Crate ic_auth_verifier

Expand description

Verification and signing utilities for IC-Auth.

The base crate verifies raw signatures for the public key formats used by Internet Computer identities: Ed25519, ECDSA P-256, ECDSA secp256k1, and IC canister signatures. Optional features add higher-level protocol surfaces:

envelope: SignedEnvelope parsing, verification, HTTP headers, and deep-link payload helpers.
identity: ic-agent identity helpers for clients and services that need to sign envelopes. This feature is intended for native/server targets, not canisters.

§Examples

use ic_auth_verifier::{Algorithm, sha256, verify_basic_sig};

let digest = sha256(b"message");
assert_eq!(digest.len(), 32);

let err = verify_basic_sig(Algorithm::IcCanisterSignature, &[], b"message", &[])
    .unwrap_err();
assert!(err.contains("not supported"));

Re-exports§

pub use envelope::*;
pub use deeplink::*;
pub use identity::*;

Modules§

deeplink
envelope
identity

Structs§

CanisterSigPublicKey: A public key of canister signatures, see https://internetcomputer.org/docs/current/references/ic-interface-spec#canister-signatures

Enums§

Algorithm: Public-key algorithms recognized in IC identity DER public keys.

Constants§

IC_STATE_ROOT_DOMAIN_SEPARATOR
MAX_CERT_TIME_OFFSET_NS

Functions§

keccak256: Computes Keccak-256 for data.
rand_bytes: Returns N cryptographically random bytes.
sha3_256: Computes SHA3-256 for data.
sha256: Computes SHA-256 for data.
user_public_key_from_der: Parses a DER SubjectPublicKeyInfo public key.
verify_basic_sig: Verifies a raw signature for non-canister public keys.
verify_canister_sig: Verifies that signature is a valid canister signature on message. https://internetcomputer.org/docs/current/references/ic-interface-spec#canister-signatures

Crate ic_auth_verifier

Crate ic_auth_verifier Copy item path

§Examples

Re-exports§

Modules§

Structs§

Enums§

Constants§

Functions§

Crate ic_auth_verifier