Add default feature use_pem
This commit is contained in:
parent
5486f96f52
commit
1a46cfa7c9
|
@ -68,5 +68,8 @@ jobs:
|
|||
- name: Build System Info
|
||||
run: rustc --version
|
||||
|
||||
- name: Run tests
|
||||
- name: Run tests default features
|
||||
run: cargo test
|
||||
|
||||
- name: Run tests no features
|
||||
run: cargo test --no-default-features
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
- Error now implements Clone/Eq
|
||||
- Change default leeway from 0s to 60s
|
||||
- Add `Validation::require_spec_claims` to validate presence of the spec claims
|
||||
- Add default feature for pem decoding named `use_pem` that can be disabled to avoid 2 dependencies
|
||||
|
||||
## 7.2.0 (2020-06-30)
|
||||
|
||||
|
|
12
Cargo.toml
12
Cargo.toml
|
@ -1,6 +1,6 @@
|
|||
[package]
|
||||
name = "jsonwebtoken"
|
||||
version = "8.0.0-beta.7"
|
||||
version = "8.0.0-beta.8"
|
||||
authors = ["Vincent Prouillet <hello@vincentprouillet.com>"]
|
||||
license = "MIT"
|
||||
readme = "README.md"
|
||||
|
@ -8,7 +8,7 @@ description = "Create and decode JWTs in a strongly typed way."
|
|||
homepage = "https://github.com/Keats/jsonwebtoken"
|
||||
repository = "https://github.com/Keats/jsonwebtoken"
|
||||
keywords = ["jwt", "api", "token", "jwk"]
|
||||
edition = "2018"
|
||||
edition = "2021"
|
||||
include = ["src/**/*", "benches/**/*", "tests/**/*", "LICENSE", "README.md", "CHANGELOG.md"]
|
||||
|
||||
[dependencies]
|
||||
|
@ -17,14 +17,18 @@ serde = {version = "1.0", features = ["derive"] }
|
|||
ring = { version = "0.16.5", features = ["std"] }
|
||||
base64 = "0.13"
|
||||
# For PEM decoding
|
||||
pem = "1"
|
||||
simple_asn1 = "0.6"
|
||||
pem = {version = "1", optional = true}
|
||||
simple_asn1 = {version = "0.6", optional = true}
|
||||
|
||||
[dev-dependencies]
|
||||
# For the custom time example
|
||||
time = "0.3"
|
||||
criterion = "0.3"
|
||||
|
||||
[features]
|
||||
default = ["use_pem"]
|
||||
use_pem = ["pem", "simple_asn1"]
|
||||
|
||||
[[bench]]
|
||||
name = "jwt"
|
||||
harness = false
|
||||
|
|
|
@ -11,6 +11,8 @@ Add the following to Cargo.toml:
|
|||
|
||||
```toml
|
||||
jsonwebtoken = "8"
|
||||
# If you do not need pem decoding, you can disable the default feature `use_pem` that way:
|
||||
# jsonwebtoken = {version = "8", default-features = false }
|
||||
serde = {version = "1.0", features = ["derive"] }
|
||||
```
|
||||
|
||||
|
|
|
@ -4,6 +4,7 @@ use crate::algorithms::AlgorithmFamily;
|
|||
use crate::crypto::verify;
|
||||
use crate::errors::{new_error, ErrorKind, Result};
|
||||
use crate::header::Header;
|
||||
#[cfg(feature = "use_pem")]
|
||||
use crate::pem::decoder::PemEncodedKey;
|
||||
use crate::serialization::{b64_decode, DecodedJwtPartClaims};
|
||||
use crate::validation::{validate, Validation};
|
||||
|
@ -59,6 +60,8 @@ impl DecodingKey {
|
|||
}
|
||||
|
||||
/// If you are loading a public RSA key in a PEM format, use this.
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_rsa_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_rsa_key()?;
|
||||
|
@ -87,6 +90,8 @@ impl DecodingKey {
|
|||
}
|
||||
|
||||
/// If you have a ECDSA public key in PEM format, use this.
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_ec_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_ec_public_key()?;
|
||||
|
@ -97,6 +102,8 @@ impl DecodingKey {
|
|||
}
|
||||
|
||||
/// If you have a EdDSA public key in PEM format, use this.
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_ed_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_ed_public_key()?;
|
||||
|
|
|
@ -4,6 +4,7 @@ use crate::algorithms::AlgorithmFamily;
|
|||
use crate::crypto;
|
||||
use crate::errors::{new_error, ErrorKind, Result};
|
||||
use crate::header::Header;
|
||||
#[cfg(feature = "use_pem")]
|
||||
use crate::pem::decoder::PemEncodedKey;
|
||||
use crate::serialization::b64_encode_part;
|
||||
|
||||
|
@ -29,12 +30,14 @@ impl EncodingKey {
|
|||
|
||||
/// If you are loading a RSA key from a .pem file.
|
||||
/// This errors if the key is not a valid RSA key.
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
///
|
||||
/// # NOTE
|
||||
///
|
||||
/// According to the [ring doc](https://briansmith.org/rustdoc/ring/signature/struct.RsaKeyPair.html#method.from_pkcs8),
|
||||
/// the key should be at least 2047 bits.
|
||||
///
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_rsa_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_rsa_key()?;
|
||||
|
@ -43,6 +46,7 @@ impl EncodingKey {
|
|||
|
||||
/// If you are loading a ECDSA key from a .pem file
|
||||
/// This errors if the key is not a valid private EC key
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
///
|
||||
/// # NOTE
|
||||
///
|
||||
|
@ -54,6 +58,7 @@ impl EncodingKey {
|
|||
/// openssl ecparam -genkey -noout -name prime256v1 \
|
||||
/// | openssl pkcs8 -topk8 -nocrypt -out ec-private.pem
|
||||
/// ```
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_ec_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_ec_private_key()?;
|
||||
|
@ -62,6 +67,8 @@ impl EncodingKey {
|
|||
|
||||
/// If you are loading a EdDSA key from a .pem file
|
||||
/// This errors if the key is not a valid private Ed key
|
||||
/// Only exists if the feature `use_pem` is enabled.
|
||||
#[cfg(feature = "use_pem")]
|
||||
pub fn from_ed_pem(key: &[u8]) -> Result<Self> {
|
||||
let pem_key = PemEncodedKey::new(key)?;
|
||||
let content = pem_key.as_ed_private_key()?;
|
||||
|
|
|
@ -12,6 +12,7 @@ mod encoding;
|
|||
pub mod errors;
|
||||
mod header;
|
||||
pub mod jwk;
|
||||
#[cfg(feature = "use_pem")]
|
||||
mod pem;
|
||||
mod serialization;
|
||||
mod validation;
|
||||
|
|
|
@ -25,6 +25,7 @@ fn round_trip_sign_verification_pk8() {
|
|||
assert!(is_valid);
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_sign_verification_pem() {
|
||||
let privkey_pem = include_bytes!("private_ecdsa_key.pem");
|
||||
|
@ -42,6 +43,7 @@ fn round_trip_sign_verification_pem() {
|
|||
assert!(is_valid);
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_claim() {
|
||||
let privkey_pem = include_bytes!("private_ecdsa_key.pem");
|
||||
|
@ -67,6 +69,7 @@ fn round_trip_claim() {
|
|||
}
|
||||
|
||||
// https://jwt.io/ is often used for examples so ensure their example works with jsonwebtoken
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn roundtrip_with_jwtio_example() {
|
||||
// We currently do not support SEC1 so we use the converted PKCS8 formatted
|
||||
|
|
|
@ -25,6 +25,7 @@ fn round_trip_sign_verification_pk8() {
|
|||
assert!(is_valid);
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_sign_verification_pem() {
|
||||
let privkey_pem = include_bytes!("private_ed25519_key.pem");
|
||||
|
@ -42,6 +43,7 @@ fn round_trip_sign_verification_pem() {
|
|||
assert!(is_valid);
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_claim() {
|
||||
let privkey_pem = include_bytes!("private_ed25519_key.pem");
|
||||
|
|
|
@ -21,6 +21,7 @@ pub struct Claims {
|
|||
exp: i64,
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_sign_verification_pem_pkcs1() {
|
||||
let privkey_pem = include_bytes!("private_rsa_key_pkcs1.pem");
|
||||
|
@ -40,6 +41,7 @@ fn round_trip_sign_verification_pem_pkcs1() {
|
|||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_sign_verification_pem_pkcs8() {
|
||||
let privkey_pem = include_bytes!("private_rsa_key_pkcs8.pem");
|
||||
|
@ -73,6 +75,7 @@ fn round_trip_sign_verification_der() {
|
|||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn round_trip_claim() {
|
||||
let my_claims = Claims {
|
||||
|
@ -98,6 +101,7 @@ fn round_trip_claim() {
|
|||
}
|
||||
}
|
||||
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn rsa_modulus_exponent() {
|
||||
let privkey = include_str!("private_rsa_key_pkcs1.pem");
|
||||
|
@ -124,6 +128,7 @@ fn rsa_modulus_exponent() {
|
|||
}
|
||||
|
||||
// https://jwt.io/ is often used for examples so ensure their example works with jsonwebtoken
|
||||
#[cfg(feature = "use_pem")]
|
||||
#[test]
|
||||
fn roundtrip_with_jwtio_example_jey() {
|
||||
let privkey_pem = include_bytes!("private_jwtio.pem");
|
||||
|
|
Loading…
Reference in New Issue