pub trait RemoteAuthority:
Send
+ Sync
+ Debug {
// Required methods
fn name(&self) -> &str;
fn cert_chain(&self) -> &[CertificateDer<'static>];
// Provided methods
fn public_key(&self) -> SubjectPublicKeyInfoDer<'_> { ... }
fn verify(
&self,
data: &[u8],
signature: &[u8],
) -> BoxFuture<'_, Result<bool, VerifyError>> { ... }
}Expand description
Remote authority for DHTTP identity material.
Verification uses the same DHTTP canonical key-to-signature-scheme policy
as LocalAuthority. The policy is:
- Ed25519 keys use
SignatureScheme::ED25519. - ECDSA P-256 keys use
SignatureScheme::ECDSA_NISTP256_SHA256. - ECDSA P-384 keys use
SignatureScheme::ECDSA_NISTP384_SHA384. - RSA keys use
SignatureScheme::RSA_PSS_SHA512, matching the QUIC/TLS RSA signing preference used by rustls.
A remote authority does not carry an explicit signature scheme in its API; the scheme is derived from the authority public key according to the documented DHTTP policy.
Required Methods§
fn name(&self) -> &str
fn cert_chain(&self) -> &[CertificateDer<'static>]
Provided Methods§
fn public_key(&self) -> SubjectPublicKeyInfoDer<'_>
fn verify( &self, data: &[u8], signature: &[u8], ) -> BoxFuture<'_, Result<bool, VerifyError>>
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".