MessageVerifier

native_ossl::pkey

Struct MessageVerifier 

Source 
pub struct MessageVerifier { /* private fields */ }
Expand description

Stateful verification context using EVP_PKEY_verify_message_* (OpenSSL 3.2+).

Mirror of MessageSigner for the verification side.

For streaming mode: call set_signature, then update zero or more times, then finish. For one-shot: call verify_oneshot.

Implementations§

Source§

impl MessageVerifier

Source

pub fn new<T: HasPublic>( key: &Pkey<T>, alg: &mut SigAlg, params: Option<&Params<'_>>, ) -> Result<Self, ErrorStack>

Create and initialise a message-verify context.

§Errors
Source

pub fn set_params(&mut self, params: &Params<'_>) -> Result<(), ErrorStack>

Apply parameters after init.

§Errors
Source

pub fn set_signature(&mut self, sig: &[u8]) -> Result<(), ErrorStack>

Supply the signature to verify against (required before streaming finish).

Calls EVP_PKEY_CTX_set_signature. Not needed for verify_oneshot which sets it internally.

§Errors
Source

pub fn supports_streaming(&mut self) -> bool

Probe whether this algorithm supports incremental update calls.

Uses the same ERR_set_mark / ERR_pop_to_mark probe as MessageSigner::supports_streaming.

Source

pub fn update(&mut self, data: &[u8]) -> Result<(), ErrorStack>

Feed data into the verification operation.

§Errors
Source

pub fn finish(self) -> Result<(), ErrorStack>

Finalise and verify.

The signature must have been set via set_signature. Consumes self. Returns Ok(()) if the signature is valid.

§Errors
Source

pub fn verify_oneshot(self, data: &[u8], sig: &[u8]) -> Result<(), ErrorStack>

One-shot verify sig over data.

Sets the signature, feeds all data, and finalises. Consumes self.

§Errors
Source

pub fn verify(&mut self, data: &[u8], sig: &[u8]) -> Result<bool, ErrorStack>

One-shot verify sig over data using EVP_PKEY_verify.

The context must have been initialised with EVP_PKEY_verify_message_init (this type’s constructor); EVP_PKEY_verify accepts both EVP_PKEY_OP_VERIFY and EVP_PKEY_OP_VERIFYMSG operation modes.

Returns Ok(true) if the signature verifies, Ok(false) if it does not. Fatal protocol or library errors are returned as Err.

The context is not consumed and may be reused for further verifications.

Contrast with verify_oneshot: verify_oneshot consumes self; verify borrows self and may be called repeatedly without re-creating the context.

§Errors

Trait Implementations§

Source§

impl Drop for MessageVerifier

Available on ossl320 only.
Source§

fn drop(&mut self)

Executes the destructor for this type. Read more
Source§

impl Send for MessageVerifier

Available on ossl320 only.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.