Add default feature use_pem

.github/workflows/ci.yml

@@ -68,5 +68,8 @@ jobs:
     - name: Build System Info
       run: rustc --version
 
-    - name: Run tests
+    - name: Run tests default features
       run: cargo test
+
+    - name: Run tests no features
+      run: cargo test --no-default-features

CHANGELOG.md

@@ -14,6 +14,7 @@
 - Error now implements Clone/Eq
 - Change default leeway from 0s to 60s
 - Add `Validation::require_spec_claims` to validate presence of the spec claims
+- Add default feature for pem decoding named `use_pem` that can be disabled to avoid 2 dependencies
 
 ## 7.2.0 (2020-06-30)
 

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "jsonwebtoken"
-version = "8.0.0-beta.7"
+version = "8.0.0-beta.8"
 authors = ["Vincent Prouillet <hello@vincentprouillet.com>"]
 license = "MIT"
 readme = "README.md"
@@ -8,7 +8,7 @@ description = "Create and decode JWTs in a strongly typed way."
 homepage = "https://github.com/Keats/jsonwebtoken"
 repository = "https://github.com/Keats/jsonwebtoken"
 keywords = ["jwt", "api", "token", "jwk"]
-edition = "2018"
+edition = "2021"
 include = ["src/**/*", "benches/**/*", "tests/**/*", "LICENSE", "README.md", "CHANGELOG.md"]
 
 [dependencies]
@@ -17,14 +17,18 @@ serde = {version = "1.0", features = ["derive"] }
 ring = { version = "0.16.5", features = ["std"] }
 base64 = "0.13"
 # For PEM decoding
-pem = "1"
-simple_asn1 = "0.6"
+pem = {version = "1", optional = true}
+simple_asn1 = {version = "0.6", optional = true}
 
 [dev-dependencies]
 # For the custom time example
 time = "0.3"
 criterion = "0.3"
 
+[features]
+default = ["use_pem"]
+use_pem = ["pem", "simple_asn1"]
+
 [[bench]]
 name = "jwt"
 harness = false

README.md

@@ -11,6 +11,8 @@ Add the following to Cargo.toml:
 
 ```toml
 jsonwebtoken = "8"
+# If you do not need pem decoding, you can disable the default feature `use_pem` that way:
+# jsonwebtoken = {version = "8", default-features = false }
 serde = {version = "1.0", features = ["derive"] }
 ```
 

src/decoding.rs

@@ -4,6 +4,7 @@ use crate::algorithms::AlgorithmFamily;
 use crate::crypto::verify;
 use crate::errors::{new_error, ErrorKind, Result};
 use crate::header::Header;
+#[cfg(feature = "use_pem")]
 use crate::pem::decoder::PemEncodedKey;
 use crate::serialization::{b64_decode, DecodedJwtPartClaims};
 use crate::validation::{validate, Validation};
@@ -59,6 +60,8 @@ impl DecodingKey {
     }
 
     /// If you are loading a public RSA key in a PEM format, use this.
+    /// Only exists if the feature `use_pem` is enabled.
+    #[cfg(feature = "use_pem")]
     pub fn from_rsa_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_rsa_key()?;
@@ -87,6 +90,8 @@ impl DecodingKey {
     }
 
     /// If you have a ECDSA public key in PEM format, use this.
+    /// Only exists if the feature `use_pem` is enabled.
+    #[cfg(feature = "use_pem")]
     pub fn from_ec_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_ec_public_key()?;
@@ -97,6 +102,8 @@ impl DecodingKey {
     }
 
     /// If you have a EdDSA public key in PEM format, use this.
+    /// Only exists if the feature `use_pem` is enabled.
+    #[cfg(feature = "use_pem")]
     pub fn from_ed_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_ed_public_key()?;

src/encoding.rs

@@ -4,6 +4,7 @@ use crate::algorithms::AlgorithmFamily;
 use crate::crypto;
 use crate::errors::{new_error, ErrorKind, Result};
 use crate::header::Header;
+#[cfg(feature = "use_pem")]
 use crate::pem::decoder::PemEncodedKey;
 use crate::serialization::b64_encode_part;
 
@@ -29,12 +30,14 @@ impl EncodingKey {
 
     /// If you are loading a RSA key from a .pem file.
     /// This errors if the key is not a valid RSA key.
+    /// Only exists if the feature `use_pem` is enabled.
     ///
     /// # NOTE
     ///
     /// According to the [ring doc](https://briansmith.org/rustdoc/ring/signature/struct.RsaKeyPair.html#method.from_pkcs8),
     /// the key should be at least 2047 bits.
     ///
+    #[cfg(feature = "use_pem")]
     pub fn from_rsa_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_rsa_key()?;
@@ -43,6 +46,7 @@ impl EncodingKey {
 
     /// If you are loading a ECDSA key from a .pem file
     /// This errors if the key is not a valid private EC key
+    /// Only exists if the feature `use_pem` is enabled.
     ///
     /// # NOTE
     ///
@@ -54,6 +58,7 @@ impl EncodingKey {
     /// openssl ecparam -genkey -noout -name prime256v1 \
     ///     | openssl pkcs8 -topk8 -nocrypt -out ec-private.pem
     /// ```
+    #[cfg(feature = "use_pem")]
     pub fn from_ec_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_ec_private_key()?;
@@ -62,6 +67,8 @@ impl EncodingKey {
 
     /// If you are loading a EdDSA key from a .pem file
     /// This errors if the key is not a valid private Ed key
+    /// Only exists if the feature `use_pem` is enabled.
+    #[cfg(feature = "use_pem")]
     pub fn from_ed_pem(key: &[u8]) -> Result<Self> {
         let pem_key = PemEncodedKey::new(key)?;
         let content = pem_key.as_ed_private_key()?;

src/lib.rs

@@ -12,6 +12,7 @@ mod encoding;
 pub mod errors;
 mod header;
 pub mod jwk;
+#[cfg(feature = "use_pem")]
 mod pem;
 mod serialization;
 mod validation;

tests/ecdsa/mod.rs

@@ -25,6 +25,7 @@ fn round_trip_sign_verification_pk8() {
     assert!(is_valid);
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_sign_verification_pem() {
     let privkey_pem = include_bytes!("private_ecdsa_key.pem");
@@ -42,6 +43,7 @@ fn round_trip_sign_verification_pem() {
     assert!(is_valid);
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_claim() {
     let privkey_pem = include_bytes!("private_ecdsa_key.pem");
@@ -67,6 +69,7 @@ fn round_trip_claim() {
 }
 
 // https://jwt.io/ is often used for examples so ensure their example works with jsonwebtoken
+#[cfg(feature = "use_pem")]
 #[test]
 fn roundtrip_with_jwtio_example() {
     // We currently do not support SEC1 so we use the converted PKCS8 formatted

tests/eddsa/mod.rs

@@ -25,6 +25,7 @@ fn round_trip_sign_verification_pk8() {
     assert!(is_valid);
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_sign_verification_pem() {
     let privkey_pem = include_bytes!("private_ed25519_key.pem");
@@ -42,6 +43,7 @@ fn round_trip_sign_verification_pem() {
     assert!(is_valid);
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_claim() {
     let privkey_pem = include_bytes!("private_ed25519_key.pem");

tests/rsa/mod.rs

@@ -21,6 +21,7 @@ pub struct Claims {
     exp: i64,
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_sign_verification_pem_pkcs1() {
     let privkey_pem = include_bytes!("private_rsa_key_pkcs1.pem");
@@ -40,6 +41,7 @@ fn round_trip_sign_verification_pem_pkcs1() {
     }
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_sign_verification_pem_pkcs8() {
     let privkey_pem = include_bytes!("private_rsa_key_pkcs8.pem");
@@ -73,6 +75,7 @@ fn round_trip_sign_verification_der() {
     }
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn round_trip_claim() {
     let my_claims = Claims {
@@ -98,6 +101,7 @@ fn round_trip_claim() {
     }
 }
 
+#[cfg(feature = "use_pem")]
 #[test]
 fn rsa_modulus_exponent() {
     let privkey = include_str!("private_rsa_key_pkcs1.pem");
@@ -124,6 +128,7 @@ fn rsa_modulus_exponent() {
 }
 
 // https://jwt.io/ is often used for examples so ensure their example works with jsonwebtoken
+#[cfg(feature = "use_pem")]
 #[test]
 fn roundtrip_with_jwtio_example_jey() {
     let privkey_pem = include_bytes!("private_jwtio.pem");