Crate baseid_crypto

Crate baseid_crypto 

Source
Expand description

§baseid-crypto

Cryptographic primitives and key management for BaseID.

This crate provides:

  • Key generation for Ed25519, P-256, P-384, and secp256k1
  • Signing and verification via the Signer and Verifier traits
  • Key serialization (JWK, Multikey)
  • Key storage abstraction via the KeyStore trait (planned)

§Cryptographic Agility

All operations go through traits, not hardcoded algorithms. This enables future migration to post-quantum algorithms (ML-DSA) when standardized.

§Security

  • All secret key types implement zeroize::Zeroize for secure memory cleanup
  • No unsafe blocks without documented justification
  • Key material never exposed in Debug output

Re-exports§

pub use jwk::Jwk;
pub use jwt::alg_to_str;
pub use jwt::decode_jwt;
pub use jwt::decode_jwt_unverified;
pub use jwt::encode_jwt;
pub use jwt::str_to_alg;
pub use jwt::JwtHeader;
pub use key::KeyPair;
pub use key::PublicKey;
pub use signer::MultiMessageSigner;
pub use signer::ProofDeriver;
pub use signer::ProofVerifier;
pub use signer::Signer;
pub use signer::Verifier;

Modules§

jwk
JSON Web Key (JWK) serialization and deserialization.
jwt
JWT (JSON Web Token) encode, decode, and verify.
key
Key types and generation.
multikey
Multicodec + multibase encoding/decoding for did:key support.
signer
Signer and Verifier traits for cryptographic agility.