is typically called indirectly via the `private`
+    /// method of [`Cookies`].
     pub(crate) fn new(cookies: &Cookies, key: &'a Key) -> Self {
         Self {
             cookies: cookies.clone(),
             key,
         }
     }
 
-    /// Adds cookie to the parent jar. The cookie’s value is encrypted.
+    /// Adds `cookie` to the parent jar. The cookie's value is encrypted with
+    /// authenticated encryption assuring confidentiality, integrity, and
+    /// authenticity.
     pub fn add(&self, cookie: Cookie<'static>) {
         let mut inner = self.cookies.inner.lock();
         inner.changed = true;
         inner.jar().private_mut(self.key).add(cookie);
     }
 
-    /// Returns `Cookie` with the `name` and decrypted contents.
+    /// Returns a reference to the `Cookie` inside this jar with the name `name`
+    /// and authenticates and decrypts the cookie's value, returning a `Cookie`
+    /// with the decrypted value. If the cookie cannot be found, or the cookie
+    /// fails to authenticate or decrypt, `None` is returned.
     pub fn get(&self, name: &str) -> Option<Cookie<'static>> {
         let mut inner = self.cookies.inner.lock();
         inner.jar().private(self.key).get(name)