Skip to main content

EmbeddedCert

tor_netdoc::types::embedded_cert

Struct EmbeddedCert 

Source 
pub struct EmbeddedCert<VD, UR> {
    verified: Option<VD>,
    unverified: UR,
}
Expand description

One certificate inside a netdoc, covering data other than the netdoc itself

§Semantics and value

This type always embodies:

  • The encoded form of a certificate or signature (its actual bytes, for encoding/decoding.

    This encoded unverified raw form is the type parameter UR. Often UR will be tor_cert::KeyUnknownCert.

Additionally, it can and usually does contain the “verified form”:

  • Interpreted, parsed, data, of whatever was certified. For example, for a family certificate, the family IDs.

    It might or might not include something like a tor_cert::Ed25519Cert, depending whether downstreams need that information.

    This decoded verified data is the type parameter VD; EmbeddedCert contains Option<VD> (or equivalent).

(We call an EmbeddedCert without the verified form an “unverified EmbeddedCert”.)

§Correctness/availability invariant

Whenever an EmbeddedCert appears in a parsed and verified network document body, the EmbeddedCert has been verified and the verified form is present.

During parsing of a network document, the document type’s verification function gets access to the unverified EmbeddedCert. It is the verify function which must verify and timecheck the certificate, and, if it is satisfied, call set_verified. Include fields of this type in documents deriving NetdocParseableUnverified, rather than plain NetdocParseable.

This invariant is somewhat fuzzy around the edges, and not 100% enforced by the compiler. If it is relied on inappropriately, or violated, Bug is thrown.

§Security invariant

Presence of the verified form guarantees that, if the document came from outside, we have verified the signature, and checked that it is timely. So the interpreted form can safely be used.

This guarantee flows from the caller of set_verified, and may be relied on by users - eg, by callers of get.

§Parsing and encoding

This type implements applicable parsing and encoding traits, if VD is EmbeddableCertObject<UR> and UR is Readable and Writable.

See EmbeddableCertObject for full details.

§Example

See crates/tor-netdoc/src/types/embedded_cert/test.rs.

Fields§

§verified: Option<VD>

The verified form, if this EmbeddedCert is verified.

§unverified: UR

The unverified form.

Implementations§

Source§

impl<VD, UR> EmbeddedCert<VD, UR>

Source

pub fn new(data: VD, raw: UR) -> Self

Make a new (verified) EmbeddedCert

§Security

If this certificate originated elsewhere, it must have been verified and timechecked.

Source

pub fn get(&self) -> Result<&VD, Bug>

Obtain the verified data

This function will always succeed on a cert found in a (verified) netdoc.

§Error conditions

get will fail only if the correctness/availability invariant is violated or relied on inappropriately. See the type-level documentation.

It can fail inside a netdoc verification function, or after EmbeddedCert::new_unverified_hazardous. It could also fail if an EmbeddedCert is included in an unsigned netdoc (ie one to which derived plain NetdocParseable rather than NetdocParseableUnverified.

Source

pub fn new_unverified_hazardous(unverified: UR) -> Self

Make a new unverified EmbeddedCert

§Correctness

It is the caller’s responsibility to uphold the correctness/availability invariant. See the type-level documentation.

Carelessly creating a loose unverified EmbeddedCert could expose it to naive code, which expects get to succeed.

Source

pub fn raw_unverified(&self) -> &UR

Obtain the raw data, for verification or encoding

Source

pub fn set_verified(&mut self, verified: VD)

Set the verified data

Usually called from within a document-specific verify function.

§Security

The signature must have been verified, and timeliness checked.

Trait Implementations§

Source§

impl<VD: Clone, UR: Clone> Clone for EmbeddedCert<VD, UR>

Source§

fn clone(&self) -> EmbeddedCert<VD, UR>

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<VD: Debug, UR: Debug> Debug for EmbeddedCert<VD, UR>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<VD, UR> ItemObjectEncodable for EmbeddedCert<VD, UR>
where VD: EmbeddableCertObject<UR>, UR: Writeable,

Source§

fn label(&self) -> &str

The label (keyword(s) in BEGIN and END)
Source§

fn write_object_onto(&self, b: &mut Vec<u8>) -> Result<(), Bug>

Represent the actual value as bytes. Read more
Source§

impl<VD, UR> ItemObjectParseable for EmbeddedCert<VD, UR>
where VD: EmbeddableCertObject<UR>, UR: Readable,

Source§

fn check_label(label: &str) -> Result<(), P2EP>

Check that the Label is right
Source§

fn from_bytes(input: &[u8]) -> Result<Self, P2EP>

Convert the bytes of the Object (which was present) into the actual value Read more
Source§

impl<VD, UR> ItemValueEncodable for EmbeddedCert<VD, UR>
where Self: ItemObjectEncodable,

Source§

fn write_item_value_onto(&self, out: ItemEncoder<'_>) -> Result<(), Bug>

Write the item’s arguments, and any object, onto out Read more
Source§

impl<VD, UR> ItemValueParseable for EmbeddedCert<VD, UR>
where VD: EmbeddableCertObject<UR>, UR: Readable,

Source§

fn from_unparsed(item: UnparsedItem<'_>) -> Result<Self, P2EP>

Parse the item’s value
Source§

impl<VD, UR> Writeable for EmbeddedCert<VD, UR>
where UR: Writeable,

Source§

fn write_onto<B: Writer + ?Sized>(&self, b: &mut B) -> Result<(), EncodeError>

Encode this object into the writer b.

Auto Trait Implementations§

§

impl<VD, UR> Freeze for EmbeddedCert<VD, UR>
where UR: Freeze, VD: Freeze,

§

impl<VD, UR> RefUnwindSafe for EmbeddedCert<VD, UR>
where UR: RefUnwindSafe, VD: RefUnwindSafe,

§

impl<VD, UR> Send for EmbeddedCert<VD, UR>
where UR: Send, VD: Send,

§

impl<VD, UR> Sync for EmbeddedCert<VD, UR>
where UR: Sync, VD: Sync,

§

impl<VD, UR> Unpin for EmbeddedCert<VD, UR>
where UR: Unpin, VD: Unpin,

§

impl<VD, UR> UnsafeUnpin for EmbeddedCert<VD, UR>
where UR: UnsafeUnpin, VD: UnsafeUnpin,

§

impl<VD, UR> UnwindSafe for EmbeddedCert<VD, UR>
where UR: UnwindSafe, VD: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> Downcast for T
where T: Any,

Source§

fn into_any(self: Box<T>) -> Box<dyn Any>

Converts Box<dyn Trait> (where Trait: Downcast) to Box<dyn Any>, which can then be downcast into Box<dyn ConcreteType> where ConcreteType implements Trait.
Source§

fn into_any_rc(self: Rc<T>) -> Rc<dyn Any>

Converts Rc<Trait> (where Trait: Downcast) to Rc<Any>, which can then be further downcast into Rc<ConcreteType> where ConcreteType implements Trait.
Source§

fn as_any(&self) -> &(dyn Any + 'static)

Converts &Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &Any’s vtable from &Trait’s.
Source§

fn as_any_mut(&mut self) -> &mut (dyn Any + 'static)

Converts &mut Trait (where Trait: Downcast) to &Any. This is needed since Rust cannot generate &mut Any’s vtable from &mut Trait’s.
Source§

impl<T> DowncastSend for T
where T: Any + Send,

Source§

fn into_any_send(self: Box<T>) -> Box<dyn Any + Send>

Converts Box<Trait> (where Trait: DowncastSend) to Box<dyn Any + Send>, which can then be downcast into Box<ConcreteType> where ConcreteType implements Trait.
Source§

impl<T> DowncastSync for T
where T: Any + Send + Sync,

Source§

fn into_any_sync(self: Box<T>) -> Box<dyn Any + Sync + Send>

Converts Box<Trait> (where Trait: DowncastSync) to Box<dyn Any + Send + Sync>, which can then be downcast into Box<ConcreteType> where ConcreteType implements Trait.
Source§

fn into_any_arc(self: Arc<T>) -> Arc<dyn Any + Sync + Send>

Converts Arc<Trait> (where Trait: DowncastSync) to Arc<Any>, which can then be downcast into Arc<ConcreteType> where ConcreteType implements Trait.
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> PossiblyOption<T> for T

Source§

fn to_option(self) -> Option<T>

Convert this object into an Option<T>
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<W> WriteableOnce for W
where W: Writeable,

Source§

fn write_into<B>(self, b: &mut B) -> Result<(), EncodeError>
where B: Writer + ?Sized,

Encode this object into the writer b, and consume it.