Function dcaf::token::decrypt_access_token
source · pub fn decrypt_access_token<T>(
key: &CoseKey,
token: &ByteString,
external_aad: Option<&[u8]>
) -> Result<ClaimsSet, AccessTokenError<T::Error>>where
T: CoseEncryptCipher,
Expand description
Decrypts the given token
and external_aad
using the key
and the cipher
given by type parameter T
, returning the decrypted ClaimsSet
.
This method should be used when the given token
is a CoseEncrypt0
rather than
CoseEncrypt
(i.e., if it is intended for a single recipient). In case the token is an
instance of the latter, use decrypt_access_token_multiple
instead.
For an example, see the documentation of encrypt_access_token
.
Errors
- When there’s a
CoseError
while deserializing the giventoken
to aCoseEncrypt0
structure (e.g., if it’s not in fact aCoseEncrypt0
structure but rather something else). - When there’s a decryption error coming from the cipher given by
T
. - When the deserialized and decrypted
CoseEncrypt0
structure does not contain a validClaimsSet
.