Function dcaf::token::verify_access_token

source ·

pub fn verify_access_token<T>(
    key: &CoseKey,
    token: &ByteString,
    external_aad: Option<&[u8]>
) -> Result<(), AccessTokenError<T::Error>>where
    T: CoseSignCipher,

Expand description

Verifies the given token and external_aad with the key using the cipher given by type parameter T, returning an error in case it could not be verified.

This method should be used when the given token is a CoseSign1 rather than CoseSign (i.e., if it is intended for a single recipient). In case the token is an instance of the latter, use verify_access_token_multiple instead.

NOTE: Protected headers are not verified as of now.

For an example, see the documentation of sign_access_token.

Errors

When there’s a CoseError while deserializing the given token to a CoseSign1 structure (e.g., if it’s not in fact a CoseSign1 structure but rather something else).
When there’s a verification error coming from the cipher T (e.g., if the token’s data does not match its signature).