canic_core/dto/
auth.rs

1use crate::dto::{error::Error, prelude::*, rpc::RootRequestMetadata};
2
3//
4// DelegationAudience
5//
6
7#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
8pub enum DelegationAudience {
9    Any,
10    Roles(Vec<CanisterRole>),
11}
12
13//
14// SignatureAlgorithmV2
15//
16
17#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
18pub enum SignatureAlgorithmV2 {
19    EcdsaP256Sha256,
20}
21
22//
23// DelegationAudienceV2
24//
25
26#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
27pub enum DelegationAudienceV2 {
28    Roles(Vec<CanisterRole>),
29    Principals(Vec<Principal>),
30    RolesOrPrincipals {
31        roles: Vec<CanisterRole>,
32        principals: Vec<Principal>,
33    },
34}
35
36//
37// RootKeyAuthorityV2
38//
39
40#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
41pub struct RootKeyAuthorityV2 {
42    pub authority_key_id: String,
43    pub authority_alg: SignatureAlgorithmV2,
44    pub authority_public_key_sec1: Vec<u8>,
45    pub authority_key_hash: [u8; 32],
46}
47
48//
49// RootKeyCertificateV2
50//
51
52#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
53pub struct RootKeyCertificateV2 {
54    pub root_pid: Principal,
55    pub key_id: String,
56    pub alg: SignatureAlgorithmV2,
57    pub public_key_sec1: Vec<u8>,
58    pub key_hash: [u8; 32],
59    pub not_before: u64,
60    pub not_after: Option<u64>,
61    pub authority_sig: Vec<u8>,
62}
63
64//
65// RootPublicKeyV2
66//
67
68#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
69pub struct RootPublicKeyV2 {
70    pub root_pid: Principal,
71    pub key_id: String,
72    pub alg: SignatureAlgorithmV2,
73    pub public_key_sec1: Vec<u8>,
74    pub key_hash: [u8; 32],
75    pub not_before: u64,
76    pub not_after: Option<u64>,
77}
78
79//
80// RootKeySetV2
81//
82
83#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
84pub struct RootKeySetV2 {
85    pub keys: Vec<RootPublicKeyV2>,
86}
87
88//
89// ShardKeyBindingV2
90//
91
92#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
93pub enum ShardKeyBindingV2 {
94    IcThresholdEcdsa {
95        key_name_hash: [u8; 32],
96        derivation_path_hash: [u8; 32],
97    },
98}
99
100//
101// DelegationCertV2
102//
103
104#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
105pub struct DelegationCertV2 {
106    pub version: u16,
107    pub root_pid: Principal,
108    pub root_key_id: String,
109    pub root_key_hash: [u8; 32],
110    pub alg: SignatureAlgorithmV2,
111    pub shard_pid: Principal,
112    pub shard_key_id: String,
113    pub shard_public_key_sec1: Vec<u8>,
114    pub shard_key_hash: [u8; 32],
115    pub shard_key_binding: ShardKeyBindingV2,
116    pub issued_at: u64,
117    pub expires_at: u64,
118    pub max_token_ttl_secs: u64,
119    pub scopes: Vec<String>,
120    pub aud: DelegationAudienceV2,
121    pub verifier_role_hash: Option<[u8; 32]>,
122}
123
124//
125// DelegationProofV2
126//
127
128#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
129pub struct DelegationProofV2 {
130    pub cert: DelegationCertV2,
131    pub root_sig: Vec<u8>,
132    pub root_public_key_sec1: Option<Vec<u8>>,
133    pub root_key_cert: Option<RootKeyCertificateV2>,
134}
135
136//
137// DelegatedTokenClaimsV2
138//
139
140#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
141pub struct DelegatedTokenClaimsV2 {
142    pub version: u16,
143    pub subject: Principal,
144    pub issuer_shard_pid: Principal,
145    pub cert_hash: [u8; 32],
146    pub issued_at: u64,
147    pub expires_at: u64,
148    pub aud: DelegationAudienceV2,
149    pub scopes: Vec<String>,
150    pub nonce: [u8; 16],
151}
152
153//
154// DelegatedTokenV2
155//
156
157#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
158pub struct DelegatedTokenV2 {
159    pub claims: DelegatedTokenClaimsV2,
160    pub proof: DelegationProofV2,
161    pub shard_sig: Vec<u8>,
162}
163
164//
165// DelegationCert
166//
167
168#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
169pub struct DelegationCert {
170    pub root_pid: Principal,
171    pub shard_pid: Principal,
172    pub issued_at: u64,
173    pub expires_at: u64,
174    pub scopes: Vec<String>,
175    pub aud: DelegationAudience,
176}
177
178//
179// DelegationProof
180//
181
182#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
183pub struct DelegationProof {
184    pub cert: DelegationCert,
185    pub cert_sig: Vec<u8>,
186}
187
188//
189// DelegationProofInstallIntent
190//
191
192#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq)]
193pub enum DelegationProofInstallIntent {
194    Provisioning,
195    Repair,
196}
197
198//
199// DelegationProofInstallRequest
200//
201
202#[derive(CandidType, Clone, Debug, Deserialize)]
203pub struct DelegationProofInstallRequest {
204    pub proof: DelegationProof,
205    pub intent: DelegationProofInstallIntent,
206    #[serde(default)]
207    pub root_public_key_sec1: Option<Vec<u8>>,
208    pub shard_public_key_sec1: Vec<u8>,
209}
210
211//
212// DelegatedTokenClaims
213//
214
215#[derive(CandidType, Clone, Debug, Deserialize)]
216pub struct DelegatedTokenClaims {
217    pub sub: Principal,
218    pub shard_pid: Principal,
219    pub scopes: Vec<String>,
220    pub aud: DelegationAudience,
221    pub iat: u64,
222    pub exp: u64,
223    // Optional signed application payload. CANIC preserves this field but does
224    // not interpret it; applications own its schema and authorization meaning.
225    #[serde(default)]
226    pub ext: Option<Vec<u8>>,
227}
228
229//
230// DelegatedToken
231//
232
233#[derive(CandidType, Clone, Debug, Deserialize)]
234pub struct DelegatedToken {
235    pub claims: DelegatedTokenClaims,
236    pub proof: DelegationProof,
237    pub token_sig: Vec<u8>,
238}
239
240//
241// DelegationRequest
242//
243
244#[derive(CandidType, Clone, Debug, Deserialize)]
245pub struct DelegationRequest {
246    pub shard_pid: Principal,
247    pub scopes: Vec<String>,
248    pub aud: DelegationAudience,
249    pub ttl_secs: u64,
250    pub shard_public_key_sec1: Vec<u8>,
251    #[serde(default)]
252    pub metadata: Option<RootRequestMetadata>,
253}
254
255//
256// RoleAttestationRequest
257//
258
259#[derive(CandidType, Clone, Debug, Deserialize)]
260pub struct RoleAttestationRequest {
261    pub subject: Principal,
262    pub role: CanisterRole,
263    #[serde(default)]
264    pub subnet_id: Option<Principal>,
265    #[serde(default)]
266    pub audience: Option<Principal>,
267    pub ttl_secs: u64,
268    pub epoch: u64,
269    #[serde(default)]
270    pub metadata: Option<RootRequestMetadata>,
271}
272
273//
274// RoleAttestation
275//
276
277#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
278pub struct RoleAttestation {
279    pub subject: Principal,
280    pub role: CanisterRole,
281    #[serde(default)]
282    pub subnet_id: Option<Principal>,
283    #[serde(default)]
284    pub audience: Option<Principal>,
285    pub issued_at: u64,
286    pub expires_at: u64,
287    pub epoch: u64,
288}
289
290//
291// SignedRoleAttestation
292//
293
294#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
295pub struct SignedRoleAttestation {
296    pub payload: RoleAttestation,
297    pub signature: Vec<u8>,
298    pub key_id: u32,
299}
300
301//
302// AttestationKeyStatus
303//
304
305#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq)]
306pub enum AttestationKeyStatus {
307    Current,
308    Previous,
309}
310
311//
312// AttestationKey
313//
314
315#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
316pub struct AttestationKey {
317    pub key_id: u32,
318    pub public_key: Vec<u8>,
319    pub status: AttestationKeyStatus,
320    #[serde(default)]
321    pub valid_from: Option<u64>,
322    #[serde(default)]
323    pub valid_until: Option<u64>,
324}
325
326//
327// AttestationKeySet
328//
329
330#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
331pub struct AttestationKeySet {
332    pub root_pid: Principal,
333    pub generated_at: u64,
334    pub keys: Vec<AttestationKey>,
335}
336
337// Canonical delegation issuance response. Fanout results are verifier-only.
338//
339// DelegationProvisionResponse
340//
341
342#[derive(CandidType, Clone, Debug, Deserialize, Serialize)]
343pub struct DelegationProvisionResponse {
344    pub proof: DelegationProof,
345    pub results: Vec<DelegationProvisionTargetResponse>,
346}
347
348//
349// DelegationVerifierProofPushRequest
350//
351
352#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
353pub struct DelegationVerifierProofPushRequest {
354    pub proof: DelegationProof,
355    pub verifier_targets: Vec<Principal>,
356}
357
358//
359// DelegationVerifierProofPushResponse
360//
361
362#[derive(CandidType, Clone, Debug, Deserialize)]
363pub struct DelegationVerifierProofPushResponse {
364    pub results: Vec<DelegationProvisionTargetResponse>,
365}
366
367//
368// DelegationProofStatus
369//
370
371#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
372pub struct DelegationProofStatus {
373    pub shard_pid: Principal,
374    pub issued_at: u64,
375    pub expires_at: u64,
376}
377
378#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
379pub enum DelegationProvisionStatus {
380    Ok,
381    Failed,
382}
383
384//
385// DelegationAdminCommand
386//
387
388#[derive(CandidType, Clone, Debug, Deserialize)]
389pub enum DelegationAdminCommand {
390    RepairVerifiers(DelegationVerifierProofPushRequest),
391}
392
393//
394// DelegationAdminResponse
395//
396
397#[derive(CandidType, Clone, Debug, Deserialize)]
398pub enum DelegationAdminResponse {
399    RepairedVerifiers {
400        result: DelegationVerifierProofPushResponse,
401    },
402}
403
404//
405// DelegationProvisionTargetResponse
406//
407
408#[derive(CandidType, Clone, Debug, Deserialize, Serialize)]
409pub struct DelegationProvisionTargetResponse {
410    pub target: Principal,
411    pub status: DelegationProvisionStatus,
412    pub error: Option<Error>,
413}
canic_core/dto/auth.rs

canic_core/dto/
auth.rs
