chore: Move c2pa::CoseValidator to c2pa_crypto::RawSignatureValidator

Author: scouten-adobe

internal/crypto/src/lib.rs

@@ -25,10 +25,14 @@ pub mod hash;
 pub(crate) mod internal;
 
 pub mod ocsp;
-pub mod validation_codes;
+
+mod raw_signature;
+pub use raw_signature::validator::{RawSignatureValidationError, RawSignatureValidator};
 
 mod signing_alg;
 pub use signing_alg::{SigningAlg, UnknownAlgorithmError};
 
+pub mod validation_codes;
+
 #[cfg(test)]
 pub(crate) mod tests;

internal/crypto/src/raw_signature/mod.rs

@@ -0,0 +1,14 @@
+// Copyright 2024 Adobe. All rights reserved.
+// This file is licensed to you under the Apache License,
+// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+// or the MIT license (http://opensource.org/licenses/MIT),
+// at your option.
+
+// Unless required by applicable law or agreed to in writing,
+// this software is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or
+// implied. See the LICENSE-MIT and LICENSE-APACHE files for the
+// specific language governing permissions and limitations under
+// each license.
+
+pub(crate) mod validator;

internal/crypto/src/raw_signature/validator.rs

@@ -0,0 +1,35 @@
+// Copyright 2022 Adobe. All rights reserved.
+// This file is licensed to you under the Apache License,
+// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+// or the MIT license (http://opensource.org/licenses/MIT),
+// at your option.
+
+// Unless required by applicable law or agreed to in writing,
+// this software is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or
+// implied. See the LICENSE-MIT and LICENSE-APACHE files for the
+// specific language governing permissions and limitations under
+// each license.
+
+use thiserror::Error;
+
+/// A `RawSignatureValidator` implementation checks a signature encoded using a
+/// specific signature algorithm and a private/public key pair.
+///
+/// IMPORTANT: This signature is typically embedded in a wrapper provided by
+/// another signature mechanism. In the C2PA ecosystem, this wrapper is
+/// typically COSE, but `RawSignatureValidator` does not implement COSE.
+pub trait RawSignatureValidator {
+    /// Return `true` if the signature `sig` is valid for the raw content `data`
+    /// and the public key `public_key`.
+    fn validate(
+        &self,
+        sig: &[u8],
+        data: &[u8],
+        public_key: &[u8],
+    ) -> Result<(), RawSignatureValidationError>;
+}
+
+/// Describes errors that can be identified when validating a raw signature.
+#[derive(Debug, Eq, Error, PartialEq)]
+pub enum RawSignatureValidationError {}