Skip to main content

ma_did/
lib.rs

1#![forbid(unsafe_code)]
2//! # ma-did
3//!
4//! DID and message primitives for the `did:ma:` method.
5//!
6//! This crate provides everything needed to create, sign, and verify DID
7//! documents and encrypted actor-to-actor messages.
8//!
9//! ## Quick Start — Identity
10//!
11//! ```rust
12//! use ma_did::{generate_identity_from_secret, Did};
13//!
14//! // Generate a complete identity from an application-managed secret
15//! let secret = [7u8; 32];
16//! let identity = generate_identity_from_secret(secret).unwrap();
17//!
18//! // The document is already signed and valid
19//! identity.document.verify().unwrap();
20//! identity.document.validate().unwrap();
21//!
22//! // Serialize to JSON or CBOR
23//! let json = identity.document.marshal().unwrap();
24//! let cbor = identity.document.to_cbor().unwrap();
25//! ```
26//!
27//! If your application already has a resolved IPNS identifier, use
28//! `generate_identity(ipns)` as the explicit low-level path.
29//!
30//! ## Quick Start — Messages
31//!
32//! ```rust
33//! use ma_did::{generate_identity_from_secret, Message, SigningKey, Did};
34//!
35//! let alice = generate_identity_from_secret([1u8; 32]).unwrap();
36//! let bob = generate_identity_from_secret([2u8; 32]).unwrap();
37//!
38//! // Reconstruct signing key from stored private key bytes
39//! let alice_sign_url = Did::new_url(&alice.subject_url.ipns, None::<String>).unwrap();
40//! let alice_signing_key = SigningKey::from_private_key_bytes(
41//!     alice_sign_url,
42//!     hex::decode(&alice.signing_private_key_hex).unwrap().try_into().unwrap(),
43//! ).unwrap();
44//!
45//! // Create a signed message
46//! let msg = Message::new(
47//!     alice.document.id.clone(),
48//!     bob.document.id.clone(),
49//!     "text/plain",
50//!     b"hello".to_vec(),
51//!     &alice_signing_key,
52//! ).unwrap();
53//!
54//! // Verify message signature against sender's document
55//! msg.verify_with_document(&alice.document).unwrap();
56//!
57//! // Encrypt for recipient as an Envelope
58//! let envelope = msg.enclose_for(&bob.document).unwrap();
59//! ```
60
61pub mod constants;
62pub mod did;
63pub mod doc;
64pub mod error;
65pub mod identity;
66pub mod key;
67pub mod msg;
68mod multiformat;
69
70pub use did::{DID_PREFIX, Did};
71pub use doc::{
72    DEFAULT_DID_CONTEXT, DEFAULT_PROOF_PURPOSE, DEFAULT_PROOF_TYPE, Document, Proof,
73    VerificationMethod, now_iso_utc,
74};
75pub use error::{MaError, Result};
76pub use identity::{
77    GeneratedIdentity, generate_identity, generate_identity_from_secret, ipns_from_secret,
78};
79pub use ipld_core::ipld::Ipld;
80pub use key::{
81    ASSERTION_METHOD_KEY_TYPE, ED25519_PUB_CODEC, EDDSA_SIG_CODEC, EncryptionKey,
82    KEY_AGREEMENT_KEY_TYPE, SigningKey, X25519_PUB_CODEC,
83};
84pub use msg::{
85    DEFAULT_MAX_CLOCK_SKEW_SECS, DEFAULT_MESSAGE_TTL_SECS, DEFAULT_REPLAY_WINDOW_SECS, Envelope,
86    Headers, MESSAGE_PREFIX, Message, ReplayGuard,
87};