blob: 32ae142d0f46b8ae672e1043d740e009b170d03e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
/*
* Copyright (c) 2023 Vaughn Nugent
*
* Library: VNLib
* Package: VNLib.Data.Caching.Extensions
* File: ClientCacheConfiguration.cs
*
* ClientCacheConfiguration.cs is part of VNLib.Data.Caching.Extensions which is part of the larger
* VNLib collection of libraries and utilities.
*
* VNLib.Data.Caching.Extensions is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* VNLib.Data.Caching.Extensions is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see https://www.gnu.org/licenses/.
*/
using System;
using System.Collections.Generic;
using VNLib.Hashing;
using VNLib.Hashing.IdentityUtility;
namespace VNLib.Data.Caching.Extensions
{
/// <summary>
/// Provides authentication services for cache clients and
/// servers.
/// </summary>
public interface ICacheAuthManager
{
/// <summary>
/// Gets the JWT header to use for signing messages with the
/// given key
/// </summary>
/// <returns>The JWT header collection</returns>
IReadOnlyDictionary<string, string?> GetJwtHeader();
/// <summary>
/// Signs the given JWT
/// </summary>
/// <param name="jwt">The message to sign</param>
void SignJwt(JsonWebToken jwt);
/// <summary>
/// Verifies the given JWT
/// </summary>
/// <param name="jwt">The message to verify authenticity</param>
/// <param name="isPeer">A value indicating if the message is from a known node</param>
/// <returns>True of the JWT could be verified, false otherwise</returns>
bool VerifyJwt(JsonWebToken jwt, bool isPeer);
/// <summary>
/// Signs the given message hash
/// </summary>
/// <param name="hash">The message hash to sign</param>
/// <param name="alg">The algorithm used to sign the message hash</param>
/// <returns>The signature of the hash</returns>
byte[] SignMessageHash(byte[] hash, HashAlg alg);
/// <summary>
/// Verifies the given message hash against the signature.
/// </summary>
/// <param name="hash">The message hash to compare</param>
/// <param name="alg">The algorithm used to produce the message hash</param>
/// <param name="signature">The message signature to verify the message against</param>
/// <param name="isPeer">A value indicating if the message is from a known node</param>
/// <returns>True of the signature could be verified</returns>
bool VerifyMessageHash(ReadOnlySpan<byte> hash, HashAlg alg, ReadOnlySpan<byte> signature, bool isPeer);
}
}
|