smokesignal.events
+19
-6
crates/atproto-attestation/src/bin/atproto-attestation-verify.rs
+19
-6
crates/atproto-attestation/src/bin/atproto-attestation-verify.rs
···
47
47
48
48
use anyhow::{Context, Result, anyhow};
49
49
use atproto_attestation::AnyInput;
50
-
use atproto_identity::key::{KeyData, KeyResolver};
50
+
use atproto_identity::key::{KeyData, KeyResolver, identify_key};
51
51
use clap::Parser;
52
52
use serde_json::Value;
53
53
use std::{
···
115
115
attestation: Option<String>,
116
116
}
117
117
118
-
struct FakeKeyResolver {}
118
+
/// A key resolver that supports `did:key:` identifiers directly.
119
+
///
120
+
/// This resolver handles key references that are encoded as `did:key:` strings,
121
+
/// parsing them to extract the cryptographic key data. For other DID methods,
122
+
/// it returns an error since those would require fetching DID documents.
123
+
struct DidKeyResolver {}
119
124
120
125
#[async_trait::async_trait]
121
-
impl KeyResolver for FakeKeyResolver {
122
-
async fn resolve(&self, _subject: &str) -> Result<KeyData> {
123
-
todo!()
126
+
impl KeyResolver for DidKeyResolver {
127
+
async fn resolve(&self, subject: &str) -> Result<KeyData> {
128
+
if subject.starts_with("did:key:") {
129
+
identify_key(subject)
130
+
.map_err(|e| anyhow!("Failed to parse did:key '{}': {}", subject, e))
131
+
} else {
132
+
Err(anyhow!(
133
+
"Subject '{}' is not a did:key: identifier. Only did:key: subjects are supported by this resolver.",
134
+
subject
135
+
))
136
+
}
124
137
}
125
138
}
126
139
···
175
188
identity_resolver,
176
189
};
177
190
178
-
let key_resolver = FakeKeyResolver {};
191
+
let key_resolver = DidKeyResolver {};
179
192
180
193
atproto_attestation::verify_record(
181
194
AnyInput::Serialize(record.clone()),