pub struct ParsedPublicKey { /* private fields */ }Expand description
A parsed public key for signature verification.
A ParsedPublicKey can be created in two ways:
- Directly from public key bytes using
ParsedPublicKey::new - By parsing an
UnparsedPublicKeyusingUnparsedPublicKey::parse
This pre-validates the public key format and stores the parsed key material, allowing for more efficient signature verification operations compared to parsing the key on each verification.
See the crate::signature module-level documentation for examples.
Implementations§
Source§impl ParsedPublicKey
impl ParsedPublicKey
Sourcepub fn new<B: AsRef<[u8]>>(
algorithm: &'static dyn VerificationAlgorithm,
bytes: B,
) -> Result<Self, KeyRejected>
pub fn new<B: AsRef<[u8]>>( algorithm: &'static dyn VerificationAlgorithm, bytes: B, ) -> Result<Self, KeyRejected>
Creates a new ParsedPublicKey directly from public key bytes.
This method validates the public key format and creates a ParsedPublicKey
that can be used for efficient signature verification operations.
§Errors
KeyRejected if the public key bytes are malformed or incompatible
with the specified algorithm.
§Examples
use aws_lc_rs::signature::{self, ParsedPublicKey};
let parsed_key = ParsedPublicKey::new(&signature::ED25519, include_bytes!("../tests/data/ed25519_test_public_key.bin"))?;
let signature = [
0xED, 0xDB, 0x67, 0xE9, 0xF7, 0x8C, 0x9A, 0x0, 0xFD, 0xEE, 0x2D, 0x22, 0x21, 0xA3, 0x9A,
0x8A, 0x79, 0xF2, 0x53, 0x88, 0x78, 0xF0, 0xA0, 0x1, 0x80, 0xA, 0x49, 0xA4, 0x17, 0x88,
0xAB, 0x44, 0x4B, 0xD2, 0x58, 0xB0, 0x3B, 0x51, 0x8A, 0x1B, 0x61, 0x24, 0x52, 0x78, 0x48,
0x58, 0x40, 0x5, 0xB5, 0x45, 0x22, 0xB6, 0x40, 0xBD, 0x14, 0x47, 0xB1, 0xF0, 0xDC, 0x13,
0xB3, 0xE9, 0xD0, 0x6,
];
assert!(parsed_key.verify_sig(b"hello world!", &signature).is_ok());
assert!(parsed_key.verify_sig(b"hello world.", &signature).is_err());Sourcepub fn algorithm(&self) -> &'static dyn VerificationAlgorithm
pub fn algorithm(&self) -> &'static dyn VerificationAlgorithm
Returns the algorithm used by this public key.
Sourcepub fn verify_sig(
&self,
message: &[u8],
signature: &[u8],
) -> Result<(), Unspecified>
pub fn verify_sig( &self, message: &[u8], signature: &[u8], ) -> Result<(), Unspecified>
Uses the public key to verify that signature is a valid signature of
message.
This method is more efficient than UnparsedPublicKey::verify when
performing multiple signature verifications with the same public key,
as the key parsing overhead is avoided.
See the crate::signature module-level documentation for examples.
§Errors
error::Unspecified if the signature is invalid or verification fails.
Sourcepub fn verify_digest_sig(
&self,
digest: &Digest,
signature: &[u8],
) -> Result<(), Unspecified>
pub fn verify_digest_sig( &self, digest: &Digest, signature: &[u8], ) -> Result<(), Unspecified>
Uses the public key to verify that signature is a valid signature of
digest.
This method is more efficient than UnparsedPublicKey::verify_digest when
performing multiple signature verifications with the same public key,
as the key parsing overhead is avoided.
See the crate::signature module-level documentation for examples.
§Errors
error::Unspecified if the signature is invalid or verification fails.