pub trait SignatureVerificationAlgorithm: Send + Sync + Debug {
// Required methods
fn verify_signature(
&self,
public_key: &[u8],
message: &[u8],
signature: &[u8],
) -> Result<(), InvalidSignature>;
fn public_key_alg_id(&self) -> AlgorithmIdentifier;
fn signature_alg_id(&self) -> AlgorithmIdentifier;
// Provided method
fn fips(&self) -> bool { ... }
}
Expand description
An abstract signature verification algorithm.
One of these is needed per supported pair of public key type (identified
with public_key_alg_id()
) and signatureAlgorithm
(identified with
signature_alg_id()
). Note that both of these AlgorithmIdentifier
s include
the parameters encoding, so separate SignatureVerificationAlgorithm
s are needed
for each possible public key or signature parameters.
Debug implementations should list the public key algorithm identifier and signature algorithm identifier in human friendly form (i.e. not encoded bytes), along with the name of the implementing library (to distinguish different implementations of the same algorithms).
Required Methods§
sourcefn verify_signature(
&self,
public_key: &[u8],
message: &[u8],
signature: &[u8],
) -> Result<(), InvalidSignature>
fn verify_signature( &self, public_key: &[u8], message: &[u8], signature: &[u8], ) -> Result<(), InvalidSignature>
Verify a signature.
public_key
is the subjectPublicKey
value from a SubjectPublicKeyInfo
encoding
and is untrusted. The key’s subjectPublicKeyInfo
matches the AlgorithmIdentifier
returned by public_key_alg_id()
.
message
is the data over which the signature was allegedly computed.
It is not hashed; implementations of this trait function must do hashing
if that is required by the algorithm they implement.
signature
is the signature allegedly over message
.
Return Ok(())
only if signature
is a valid signature on message
.
Return Err(InvalidSignature)
if the signature is invalid, including if the public_key
encoding is invalid. There is no need or opportunity to produce errors
that are more specific than this.
sourcefn public_key_alg_id(&self) -> AlgorithmIdentifier
fn public_key_alg_id(&self) -> AlgorithmIdentifier
Return the AlgorithmIdentifier
that must equal a public key’s
subjectPublicKeyInfo
value for this SignatureVerificationAlgorithm
to be used for signature verification.
sourcefn signature_alg_id(&self) -> AlgorithmIdentifier
fn signature_alg_id(&self) -> AlgorithmIdentifier
Return the AlgorithmIdentifier
that must equal the signatureAlgorithm
value
on the data to be verified for this SignatureVerificationAlgorithm
to be used
for signature verification.