Struct jaws::algorithms::ecdsa::VerifyingKey

source · 
pub struct VerifyingKey<C>where
    C: PrimeCurve + CurveArithmetic,{ /* private fields */ }
Expand description

ECDSA public key used for verifying signatures. Generic over prime order elliptic curves (e.g. NIST P-curves)

Requires an elliptic_curve::CurveArithmetic impl on the curve, and a VerifyPrimitive impl on its associated AffinePoint type.

Usage

The signature crate defines the following traits which are the primary API for verifying:

  • Verifier: verify a message against a provided key and signature
  • DigestVerifier: verify a message Digest against a provided key and signature
  • PrehashVerifier: verify the low-level raw output bytes of a message digest

See the p256 crate for examples of using this type with a concrete elliptic curve.

serde support

When the serde feature of this crate is enabled, it provides support for serializing and deserializing ECDSA signatures using the Serialize and Deserialize traits.

The serialization leverages the encoding used by the PublicKey type, which is a binary-oriented ASN.1 DER encoding.

Implementations§

source§

impl<C> VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: DecompressPoint<C> + FromEncodedPoint<C> + ToEncodedPoint<C> + VerifyPrimitive<C>, <C as Curve>::FieldBytesSize: ModulusSize, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source

pub fn recover_from_msg( msg: &[u8], signature: &Signature<C>, recovery_id: RecoveryId ) -> Result<VerifyingKey<C>, Error>where C: DigestPrimitive,

Recover a VerifyingKey from the given message, signature, and RecoveryId.

The message is first hashed using this curve’s DigestPrimitive.

source

pub fn recover_from_digest<D>( msg_digest: D, signature: &Signature<C>, recovery_id: RecoveryId ) -> Result<VerifyingKey<C>, Error>where D: Digest,

Recover a VerifyingKey from the given message Digest, signature, and RecoveryId.

source

pub fn recover_from_prehash( prehash: &[u8], signature: &Signature<C>, recovery_id: RecoveryId ) -> Result<VerifyingKey<C>, Error>

Recover a VerifyingKey from the given prehash of a message, the signature over that prehashed message, and a RecoveryId.

source§

impl<C> VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

source

pub fn from_sec1_bytes(bytes: &[u8]) -> Result<VerifyingKey<C>, Error>

Initialize VerifyingKey from a SEC1-encoded public key.

source

pub fn from_affine( affine: <C as CurveArithmetic>::AffinePoint ) -> Result<VerifyingKey<C>, Error>

Initialize VerifyingKey from an affine point.

Returns an Error if the given affine point is the additive identity (a.k.a. point at infinity).

source

pub fn from_encoded_point( public_key: &EncodedPoint<<C as Curve>::FieldBytesSize> ) -> Result<VerifyingKey<C>, Error>

Initialize VerifyingKey from an EncodedPoint.

source

pub fn to_encoded_point( &self, compress: bool ) -> EncodedPoint<<C as Curve>::FieldBytesSize>

Serialize this VerifyingKey as a SEC1 EncodedPoint, optionally applying point compression.

source

pub fn to_sec1_bytes(&self) -> Box<[u8]>where C: PointCompression,

Convert this VerifyingKey into the Elliptic-Curve-Point-to-Octet-String encoding described in SEC 1: Elliptic Curve Cryptography (Version 2.0) section 2.3.3 (page 10).

http://www.secg.org/sec1-v2.pdf

source

pub fn as_affine(&self) -> &<C as CurveArithmetic>::AffinePoint

Borrow the inner AffinePoint for this public key.

Trait Implementations§

source§

impl<C> AsRef<<C as CurveArithmetic>::AffinePoint> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

source§

fn as_ref(&self) -> &<C as CurveArithmetic>::AffinePoint

Converts this type into a shared reference of the (usually inferred) input type.
source§

impl<C> AsRef<VerifyingKey<C>> for SigningKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::Scalar: Invert<Output = CtOption<<C as CurveArithmetic>::Scalar>> + SignPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn as_ref(&self) -> &VerifyingKey<C>

Converts this type into a shared reference of the (usually inferred) input type.
source§

impl<C> AssociatedAlgorithmIdentifier for VerifyingKey<C>where C: AssociatedOid + CurveArithmetic + PrimeCurve, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

§

type Params = ObjectIdentifier

Algorithm parameters.
source§

const ALGORITHM_IDENTIFIER: AlgorithmIdentifier<ObjectIdentifier> = PublicKey<C>::ALGORITHM_IDENTIFIER

AlgorithmIdentifier for this structure.
source§

impl<C> Clone for VerifyingKey<C>where C: Clone + PrimeCurve + CurveArithmetic,

source§

fn clone(&self) -> VerifyingKey<C>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<C> Debug for VerifyingKey<C>where C: Debug + PrimeCurve + CurveArithmetic,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
source§

impl DigestVerifier<<NistP256 as DigestPrimitive>::Digest, SignatureBytes> for VerifyingKey<NistP256>

source§

fn verify_digest( &self, digest: <NistP256 as DigestPrimitive>::Digest, signature: &SignatureBytes ) -> Result<(), Error>

Verify the signature against the given Digest output.
source§

impl DigestVerifier<<NistP384 as DigestPrimitive>::Digest, SignatureBytes> for VerifyingKey<NistP384>

source§

fn verify_digest( &self, digest: <NistP384 as DigestPrimitive>::Digest, signature: &SignatureBytes ) -> Result<(), Error>

Verify the signature against the given Digest output.
source§

impl<C, D> DigestVerifier<D, Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, D: Digest<OutputSize = <C as Curve>::FieldBytesSize> + FixedOutput, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn verify_digest( &self, msg_digest: D, signature: &Signature<C> ) -> Result<(), Error>

Verify the signature against the given Digest output.
source§

impl<C, D> DigestVerifier<D, Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, D: Digest<OutputSize = <C as Curve>::FieldBytesSize> + FixedOutput, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8> + Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>, <<<C as Curve>::FieldBytesSize as Add>::Output as Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>>::Output: ArrayLength<u8>,

source§

fn verify_digest( &self, msg_digest: D, signature: &Signature<C> ) -> Result<(), Error>

Verify the signature against the given Digest output.
source§

impl<C> EncodePublicKey for VerifyingKey<C>where C: PrimeCurve + AssociatedOid + CurveArithmetic + PointCompression, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

source§

fn to_public_key_der(&self) -> Result<Document, Error>

Serialize a [Document] containing a SPKI-encoded public key.
§

fn to_public_key_pem(&self, line_ending: LineEnding) -> Result<String, Error>

Serialize this public key as PEM-encoded SPKI with the given LineEnding.
§

fn write_public_key_der_file(&self, path: impl AsRef<Path>) -> Result<(), Error>

Write ASN.1 DER-encoded public key to the given path
§

fn write_public_key_pem_file( &self, path: impl AsRef<Path>, line_ending: LineEnding ) -> Result<(), Error>

Write ASN.1 DER-encoded public key to the given path
source§

impl<C> From<&PublicKey<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic,

source§

fn from(public_key: &PublicKey<C>) -> VerifyingKey<C>

Converts to this type from the input type.
source§

impl<C> From<&SigningKey<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::Scalar: Invert<Output = CtOption<<C as CurveArithmetic>::Scalar>> + SignPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn from(signing_key: &SigningKey<C>) -> VerifyingKey<C>

Converts to this type from the input type.
source§

impl<C> From<PublicKey<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic,

source§

fn from(public_key: PublicKey<C>) -> VerifyingKey<C>

Converts to this type from the input type.
source§

impl<C> From<SigningKey<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::Scalar: Invert<Output = CtOption<<C as CurveArithmetic>::Scalar>> + SignPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn from(signing_key: SigningKey<C>) -> VerifyingKey<C>

Converts to this type from the input type.
source§

impl<C> FromStr for VerifyingKey<C>where C: PrimeCurve + AssociatedOid + CurveArithmetic + PointCompression, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

§

type Err = Error

The associated error which can be returned from parsing.
source§

fn from_str(s: &str) -> Result<VerifyingKey<C>, Error>

Parses a string s to return a value of this type. Read more
source§

impl<C> JWKeyType for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic + JwkParameters,

source§

const KEY_TYPE: &'static str = "EC"

The string used to identify the JWK type in the kty field.
source§

impl JoseAlgorithm for VerifyingKey<NistP256>

source§

const IDENTIFIER: AlgorithmIdentifier = crate::algorithms::AlgorithmIdentifier::ES256

The identifier for this algorithm when used in a JWT registered header. Read more
source§

impl JoseAlgorithm for VerifyingKey<NistP384>

source§

const IDENTIFIER: AlgorithmIdentifier = crate::algorithms::AlgorithmIdentifier::ES384

The identifier for this algorithm when used in a JWT registered header. Read more
source§

impl JoseDigestAlgorithm for VerifyingKey<NistP256>

§

type Digest = <NistP256 as DigestPrimitive>::Digest

The digest algorithm used by this signature.
source§

impl JoseDigestAlgorithm for VerifyingKey<NistP384>

§

type Digest = <NistP384 as DigestPrimitive>::Digest

The digest algorithm used by this signature.
source§

impl<C> Ord for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

source§

fn cmp(&self, other: &VerifyingKey<C>) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · source§

fn max(self, other: Self) -> Selfwhere Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · source§

fn min(self, other: Self) -> Selfwhere Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · source§

fn clamp(self, min: Self, max: Self) -> Selfwhere Self: Sized + PartialOrd,

Restrict a value to a certain interval. Read more
source§

impl<C> PartialEq for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic,

source§

fn eq(&self, other: &VerifyingKey<C>) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl<C> PartialOrd for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

source§

fn partial_cmp(&self, other: &VerifyingKey<C>) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · source§

fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · source§

fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · source§

fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · source§

fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more
source§

impl<C> PrehashVerifier<Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic + DigestPrimitive, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8> + Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>, <<<C as Curve>::FieldBytesSize as Add>::Output as Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>>::Output: ArrayLength<u8>,

source§

fn verify_prehash( &self, prehash: &[u8], signature: &Signature<C> ) -> Result<(), Error>

Use Self to verify that the provided signature for a given message prehash is authentic. Read more
source§

impl<C> PrehashVerifier<Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn verify_prehash( &self, prehash: &[u8], signature: &Signature<C> ) -> Result<(), Error>

Use Self to verify that the provided signature for a given message prehash is authentic. Read more
source§

impl<C> SerializeJWK for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic + JwkParameters, AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>, FieldBytesSize<C>: ModulusSize,

source§

fn parameters(&self) -> Vec<(String, Value)>

Return a list of parameters to be serialized in the JWK.
source§

impl<C> SignatureAlgorithmIdentifier for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize, Signature<C>: AssociatedAlgorithmIdentifier<Params = AnyRef<'static>>,

§

type Params = AnyRef<'static>

Algorithm parameters.
source§

const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifier<<VerifyingKey<C> as SignatureAlgorithmIdentifier>::Params> = Signature<C>::ALGORITHM_IDENTIFIER

AlgorithmIdentifier for the corresponding singature system.
source§

impl<C> TryFrom<&[u8]> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(bytes: &[u8]) -> Result<VerifyingKey<C>, Error>

Performs the conversion.
source§

impl<C> TryFrom<SubjectPublicKeyInfo<AnyRef<'_>, BitStringRef<'_>>> for VerifyingKey<C>where C: PrimeCurve + AssociatedOid + CurveArithmetic + PointCompression, <C as CurveArithmetic>::AffinePoint: FromEncodedPoint<C> + ToEncodedPoint<C>, <C as Curve>::FieldBytesSize: ModulusSize,

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( spki: SubjectPublicKeyInfo<AnyRef<'_>, BitStringRef<'_>> ) -> Result<VerifyingKey<C>, Error>

Performs the conversion.
source§

impl<C> Verifier<Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic + DigestPrimitive, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8> + Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>, <<<C as Curve>::FieldBytesSize as Add>::Output as Add<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B1>>>::Output: ArrayLength<u8>,

source§

fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<(), Error>

Use Self to verify that the provided signature for a given message bytestring is authentic. Read more
source§

impl<C> Verifier<Signature<C>> for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic + DigestPrimitive, <C as CurveArithmetic>::AffinePoint: VerifyPrimitive<C>, <<C as Curve>::FieldBytesSize as Add>::Output: ArrayLength<u8>,

source§

fn verify(&self, msg: &[u8], signature: &Signature<C>) -> Result<(), Error>

Use Self to verify that the provided signature for a given message bytestring is authentic. Read more
source§

impl<C> Copy for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic,

source§

impl<C> Eq for VerifyingKey<C>where C: PrimeCurve + CurveArithmetic,

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> DecodePublicKey for Twhere T: for<'a> TryFrom<SubjectPublicKeyInfo<AnyRef<'a>, BitStringRef<'a>>, Error = Error>,

§

fn from_public_key_der(bytes: &[u8]) -> Result<T, Error>

Deserialize object from ASN.1 DER-encoded [SubjectPublicKeyInfo] (binary format).
§

fn from_public_key_pem(s: &str) -> Result<Self, Error>

Deserialize PEM-encoded [SubjectPublicKeyInfo]. Read more
§

fn read_public_key_der_file(path: impl AsRef<Path>) -> Result<Self, Error>

Load public key object from an ASN.1 DER-encoded file on the local filesystem (binary format).
§

fn read_public_key_pem_file(path: impl AsRef<Path>) -> Result<Self, Error>

Load public key object from a PEM-encoded file on the local filesystem.
§

impl<T> DecodeRsaPublicKey for Twhere T: for<'a> TryFrom<SubjectPublicKeyInfo<AnyRef<'a>, BitStringRef<'a>>, Error = Error>,

§

fn from_pkcs1_der(public_key: &[u8]) -> Result<T, Error>

Deserialize object from ASN.1 DER-encoded [RsaPublicKey] (binary format).
§

fn from_pkcs1_pem(s: &str) -> Result<Self, Error>

Deserialize PEM-encoded [RsaPublicKey]. Read more
§

fn read_pkcs1_der_file(path: impl AsRef<Path>) -> Result<Self, Error>

Load [RsaPublicKey] from an ASN.1 DER-encoded file on the local filesystem (binary format).
§

fn read_pkcs1_pem_file(path: impl AsRef<Path>) -> Result<Self, Error>

Load [RsaPublicKey] from a PEM-encoded file on the local filesystem.
§

impl<T> DynAssociatedAlgorithmIdentifier for Twhere T: AssociatedAlgorithmIdentifier,

§

fn algorithm_identifier(&self) -> Result<AlgorithmIdentifier<Any>, Error>

AlgorithmIdentifier for this structure.
source§

impl<T> DynJoseAlgorithm for Twhere T: JoseAlgorithm,

source§

fn identifier(&self) -> AlgorithmIdentifier

The identifier for this algorithm when used in a JWT registered header.
source§

impl<T> DynJwkKeyType for Twhere T: JWKeyType,

source§

fn key_type(&self) -> &'static str

The string used to identify the JWK type in the kty field.
§

impl<T> DynSignatureAlgorithmIdentifier for Twhere T: SignatureAlgorithmIdentifier,

§

fn signature_algorithm_identifier( &self ) -> Result<AlgorithmIdentifier<Any>, Error>

AlgorithmIdentifier for the corresponding singature system.
§

impl<T> EncodeRsaPublicKey for Twhere T: EncodePublicKey,

§

fn to_pkcs1_der(&self) -> Result<Document, Error>

Serialize a [Document] containing a PKCS#1-encoded public key.
§

fn to_pkcs1_pem(&self, line_ending: LineEnding) -> Result<String, Error>

Serialize this public key as PEM-encoded PKCS#1 with the given line ending.
§

fn write_pkcs1_der_file(&self, path: impl AsRef<Path>) -> Result<(), Error>

Write ASN.1 DER-encoded public key to the given path.
§

fn write_pkcs1_pem_file( &self, path: impl AsRef<Path>, line_ending: LineEnding ) -> Result<(), Error>

Write ASN.1 DER-encoded public key to the given path.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V