Trait c2pa::Signer

source · 
pub trait Signer {
    // Required methods
    fn sign(&self, data: &[u8]) -> Result<Vec<u8>>;
    fn alg(&self) -> SigningAlg;
    fn certs(&self) -> Result<Vec<Vec<u8>>>;
    fn reserve_size(&self) -> usize;

    // Provided methods
    fn time_authority_url(&self) -> Option<String> { ... }
    fn timestamp_request_headers(&self) -> Option<Vec<(String, String)>> { ... }
    fn timestamp_request_body(&self, message: &[u8]) -> Result<Vec<u8>> { ... }
    fn send_timestamp_request(&self, message: &[u8]) -> Option<Result<Vec<u8>>> { ... }
    fn ocsp_val(&self) -> Option<Vec<u8>> { ... }
    fn direct_cose_handling(&self) -> bool { ... }
}
Expand description

The Signer trait generates a cryptographic signature over a byte array.

This trait exists to allow the signature mechanism to be extended.

Required Methods§

source

fn sign(&self, data: &[u8]) -> Result<Vec<u8>>

Returns a new byte array which is a signature over the original.

source

fn alg(&self) -> SigningAlg

Returns the algorithm of the Signer.

source

fn certs(&self) -> Result<Vec<Vec<u8>>>

Returns the certificates as a Vec containing a Vec of DER bytes for each certificate.

source

fn reserve_size(&self) -> usize

Returns the size in bytes of the largest possible expected signature. Signing will fail if the result of the sign function is larger than this value.

Provided Methods§

source

fn time_authority_url(&self) -> Option<String>

URL for time authority to time stamp the signature

source

fn timestamp_request_headers(&self) -> Option<Vec<(String, String)>>

Additional request headers to pass to the time stamp authority.

IMPORTANT: You should not include the “Content-type” header here. That is provided by default.

source

fn timestamp_request_body(&self, message: &[u8]) -> Result<Vec<u8>>

source

fn send_timestamp_request(&self, message: &[u8]) -> Option<Result<Vec<u8>>>

Available on non-WebAssembly only.

Request RFC 3161 timestamp to be included in the manifest data structure.

message is a preliminary hash of the claim

The default implementation will send the request to the URL provided by Self::time_authority_url(), if any.

source

fn ocsp_val(&self) -> Option<Vec<u8>>

OCSP response for the signing cert if available This is the only C2PA supported cert revocation method. By pre-querying the value for a your signing cert the value can be cached taking pressure off of the CA (recommended by C2PA spec)

source

fn direct_cose_handling(&self) -> bool

If this returns true the sign function is responsible for for direct handling of the COSE structure.

This is useful for cases where the signer needs to handle the COSE structure directly. Not recommended for general use.

Implementors§