Skip to main content

Signature

cdx_core::security

Struct Signature 

Source 
pub struct Signature {
    pub id: String,
    pub algorithm: SignatureAlgorithm,
    pub signed_at: DateTime<Utc>,
    pub signer: SignerInfo,
    pub value: String,
    pub certificate_chain: Option<Vec<String>>,
    pub scope: Option<SignatureScope>,
    pub timestamp: Option<TrustedTimestamp>,
    pub webauthn: Option<WebAuthnSignature>,
}
Available on crate feature signatures only.
Expand description

A digital signature.

Fields§

§id: String

Unique signature identifier.

§algorithm: SignatureAlgorithm

Signature algorithm.

§signed_at: DateTime<Utc>

Signing timestamp.

§signer: SignerInfo

Signer information.

§value: String

Base64-encoded signature value.

For standard signatures, this contains the signature bytes. For WebAuthn signatures, this may be empty if webauthn is present.

§certificate_chain: Option<Vec<String>>

Optional certificate chain.

§scope: Option<SignatureScope>

Optional signature scope for layout attestation.

When present, the signature covers the scope object (serialized with JCS) instead of just the document ID. This allows signatures to attest to specific layout renditions in addition to the semantic content.

§timestamp: Option<TrustedTimestamp>

Optional RFC 3161 trusted timestamp token.

§webauthn: Option<WebAuthnSignature>

Optional WebAuthn/FIDO2 signature data.

When present, this contains the full WebAuthn assertion data instead of using the value field. The document ID is used as the challenge for WebAuthn verification.

Implementations§

Source§

impl Signature

Source

pub fn new( id: impl Into<String>, algorithm: SignatureAlgorithm, signer: SignerInfo, value: impl Into<String>, ) -> Self

Create a new signature.

Source

pub fn new_webauthn( id: impl Into<String>, signer: SignerInfo, webauthn: WebAuthnSignature, ) -> Self

Create a new WebAuthn signature.

WebAuthn signatures use ES256 algorithm and store the full assertion data rather than a simple signature value.

Source

pub fn with_scope(self, scope: SignatureScope) -> Self

Set the signature scope for layout attestation.

Source

pub fn with_timestamp(self, timestamp: TrustedTimestamp) -> Self

Set the trusted timestamp for this signature.

Source

pub fn is_scoped(&self) -> bool

Check if this signature has a scope (scoped signature).

Source

pub fn is_webauthn(&self) -> bool

Check if this is a WebAuthn signature.

Source

pub fn webauthn_data(&self) -> Option<&WebAuthnSignature>

Get the WebAuthn signature data, if present.

Trait Implementations§

Source§

impl Clone for Signature

Source§

fn clone(&self) -> Signature

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Signature

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for Signature

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl PartialEq for Signature

Source§

fn eq(&self, other: &Signature) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for Signature

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for Signature

Source§

impl StructuralPartialEq for Signature

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,