Skip to main content

SigningKey

aranya_crypto

Struct SigningKey 

Source 
pub struct SigningKey<CS: CipherSuite> { /* private fields */ }
Expand description

The Device Signing Key.

Implementations§

Source§

impl<CS: CipherSuite> SigningKey<CS>

Source

pub fn new<R: Csprng>(rng: R) -> Self

Creates a random SigningKey

Source§

impl<CS: CipherSuite> SigningKey<CS>

Source

pub fn id(&self) -> Result<SigningKeyId, IdError>

Uniquely identifies the SigningKey Two keys with the same ID are the same key.

Source

pub fn public(&self) -> Result<VerifyingKey<CS>, PkError>

Returns the public half of the key.

Source§

impl<CS: CipherSuite> SigningKey<CS>

Source

pub fn sign(&self, msg: &[u8], context: &[u8]) -> Result<Signature<CS>, Error>

Creates a signature over msg bound to some context.

msg must NOT be pre-hashed.

§Example
use aranya_crypto::{
    Rng, SigningKey,
    default::{DefaultCipherSuite, DefaultEngine},
};

let sk = SigningKey::<DefaultCipherSuite>::new(Rng);

const MESSAGE: &[u8] = b"hello, world!";
const CONTEXT: &[u8] = b"doc test";
let sig = sk.sign(MESSAGE, CONTEXT).expect("should not fail");

sk.public()
    .expect("signing key should be valid")
    .verify(MESSAGE, CONTEXT, &sig)
    .expect("should not fail");

sk.public()
    .expect("signing key should be valid")
    .verify(MESSAGE, b"wrong context", &sig)
    .expect_err("should fail");

let wrong_sig = sk
    .sign(b"different", b"signature")
    .expect("should not fail");
sk.public()
    .expect("signing key should be valid")
    .verify(MESSAGE, CONTEXT, &wrong_sig)
    .expect_err("should fail");
Source

pub fn sign_cmd(&self, cmd: Cmd<'_>) -> Result<(Signature<CS>, CmdId), Error>

Creates a signature over a named policy command.

§Example
use aranya_crypto::{
    BaseId, Cmd, Rng, SigningKey,
    default::{DefaultCipherSuite, DefaultEngine},
    id::IdExt as _,
    policy::CmdId,
};

let sk = SigningKey::<DefaultCipherSuite>::new(Rng);

let data = b"... some command data ...";
let name = "AddDevice";
let parent_id = &CmdId::random(Rng);

let good_cmd = Cmd {
    data,
    name,
    parent_id,
};
let (sig, _) = sk.sign_cmd(good_cmd).expect("should not fail");
sk.public()
    .expect("signing key should be valid")
    .verify_cmd(good_cmd, &sig)
    .expect("should not fail");

let wrong_name_cmd = Cmd {
    data,
    name: "wrong name",
    parent_id,
};
sk.public()
    .expect("signing key should be valid")
    .verify_cmd(wrong_name_cmd, &sig)
    .expect_err("should fail");

let wrong_id_cmd = Cmd {
    data,
    name,
    parent_id: &CmdId::random(Rng),
};
sk.public()
    .expect("signing key should be valid")
    .verify_cmd(wrong_id_cmd, &sig)
    .expect_err("should fail");

let wrong_sig_cmd = Cmd {
    data: b"different",
    name: "signature",
    parent_id: &CmdId::random(Rng),
};
let (wrong_sig, _) = sk.sign_cmd(wrong_sig_cmd).expect("should not fail");
sk.public()
    .expect("signing key should be valid")
    .verify_cmd(good_cmd, &wrong_sig)
    .expect_err("should fail");

Trait Implementations§

Source§

impl<CS: CipherSuite> Clone for SigningKey<CS>

Source§

fn clone(&self) -> Self

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<CS: CipherSuite> ConstantTimeEq for SigningKey<CS>

Source§

fn ct_eq(&self, other: &Self) -> Choice

Determine if two items are equal. Read more
Source§

fn ct_ne(&self, other: &Self) -> Choice

Determine if two items are NOT equal. Read more
Source§

impl<CS: CipherSuite> Debug for SigningKey<CS>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<CS: CipherSuite> Display for SigningKey<CS>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<CS: CipherSuite> Identified for SigningKey<CS>

Source§

type Id = Id<SigningKeyIdTag>

Uniquely identifies the object.
Source§

fn id(&self) -> Result<Self::Id, IdError>

Uniquely identifies the object.
Source§

impl<CS: CipherSuite> UnwrappedKey<CS> for SigningKey<CS>

Source§

const ID: AlgId

The key’s algorithm identifier.
Source§

fn into_secret(self) -> Secret<CS>

Converts itself into the underlying Secret.
Source§

fn try_from_secret(key: UnwrappedSecret<CS>) -> Result<Self, WrongKeyType>

Converts itself from a UnwrappedSecret.
Source§

impl<CS: CipherSuite> ZeroizeOnDrop for SigningKey<CS>

Auto Trait Implementations§

§

impl<CS> !Freeze for SigningKey<CS>

§

impl<CS> !RefUnwindSafe for SigningKey<CS>

§

impl<CS> Send for SigningKey<CS>
where <<CS as CipherSuite>::Signer as Signer>::SigningKey: Send,

§

impl<CS> !Sync for SigningKey<CS>

§

impl<CS> Unpin for SigningKey<CS>
where <<CS as CipherSuite>::Signer as Signer>::SigningKey: Unpin,

§

impl<CS> UnsafeUnpin for SigningKey<CS>
where <<CS as CipherSuite>::Signer as Signer>::SigningKey: UnsafeUnpin,

§

impl<CS> UnwindSafe for SigningKey<CS>
where <<CS as CipherSuite>::Signer as Signer>::SigningKey: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> ArchivePointee for T

Source§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
Source§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> LayoutRaw for T

Source§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
Source§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

Source§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
Source§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
Source§

impl<T> Pointee for T

Source§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V