pub trait Signer {
// Required methods
fn sign(&self, data: &[u8]) -> Result<Vec<u8>>;
fn alg(&self) -> SigningAlg;
fn certs(&self) -> Result<Vec<Vec<u8>>>;
fn reserve_size(&self) -> usize;
// Provided methods
fn time_authority_url(&self) -> Option<String> { ... }
fn timestamp_request_headers(&self) -> Option<Vec<(String, String)>> { ... }
fn timestamp_request_body(&self, message: &[u8]) -> Result<Vec<u8>> { ... }
fn send_timestamp_request(&self, message: &[u8]) -> Option<Result<Vec<u8>>> { ... }
fn ocsp_val(&self) -> Option<Vec<u8>> { ... }
fn direct_cose_handling(&self) -> bool { ... }
}
Expand description
The Signer
trait generates a cryptographic signature over a byte array.
This trait exists to allow the signature mechanism to be extended.
Required Methods§
sourcefn sign(&self, data: &[u8]) -> Result<Vec<u8>>
fn sign(&self, data: &[u8]) -> Result<Vec<u8>>
Returns a new byte array which is a signature over the original.
sourcefn alg(&self) -> SigningAlg
fn alg(&self) -> SigningAlg
Returns the algorithm of the Signer.
sourcefn certs(&self) -> Result<Vec<Vec<u8>>>
fn certs(&self) -> Result<Vec<Vec<u8>>>
Returns the certificates as a Vec containing a Vec of DER bytes for each certificate.
sourcefn reserve_size(&self) -> usize
fn reserve_size(&self) -> usize
Returns the size in bytes of the largest possible expected signature.
Signing will fail if the result of the sign
function is larger
than this value.
Provided Methods§
URL for time authority to time stamp the signature
sourcefn timestamp_request_headers(&self) -> Option<Vec<(String, String)>>
fn timestamp_request_headers(&self) -> Option<Vec<(String, String)>>
Additional request headers to pass to the time stamp authority.
IMPORTANT: You should not include the “Content-type” header here. That is provided by default.
fn timestamp_request_body(&self, message: &[u8]) -> Result<Vec<u8>>
sourcefn send_timestamp_request(&self, message: &[u8]) -> Option<Result<Vec<u8>>>
Available on non-WebAssembly only.
fn send_timestamp_request(&self, message: &[u8]) -> Option<Result<Vec<u8>>>
Request RFC 3161 timestamp to be included in the manifest data structure.
message
is a preliminary hash of the claim
The default implementation will send the request to the URL
provided by Self::time_authority_url()
, if any.
sourcefn ocsp_val(&self) -> Option<Vec<u8>>
fn ocsp_val(&self) -> Option<Vec<u8>>
OCSP response for the signing cert if available This is the only C2PA supported cert revocation method. By pre-querying the value for a your signing cert the value can be cached taking pressure off of the CA (recommended by C2PA spec)
sourcefn direct_cose_handling(&self) -> bool
fn direct_cose_handling(&self) -> bool
If this returns true the sign function is responsible for for direct handling of the COSE structure.
This is useful for cases where the signer needs to handle the COSE structure directly. Not recommended for general use.