pub trait SignatureVerificationAlgorithm: Send + Sync {
// Required methods
fn verify_signature(
&self,
public_key: &[u8],
message: &[u8],
signature: &[u8]
) -> Result<(), InvalidSignature>;
fn public_key_alg_id(&self) -> AlgorithmIdentifier<'_>;
fn signature_alg_id(&self) -> AlgorithmIdentifier<'_>;
}
Expand description
An abstract signature verification algorithm.
One of these is needed per supported pair of public key type (identified
with public_key_alg_id()
) and signatureAlgorithm
(identified with
signature_alg_id()
). Note that both of these AlgorithmIdentifier
s include
the parameters encoding, so separate SignatureVerificationAlgorithm
s are needed
for each possible public key or signature parameters.
Required Methods§
sourcefn verify_signature(
&self,
public_key: &[u8],
message: &[u8],
signature: &[u8]
) -> Result<(), InvalidSignature>
fn verify_signature( &self, public_key: &[u8], message: &[u8], signature: &[u8] ) -> Result<(), InvalidSignature>
Verify a signature.
public_key
is the subjectPublicKey
value from a SubjectPublicKeyInfo
encoding
and is untrusted. The key’s subjectPublicKeyInfo
matches the AlgorithmIdentifier
returned by public_key_alg_id()
.
message
is the data over which the signature was allegedly computed.
It is not hashed; implementations of this trait function must do hashing
if that is required by the algorithm they implement.
signature
is the signature allegedly over message
.
Return Ok(())
only if signature
is a valid signature on message
.
Return Err(InvalidSignature)
if the signature is invalid, including if the public_key
encoding is invalid. There is no need or opportunity to produce errors
that are more specific than this.
sourcefn public_key_alg_id(&self) -> AlgorithmIdentifier<'_>
fn public_key_alg_id(&self) -> AlgorithmIdentifier<'_>
Return the AlgorithmIdentifier
that must equal a public key’s
subjectPublicKeyInfo
value for this SignatureVerificationAlgorithm
to be used for signature verification.
sourcefn signature_alg_id(&self) -> AlgorithmIdentifier<'_>
fn signature_alg_id(&self) -> AlgorithmIdentifier<'_>
Return the AlgorithmIdentifier
that must equal the signatureAlgorithm
value
on the data to be verified for this SignatureVerificationAlgorithm
to be used
for signature verification.