3 releases
0.1.2 | Oct 1, 2021 |
---|---|
0.1.1 | May 24, 2021 |
0.1.0 | May 21, 2021 |
#2046 in Cryptography
13KB
189 lines
Bundy
Bundy is a small library that allows verification and signatures of parcels of data. Unlike fernet which encrypts and creates opaque blobs, Bundy allows a client to inspect and see the data. It is transparent, and should NOT be used to store secrets.
Use cases are:
- Signing cookies or tokens that a client should be able to read and parse, but not alter.
- In place of JWT, but without many of the complications and issues that come with JWT.
Why is this named Bundy?
Fernet is named after an Italian spirit - Bundy is named after an Australian spirit.
lib.rs
:
Bundy provides the ability to sign and verify pieces of serialisable data in a way
that makes misusing it difficult. It is heavily inspired by Fernet
. These transparent
data can be then inspected by clients for their content, while a server may verify that
they have not been tampered with.
Dependencies
~2.5–4MB
~85K SLoC