pub trait KeyResolver {
// Required method
fn resolve<'a>(
&'a self,
xml: &str,
) -> Result<Option<Box<dyn VerifyingKey + 'a>>, DsigError>;
// Provided method
fn consumes_document_key_info(&self) -> bool { ... }
}Expand description
Key resolver hook used by VerifyContext when no pre-set key is provided.
This trait intentionally has no Send + Sync supertraits; callers that need
cross-thread sharing can wrap resolvers/keys in their own thread-safe types.
Required Methods§
Sourcefn resolve<'a>(
&'a self,
xml: &str,
) -> Result<Option<Box<dyn VerifyingKey + 'a>>, DsigError>
fn resolve<'a>( &'a self, xml: &str, ) -> Result<Option<Box<dyn VerifyingKey + 'a>>, DsigError>
Resolve a verification key for the provided XML document.
Return Ok(None) when no suitable key could be resolved from available
key material (for example, missing <KeyInfo> candidates). VerifyContext
maps Ok(None) to DsigStatus::Invalid(FailureReason::KeyNotFound);
reserve Err(...) for resolver failures.
Provided Methods§
Sourcefn consumes_document_key_info(&self) -> bool
fn consumes_document_key_info(&self) -> bool
Return true when this resolver consumes document <KeyInfo> material.
The verification pipeline uses this to decide whether malformed
<KeyInfo> should raise DsigError::ParseKeyInfo before resolver
execution. Resolvers that ignore document key material can keep the
default false to avoid fail-closed parsing on advisory <KeyInfo>.