Skip to main content

VerificationMiddleware

flux_verify_api::verify_middleware

Struct VerificationMiddleware 

Source 
pub struct VerificationMiddleware { /* private fields */ }
Expand description

Middleware that verifies bytecode signatures before allowing execution.

Implementations§

Source§

impl VerificationMiddleware

Source

pub fn new(trusted_keys: Vec<[u8; 32]>) -> Self

Create a new middleware with at least one trusted public key.

Source

pub fn with_strict(self, strict: bool) -> Self

Toggle strict mode. When strict (default), unsigned bytecode is rejected.

Source

pub fn add_trusted_key(&mut self, public_key: [u8; 32])

Add a new trusted public key (for key rotation).

Source

pub fn remove_trusted_key(&mut self, public_key: &[u8; 32])

Remove a trusted public key (e.g., revoke a compromised key).

Source

pub fn trusted_key_count(&self) -> usize

Number of currently trusted keys.

Source

pub fn verify( &self, bytecode: &[u8], signature: &Signature, ) -> VerificationResult

Verify bytecode against all trusted public keys.

Returns Ok(VerificationResult) if any trusted key validates the signature. Returns an error result if none match or if the bytecode is tampered.

Source

pub fn verify_or_reject( &self, bytecode: &[u8], signature: &Signature, ) -> Result<usize, String>

Verify bytecode or return an error message suitable for API responses.

Source

pub fn allow_unsigned(&self) -> bool

Check whether unsigned bytecode should be allowed (depends on strict mode).

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more