Enum VerificationStrategy

Source

pub enum VerificationStrategy {
    CreativeIntegrity,
    AuthoritativeIntegrity,
    GreedyVerification,
    ExhaustiveVerification,
    MultipleAttestation(Vec<SignatureRole>),
    MultipleAttestationGreedy(Vec<SignatureRole>),
}

Expand description

This enumerates the verifications strategies described in the signing spec.

Variants§

§

CreativeIntegrity

CreativeIntegrity verifies that (a) the key that signs as Creator is a known key, and that the signature is valid.

§

AuthoritativeIntegrity

AuthoritativeIntegrity verifies that at least one of the Creator or Approver keys is known and the signature is valid.

§

GreedyVerification

Verify that the Creator key is known and that all signatures are valid.

This is subject to a DOS attack if a signer can generate intentionally bad signatures.

§

ExhaustiveVerification

Verify that every key on the invoice is known, and that every signature is valid.

§

MultipleAttestation(Vec<SignatureRole>)

Verifies that all signatures of the given roles are valid and signed by known keys.

§

MultipleAttestationGreedy(Vec<SignatureRole>)

Verifies that all signatures of the given roles are valid and signed by known keys. Will also validate unknown signers similar to GreedyVerification

Unknown signers will also be validated. Be aware that doing so may make the validation subject to a special form of DOS attack in which someone can generate a known-bad signature.

Implementations§

Source §

impl VerificationStrategy

A strategy for verifying an invoice.

Source

pub fn verify( &self, invoice: I, keyring: &KeyRing, ) -> Result<VerifiedInvoice, SignatureError>
where I: Borrow<Invoice> + Into<Invoice>,

Verify that every signature on this invoice is correct.

The verification strategy will determine how this verification is performed. Depending on the selected strategy, the [[signature]] blocks will be evaluated for the following:

Is the key in the keyring?
Can the signature be verified?

Note that the purpose of the keyring is to ensure that we know about the entity that claims to have signed the invoice.

If no signatures are on the invoice, this will succeed.

A strategy will determine success or failure based on whether the signature is verified, whether the keys are known, whether the requisite number/roles are satisfied, and so on.

Trait Implementations§

Source §

impl Clone for VerificationStrategy

Source §

fn clone(&self) -> VerificationStrategy

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Source §

impl Debug for VerificationStrategy

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl Default for VerificationStrategy

Source §

fn default() -> Self

Returns the “default value” for a type. Read more

Source §

impl<'de> Deserialize<'de> for VerificationStrategy

Manual implementation of deserialize due to TOML not supporting “newtype” enum variants. This deserializes using the same parsing rules as FromStr

Source §

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

Source §

impl FromStr for VerificationStrategy

This implementation will parse the strategy from a string. MultipleAttestation strategies should be of the format MultipleAttestation[Creator, Approver]

Source §

type Err = &'static str

The associated error which can be returned from parsing.

Source §

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more

Auto Trait Implementations§

§

impl UnwindSafe for VerificationStrategy

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> CloneToUninit for T
where T: Clone,

Source §

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T> Instrument for T

Source §

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Source §

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T> Instrument for T

Source §

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Source §

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §