diff --git a/src/rust/cryptography-x509-validation/src/lib.rs b/src/rust/cryptography-x509-validation/src/lib.rs index 764c699e7fa4..212642f6d428 100644 --- a/src/rust/cryptography-x509-validation/src/lib.rs +++ b/src/rust/cryptography-x509-validation/src/lib.rs @@ -4,4 +4,5 @@ #![forbid(unsafe_code)] +pub mod ops; pub mod types; diff --git a/src/rust/cryptography-x509-validation/src/ops.rs b/src/rust/cryptography-x509-validation/src/ops.rs new file mode 100644 index 000000000000..6d5b27e0a4ce --- /dev/null +++ b/src/rust/cryptography-x509-validation/src/ops.rs @@ -0,0 +1,18 @@ +// This file is dual licensed under the terms of the Apache License, Version +// 2.0, and the BSD License. See the LICENSE file in the root of this repository +// for complete details. + +use cryptography_x509::certificate::Certificate; + +pub trait CryptoOps { + /// A public key type for this cryptographic backend. + type Key; + + /// Extracts the public key from the given `Certificate` in + /// a `Key` format known by the cryptographic backend. + fn public_key(&self, cert: &Certificate) -> Self::Key; + + /// Verifies the signature on `Certificate` using the given + /// `Key`. + fn is_signed_by(&self, cert: &Certificate, key: Self::Key) -> bool; +}