[−][src]Struct aws_nitro_enclaves_cose::COSESign1
Implementation of the COSE_Sign1 structure as defined in RFC8152.
The COSE_Sign1 signature structure is used when only one signature is going to be placed on a message. The parameters dealing with the content and the signature are placed in the same pair of buckets rather than having the separation of COSE_Sign.
The structure can be encoded as either tagged or untagged depending on the context it will be used in. A tagged COSE_Sign1 structure is identified by the CBOR tag 18. The CDDL fragment that represents this is:
COSE_Sign1_Tagged = #6.18(COSE_Sign1)
The CBOR object that carries the body, the signature, and the information about the body and signature is called the COSE_Sign1 structure. Examples of COSE_Sign1 messages can be found in Appendix C.2.
The COSE_Sign1 structure is a CBOR array. The fields of the array in order are:
protected: This is as described in Section 3.
unprotected: This is as described in Section 3.
payload: This is as described in Section 4.1.
signature: This field contains the computed signature value. The type of the field is a bstr.
The CDDL fragment that represents the above text for COSE_Sign1 follows.
COSE_Sign1 = [ Headers, payload : bstr / nil, signature : bstr ]
https://tools.ietf.org/html/rfc8152#section-3
Headers = ( protected : empty_or_serialized_map, unprotected : header_map )
header_map = { Generic_Headers, * label => values }
empty_or_serialized_map = bstr .cbor header_map / bstr .size 0
Generic_Headers = ( ? 1 => int / tstr, ; algorithm identifier ? 2 => [+label], ; criticality ? 3 => tstr / int, ; content type ? 4 => bstr, ; key identifier ? 5 => bstr, ; IV ? 6 => bstr, ; Partial IV ? 7 => COSE_Signature / [+COSE_Signature] ; Counter signature )
Note: Currently, the structures are not tagged, since it isn't required by the spec and the only way to achieve this is to add the token at the start of the serialized object, since the serde_cbor library doesn't support custom tags.
Implementations
impl COSESign1
[src]
pub fn new(
payload: &[u8],
unprotected: &HeaderMap,
key: &EcKeyRef<Private>
) -> Result<Self, COSEError>
[src]
payload: &[u8],
unprotected: &HeaderMap,
key: &EcKeyRef<Private>
) -> Result<Self, COSEError>
Creates a COSESign1 structure from the given payload and some unprotected data in the form of a HeaderMap. Signs the content with the given key using the recommedations from the spec and sets the protected part of the document to reflect the algorithm used.
pub fn as_bytes(&self, _tagged: bool) -> Result<Vec<u8>, COSEError>
[src]
Serializes the structure for transport / storage. tagged
is currently unused, but it
will be used to set the #6.18 tag on the object as allowed by the spec.
pub fn from_bytes(bytes: &[u8]) -> Result<Self, COSEError>
[src]
This function deserializes the structure, but doesn't check the contents for correctness at all.
pub fn verify_signature(
&self,
key: &EcKeyRef<Public>
) -> Result<bool, COSEError>
[src]
&self,
key: &EcKeyRef<Public>
) -> Result<bool, COSEError>
This checks the signature included in the structure against the given public key and returns true if the signature matches the given key.
pub fn get_payload(
&self,
key: Option<&EcKeyRef<Public>>
) -> Result<Vec<u8>, COSEError>
[src]
&self,
key: Option<&EcKeyRef<Public>>
) -> Result<Vec<u8>, COSEError>
This gets the payload
of the document. If key
is provided, it only gets the payload
if the signature is correctly verified, otherwise returns
Err(COSEError::UnverifiedSignature)
.
Trait Implementations
impl Clone for COSESign1
[src]
impl Debug for COSESign1
[src]
impl<'de> Deserialize<'de> for COSESign1
[src]
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
[src]
__D: Deserializer<'de>,
impl Serialize for COSESign1
[src]
Auto Trait Implementations
impl RefUnwindSafe for COSESign1
impl Send for COSESign1
impl Sync for COSESign1
impl Unpin for COSESign1
impl UnwindSafe for COSESign1
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DeserializeOwned for T where
T: for<'de> Deserialize<'de>,
[src]
T: for<'de> Deserialize<'de>,
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,