Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change private jar docs to reflect that they are also signed #22

Merged
merged 2 commits into from
Dec 2, 2022
Merged

Change private jar docs to reflect that they are also signed #22

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a85d459
Change private jar docs to reflect that they are also signed
sweepline Nov 30, 2022
6986294
Revise wording to reflect Cookies container
sweepline Dec 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 17 additions & 5 deletions src/private.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,30 +1,42 @@
use crate::Cookies;
use cookie::{Cookie, Key};

/// A child cookie jar that encrypts its cookies.
/// A cookie jar that provides authenticated encryption for its cookies.
///
/// A _private_ child jar signs and encrypts all the cookies added to it and
/// verifies and decrypts cookies retrieved from it. Any cookies stored in
/// `PrivateCookies` are simultaneously assured confidentiality, integrity, and
/// authenticity. In other words, clients cannot discover nor tamper with the
/// contents of a cookie, nor can they fabricate cookie data.
pub struct PrivateCookies<'a> {
cookies: Cookies,
key: &'a Key,
}

impl<'a> PrivateCookies<'a> {
/// Creates an instance of `PrivateCookies` with parent `cookies` and key `key`. This method is
sweepline marked this conversation as resolved.
Show resolved Hide resolved
/// typically called indirectly via the `private` method of [`Cookies`].
/// Creates an instance of `PrivateCookies` with parent `cookies` and key `key`.
/// This method is typically called indirectly via the `private`
/// method of [`Cookies`].
pub(crate) fn new(cookies: &Cookies, key: &'a Key) -> Self {
Self {
cookies: cookies.clone(),
key,
}
}

/// Adds cookie to the parent jar. The cookie’s value is encrypted.
/// Adds `cookie` to the parent jar. The cookie's value is encrypted with
/// authenticated encryption assuring confidentiality, integrity, and
/// authenticity.
pub fn add(&self, cookie: Cookie<'static>) {
let mut inner = self.cookies.inner.lock();
inner.changed = true;
inner.jar().private_mut(self.key).add(cookie);
}

/// Returns `Cookie` with the `name` and decrypted contents.
/// Returns a reference to the `Cookie` inside this jar with the name `name`
/// and authenticates and decrypts the cookie's value, returning a `Cookie`
/// with the decrypted value. If the cookie cannot be found, or the cookie
/// fails to authenticate or decrypt, `None` is returned.
pub fn get(&self, name: &str) -> Option<Cookie<'static>> {
let mut inner = self.cookies.inner.lock();
inner.jar().private(self.key).get(name)
Expand Down