pub struct Verifier { /* private fields */ }Expand description
Dependency-injected verifier for attestation and chain verification.
Uses Arc<dyn CryptoProvider> and Arc<dyn ClockProvider> for
lifetime-free sharing across async tasks and web server handler state.
Usage:
ⓘ
use std::sync::Arc;
use auths_verifier::{Verifier, SystemClock};
use auths_crypto::RingCryptoProvider;
let verifier = Verifier::native();
let result = verifier.verify_with_keys(&att, &pk).await;Implementations§
Source§impl Verifier
impl Verifier
Sourcepub fn new(
provider: Arc<dyn CryptoProvider>,
clock: Arc<dyn ClockProvider>,
) -> Self
pub fn new( provider: Arc<dyn CryptoProvider>, clock: Arc<dyn ClockProvider>, ) -> Self
Create a Verifier with the given crypto provider and clock.
Args:
provider: Ed25519 crypto backend.clock: Clock provider for expiry checks.
Sourcepub fn native() -> Self
pub fn native() -> Self
Create a Verifier using the native Ring crypto provider and system clock.
Sourcepub async fn verify_with_keys(
&self,
att: &Attestation,
issuer_pk: &DevicePublicKey,
) -> Result<VerifiedAttestation, AttestationError>
pub async fn verify_with_keys( &self, att: &Attestation, issuer_pk: &DevicePublicKey, ) -> Result<VerifiedAttestation, AttestationError>
Verify an attestation’s signatures against the issuer’s public key.
Args:
att: The attestation to verify.issuer_pk: Typed issuer public key (Ed25519 or P-256).
Sourcepub async fn verify_at_time(
&self,
att: &Attestation,
issuer_pk: &DevicePublicKey,
at: DateTime<Utc>,
) -> Result<VerifiedAttestation, AttestationError>
pub async fn verify_at_time( &self, att: &Attestation, issuer_pk: &DevicePublicKey, at: DateTime<Utc>, ) -> Result<VerifiedAttestation, AttestationError>
Verify an attestation against a specific point in time (skips clock-skew check).
Args:
att: The attestation to verify.issuer_pk: Typed issuer public key (Ed25519 or P-256).at: The reference timestamp for expiry evaluation.
Sourcepub async fn verify_chain(
&self,
attestations: &[Attestation],
root_pk: &DevicePublicKey,
) -> Result<VerificationReport, AttestationError>
pub async fn verify_chain( &self, attestations: &[Attestation], root_pk: &DevicePublicKey, ) -> Result<VerificationReport, AttestationError>
Verify an ordered attestation chain starting from a known root public key.
Args:
attestations: Ordered attestation chain (root first).root_pk: Typed root identity public key (Ed25519 or P-256).
Sourcepub async fn verify_chain_with_witnesses(
&self,
attestations: &[Attestation],
root_pk: &DevicePublicKey,
witness_config: &WitnessVerifyConfig<'_>,
) -> Result<VerificationReport, AttestationError>
pub async fn verify_chain_with_witnesses( &self, attestations: &[Attestation], root_pk: &DevicePublicKey, witness_config: &WitnessVerifyConfig<'_>, ) -> Result<VerificationReport, AttestationError>
Verify a chain and additionally validate witness receipts against a quorum threshold.
Args:
attestations: Ordered attestation chain (root first).root_pk: Typed root identity public key (Ed25519 or P-256).witness_config: Witness receipts and quorum threshold to validate.
Verify that a specific device is authorized under a given identity.
Args:
identity_did: The DID of the authorizing identity.device_did: The device DID to check authorization for.attestations: Pool of attestations to search.identity_pk: Typed identity public key (Ed25519 or P-256).
Trait Implementations§
Auto Trait Implementations§
impl !RefUnwindSafe for Verifier
impl !UnwindSafe for Verifier
impl Freeze for Verifier
impl Send for Verifier
impl Sync for Verifier
impl Unpin for Verifier
impl UnsafeUnpin for Verifier
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more