RSA working
This commit is contained in:
parent
f7d0a7a002
commit
67497950c6
|
@ -0,0 +1,19 @@
|
|||
# Changelog
|
||||
|
||||
## 2.0.0 (unreleased)
|
||||
|
||||
- Use Serde instead of rustc_serialize
|
||||
- Add RSA support
|
||||
- Change API, see README for new usage
|
||||
|
||||
## Previous
|
||||
|
||||
- 1.1.7: update ring
|
||||
- 1.1.6: update ring
|
||||
- 1.1.5: update ring version
|
||||
- 1.1.4: use ring instead of rust-crypto
|
||||
- 1.1.3: Make sign and verify public
|
||||
- 1.1.2: Update rust-crypto to 0.2.35
|
||||
- 1.1.1: Don't serialize empty fields in header
|
||||
- 1.1.0: Impl Error for jsonwebtoken errors
|
||||
- 1.0: Initial release
|
12
README.md
12
README.md
|
@ -69,15 +69,3 @@ On my thinkpad 440s for a 2 claims struct using HMAC SHA256:
|
|||
test bench_decode ... bench: 4,947 ns/iter (+/- 611)
|
||||
test bench_encode ... bench: 3,301 ns/iter (+/- 465)
|
||||
```
|
||||
|
||||
## Changelog
|
||||
|
||||
- 1.1.7: update ring
|
||||
- 1.1.6: update ring
|
||||
- 1.1.5: update ring version
|
||||
- 1.1.4: use ring instead of rust-crypto
|
||||
- 1.1.3: Make sign and verify public
|
||||
- 1.1.2: Update rust-crypto to 0.2.35
|
||||
- 1.1.1: Don't serialize empty fields in header
|
||||
- 1.1.0: Impl Error for jsonwebtoken errors
|
||||
- 1.0: Initial release
|
||||
|
|
|
@ -102,12 +102,17 @@ pub fn verify(signature: &str, signing_input: &str, key: &[u8], algorithm: Algor
|
|||
_ => unreachable!(),
|
||||
};
|
||||
let signature_bytes = base64::decode_config(signature, base64::URL_SAFE_NO_PAD)?;
|
||||
let public_key_der = untrusted::Input::from(key);
|
||||
let message = untrusted::Input::from(signing_input.as_bytes());
|
||||
let expected_signature = untrusted::Input::from(signature_bytes.as_slice());
|
||||
|
||||
let res = signature::verify(
|
||||
verification_alg,
|
||||
untrusted::Input::from(key),
|
||||
untrusted::Input::from(signing_input.as_bytes()),
|
||||
untrusted::Input::from(signature_bytes.as_slice()),
|
||||
public_key_der,
|
||||
message,
|
||||
expected_signature,
|
||||
);
|
||||
println!("{:?}", res);
|
||||
|
||||
Ok(res.is_ok())
|
||||
},
|
||||
|
|
|
@ -3,14 +3,18 @@ use crypto::Algorithm;
|
|||
|
||||
/// A basic JWT header, the alg defaults to HS256 and typ is automatically
|
||||
/// set to `JWT`. All the other fields are optional
|
||||
#[derive(Debug, PartialEq, Serialize, Deserialize)]
|
||||
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
|
||||
pub struct Header {
|
||||
typ: String,
|
||||
pub alg: Algorithm,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub jku: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub kid: Option<String>,
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub x5u: Option<String>,
|
||||
pub x5t: Option<String>
|
||||
#[serde(skip_serializing_if = "Option::is_none")]
|
||||
pub x5t: Option<String>,
|
||||
}
|
||||
|
||||
impl Header {
|
||||
|
|
|
@ -17,3 +17,6 @@ Same as PEM but replace `PEM` by `DER`.
|
|||
|
||||
## Converting private DER to PEM
|
||||
`openssl rsa -in private_rsa_key.der -inform DER -outform PEM -out private_rsa_key.pem`
|
||||
|
||||
## Generating public key
|
||||
`openssl rsa -in private_rsa_key.der -inform DER -RSAPublicKey_out -outform DER -out public_key.der`
|
||||
|
|
Binary file not shown.
12
tests/rsa.rs
12
tests/rsa.rs
|
@ -11,12 +11,12 @@ struct Claims {
|
|||
company: String
|
||||
}
|
||||
|
||||
//#[test]
|
||||
//fn round_trip_sign_verification() {
|
||||
// let encrypted = sign("hello world", include_bytes!("private_rsa_key.der"), Algorithm::RS256).unwrap();
|
||||
// let is_valid = verify(&encrypted, "hello world", include_bytes!("public_rsa_key.der"), Algorithm::RS256).unwrap();
|
||||
// assert!(is_valid);
|
||||
//}
|
||||
#[test]
|
||||
fn round_trip_sign_verification() {
|
||||
let encrypted = sign("hello world", include_bytes!("private_rsa_key.der"), Algorithm::RS256).unwrap();
|
||||
let is_valid = verify(&encrypted, "hello world", include_bytes!("public_rsa_key.der"), Algorithm::RS256).unwrap();
|
||||
assert!(is_valid);
|
||||
}
|
||||
|
||||
|
||||
#[test]
|
||||
|
|
Loading…
Reference in New Issue