Verifier

libsignify_rs::ops

Struct Verifier

pub struct Verifier { /* private fields */ }

Expand description

Builder for verification operations.

§Examples

Basic verification:

use libsignify_rs::{KeyGenerator, Signer, Verifier};
use tempfile::tempdir;
use std::fs;

let dir = tempdir()?;
let pub_path = dir.path().join("key.pub");
let sec_path = dir.path().join("key.sec");
let msg_path = dir.path().join("msg.txt");
let sig_path = dir.path().join("msg.sig");

// Setup
KeyGenerator::new().rounds(0).generate(&pub_path, &sec_path)?;
fs::write(&msg_path, "test message")?;
Signer::new().seckey(&sec_path).sign(&msg_path, &sig_path)?;

// Verify
Verifier::new()
    .pubkey(&pub_path)
    .quiet(true)
    .verify(&msg_path, &sig_path)?;

Embedded verification:

// Sign with embed
Signer::new()
    .seckey(&sec_path)
    .embed(true)
    .sign(&msg_path, &sig_path)?;

// Remove original message to verify extraction
fs::remove_file(&msg_path)?;

// Verify embedded
Verifier::new()
    .pubkey(&pub_path)
    .quiet(true)
    .embed(true)
    .verify(&msg_path, &sig_path)?;

Gzip verification:

// Sign gzip
Signer::new()
    .seckey(&sec_path)
    .gzip(true)
    .sign(&msg_path, &sig_path)?;

// Verify gzip
Verifier::new()
    .pubkey(&pub_path)
    .quiet(true)
    .gzip(true)
    .verify(&Path::new("-"), &sig_path)?; // Output to stdout (-) or file

Handling verification failures:


// Tamper with the message
fs::write(&msg_path, "tampered message")?;

// Verification should fail
let result = Verifier::new()
    .pubkey(&pub_path)
    .verify(&msg_path, &sig_path);

assert!(result.is_err());

Implementations§

impl Verifier

pub fn new() -> Self

Create a new Verifier.

pub fn pubkey(self, path: impl Into<PathBuf>) -> Self

Set public key path.

pub fn quiet(self, quiet: bool) -> Self

Set quiet mode.

If true, suppresses “Signature Verified” output.

pub fn embed(self, embed: bool) -> Self

Set embed mode (signify -I).

Used when verifying an embedded signature.

pub fn gzip(self, gzip: bool) -> Self

Set gzip mode (signify -z).

Used when verifying a signed gzip archive.

pub fn verify(self, msg_path: &Path, sig_path: &Path) -> Result<()>

Verify a signature.

§Errors

Returns errors if verification fails.

Trait Implementations§

impl Default for Verifier

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

impl Freeze for Verifier

impl RefUnwindSafe for Verifier

impl Send for Verifier

impl Sync for Verifier

impl Unpin for Verifier

impl UnwindSafe for Verifier

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.