Skip to main content

KmsProvider

uni_plugin::host_services

Trait KmsProvider 

Source 
pub trait KmsProvider: Send + Sync {
    // Required methods
    fn sign(&self, key_id: &str, data: &[u8]) -> Result<Vec<u8>, FnError>;
    fn verify(
        &self,
        key_id: &str,
        data: &[u8],
        signature: &[u8],
    ) -> Result<bool, FnError>;
}
Expand description

A signing / verification service backing the uni.kms.* host functions.

Implementations are expected to enforce nothing about which key ids are permissible — that attenuation is checked against the plugin’s granted crate::Capability::Kms before this trait is called.

Required Methods§

Source

fn sign(&self, key_id: &str, data: &[u8]) -> Result<Vec<u8>, FnError>

Sign data with the key identified by key_id, returning the raw signature bytes.

§Errors

Returns FnError if the key is unknown or the signing operation fails.

Source

fn verify( &self, key_id: &str, data: &[u8], signature: &[u8], ) -> Result<bool, FnError>

Verify signature over data against the key identified by key_id.

§Errors

Returns FnError if the key is unknown or verification cannot be performed (a valid result of “signature does not match” is Ok(false), not an error).

Dyn Compatibility§

This trait is dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors§