ic_auth_verifier 0.3.1

A Rust library used for integrating with IC-Auth.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

# `ic_auth_verifier`
![License](https://img.shields.io/crates/l/ic_auth_verifier.svg)
[![Crates.io](https://img.shields.io/crates/d/ic_auth_verifier.svg)](https://crates.io/crates/ic_auth_verifier)
[![Test](https://github.com/ldclabs/ic-auth/actions/workflows/test.yml/badge.svg)](https://github.com/ldclabs/ic-auth/actions/workflows/test.yml)
[![Docs.rs](https://img.shields.io/docsrs/ic_auth_verifier?label=docs.rs)](https://docs.rs/ic_auth_verifier)
[![Latest Version](https://img.shields.io/crates/v/ic_auth_verifier.svg)](https://crates.io/crates/ic_auth_verifier)

[IC-Auth](https://github.com/ldclabs/ic-auth) is a web authentication system based on the Internet Computer.

`ic_auth_verifier` is a Rust library for signing and verifying cryptographic signatures in the IC-Auth ecosystem.

## Features

- Verify signatures using multiple cryptographic algorithms:
  - Ed25519
  - ECDSA with secp256k1 curve
  - ECDSA with P-256 curve (secp256r1)
  - Internet Computer Canister Signatures
- Parse and validate DER-encoded public keys
- Compute various hash functions (SHA-256, SHA3-256, Keccak-256)
- Optional envelope functionality (enabled with the `envelope` feature)

## Installation

Add this to your `Cargo.toml`:

```toml
[dependencies]
ic_auth_verifier = "0.3"  # Replace with the latest version
```

To enable the envelope feature:

```toml
[dependencies]
ic_auth_verifier = { version = "0.3", features = ["envelope"] }
```

## Usage

### Basic Signing

```rust
use ic_auth_verifier::SignedEnvelope;

let identity = /* your ICP Identity */;

let message = b"message";
let envelope = SignedEnvelope::sign_message(identity, message)?;
// Adds the SignedEnvelope to the Authorization header to be sent to the service which will verify the signature.
envelope.to_authorization(&mut headers)?;
// Or adds the SignedEnvelope components to the IC-Auth-* HTTP headers.
// envelope.to_headers(&mut headers)?;
```

### Basic Verification

```rust
use ic_auth_verifier::{SignedEnvelope, unix_ms};

let envelope = SignedEnvelope::from_authorization(&headers).unwrap();
// Verify the envelope
envelope.verify(unix_ms(), None, None)?;
```

## License
Copyright © 2024-2025 [LDC Labs](https://github.com/ldclabs).

`ldclabs/ic-auth` is licensed under the MIT License. See [LICENSE](../../LICENSE) for the full license text.