Enum Verified 

#[non_exhaustive]
pub enum Verified {
    Cavage(CavageVerified),
    Rfc9421(Rfc9421Verified),
}

Report summarising a successful verification.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

Cavage(CavageVerified)

The request was signed using the Cavage draft-12 flavour.

Rfc9421(Rfc9421Verified)

The request was signed using RFC 9421.

Implementations

impl Verified

pub fn key_id(&self) -> &str

Returns the keyId / keyid that identified the signer.

pub fn signature_base(&self) -> &str

Returns the signature base string that was verified, for audit logging and troubleshooting.

Security note. The signature base contains the literal value of every header that participated in the signature, including anything sensitive the signer accidentally covered (typically nothing on ActivityPub, but defence-in-depth still matters). Prefer Self::signature_base_redacted for any log line that might be captured by a third party.

pub fn signature_base_redacted(&self, sensitive_headers: &[&str]) -> String

Returns the signature base string with the values of any header named in sensitive_headers replaced by <redacted>.

The headers are matched case-insensitively against the line prefix that build_signature_base / build_signature_base emit; entries not present in the signature base pass through unchanged.

Pass REDACTED_HEADERS_DEFAULT to match the header set this crate considers sensitive by default.

Trait Implementations

impl Clone for Verified

fn clone(&self) -> Verified

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Verified

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.