SignedEnvelope

anda_cloud_cdk::tee

Struct SignedEnvelope 

Source 
pub struct SignedEnvelope {
    pub pubkey: ByteBufB64,
    pub signature: ByteBufB64,
    pub digest: Option<ByteBufB64>,
    pub delegation: Option<Vec<SignedDelegationCompact>>,
}
Expand description

The authentication envelope for Internet Computer authentication.

This structure encapsulates all the necessary components for authenticating a request to an Internet Computer service. It includes the public key of the sender, the signature, the content digest, and an optional delegation chain.

The envelope can be serialized to and from various formats, including bytes, base64 strings, and HTTP headers, making it versatile for different transport mechanisms.

Fields§

§pubkey: ByteBufB64

The public key of the self-authenticating principal this request is from. This is the head of the delegation chain (if any) and is used to derive the principal ID of the sender.

§signature: ByteBufB64

A cryptographic signature authorizing the request. When delegations are involved, this is the signature from the tail of the delegation chain, not necessarily made by the owner of pubkey.

§digest: Option<ByteBufB64>

The request content’s hash digest that was signed by the sender. This is typically a SHA-256 or SHA3-256 hash of the request content.

§delegation: Option<Vec<SignedDelegationCompact>>

The chain of delegations connecting pubkey to signature, in order. Each delegation authorizes the next entity in the chain to sign on behalf of the previous entity, forming a chain of trust from the original identity to the actual signer.

Implementations§

Source§

impl SignedEnvelope

Source

pub fn sender(&self) -> Principal

Returns the sender’s principal ID derived from the public key.

This computes a self-authenticating principal ID based on the public key in the envelope, which uniquely identifies the sender.

§Returns
  • Principal - The principal ID of the sender
Source

pub fn to_bytes(&self) -> Vec<u8>

Encodes the SignedEnvelope into a binary representation.

§Returns
  • Vec<u8> - The CBOR-encoded binary representation of the envelope
Source

pub fn from_bytes(bytes: &[u8]) -> Result<SignedEnvelope, String>

Decodes a SignedEnvelope from its binary representation.

§Arguments
  • bytes - The CBOR-encoded binary representation of the envelope
§Returns
  • Result<Self, String> - The decoded envelope or an error message
Source

pub fn to_base64(&self) -> String

Encodes the SignedEnvelope into a base64url string.

§Returns
  • String - The base64url-encoded representation of the envelope
Source

pub fn from_base64(s: &str) -> Result<SignedEnvelope, String>

Decodes a SignedEnvelope from a base64url string.

§Arguments
  • s - The base64url-encoded string representation of the envelope
§Returns
  • Result<Self, String> - The decoded envelope or an error message
Source

pub fn verify( &self, now_ms: u64, expect_target: Option<Principal>, expect_digest: Option<&[u8]>, ) -> Result<(), String>

Verifies the SignedEnvelope according to the Internet Computer authentication rules.

Verification rules:

  • Delegation chain length must not exceed 5
  • Delegations must not be expired (considering the permitted time drift)
  • Each signature in the chain must verify against the corresponding public key
  • If delegation targets are specified, the expected target must be included
  • The content digest must match the expected digest (if provided)
§Arguments
  • now_ms - The current time in milliseconds since the Unix epoch
  • expect_target - Optional canister ID that should be in the delegation targets
  • expect_digest - Optional expected content digest to verify against
§Returns
  • Ok(()) if verification succeeds
  • Err(String) with a detailed error message if verification fails
Source

pub fn from_authorization(headers: &HeaderMap) -> Option<SignedEnvelope>

Extracts a SignedEnvelope from the Authorization header.

This looks for an “ICP” authentication scheme in the Authorization header and decodes the associated token as a SignedEnvelope.

§Arguments
  • headers - The HTTP headers to extract from
§Returns
  • Option<Self> - The extracted envelope, or None if not found or invalid
Source

pub fn to_authorization(&self, headers: &mut HeaderMap) -> Result<(), String>

Adds the SignedEnvelope to the Authorization header.

This encodes the envelope as a base64url string and adds it to the Authorization header with the “ICP” authentication scheme.

§Arguments
  • headers - The HTTP headers to add to
§Returns
  • Result<(), String> - Success or an error message if adding fails
Source

pub fn from_headers(headers: &HeaderMap) -> Option<SignedEnvelope>

Extracts a SignedEnvelope from the IC-Auth-* HTTP headers.

This looks for the individual components of the envelope in separate headers and reconstructs the envelope from them.

§Arguments
  • headers - The HTTP headers to extract from
§Returns
  • Option<Self> - The extracted envelope, or None if not found or invalid
Source

pub fn to_headers(&self, headers: &mut HeaderMap) -> Result<(), String>

Adds the SignedEnvelope components to the IC-Auth-* HTTP headers.

This breaks down the envelope into its components and adds each one to a separate HTTP header.

§Arguments
  • headers - The HTTP headers to add to
§Returns
  • Result<(), String> - Success or an error message

Trait Implementations§

Source§

impl CandidType for SignedEnvelope

Source§

fn _ty() -> Type

Source§

fn id() -> TypeId

Source§

fn idl_serialize<__S>( &self, __serializer: __S, ) -> Result<(), <__S as Serializer>::Error>
where __S: Serializer,

Source§

fn ty() -> Type

Source§

impl Clone for SignedEnvelope

Source§

fn clone(&self) -> SignedEnvelope

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for SignedEnvelope

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for SignedEnvelope

Source§

fn deserialize<__D>( __deserializer: __D, ) -> Result<SignedEnvelope, <__D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl From<SignedEnvelopeFull> for SignedEnvelope

Source§

fn from(envelope: SignedEnvelopeFull) -> SignedEnvelope

Converts to this type from the input type.
Source§

impl Serialize for SignedEnvelope

Source§

fn serialize<__S>( &self, __serializer: __S, ) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,