michael/jsonwebtoken
michael
/
jsonwebtoken
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added ES256/ES384/ES512 Algorithm stubs

This commit is contained in:
Jasper Bryant-Greene 2019-01-09 09:18:49 +08:00
parent 8f0809318d
commit 6768230077
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/crypto.rs
View File

@ -18,6 +18,15 @@ pub enum Algorithm {
/// HMAC using SHA-512 /// HMAC using SHA-512
HS512, HS512,
/// ECDSA using SHA-256
ES256,
/// ECDSA using SHA-384
ES384,
/// ECDSA using SHA-512
ES512,
/// RSASSA-PKCS1-v1_5 using SHA-256 /// RSASSA-PKCS1-v1_5 using SHA-256
RS256, RS256,
/// RSASSA-PKCS1-v1_5 using SHA-384 /// RSASSA-PKCS1-v1_5 using SHA-384
@ -39,6 +48,9 @@ impl FromStr for Algorithm {
"HS256" => Ok(Algorithm::HS256), "HS256" => Ok(Algorithm::HS256),
"HS384" => Ok(Algorithm::HS384), "HS384" => Ok(Algorithm::HS384),
"HS512" => Ok(Algorithm::HS512), "HS512" => Ok(Algorithm::HS512),
"ES256" => Ok(Algorithm::ES256),
"ES384" => Ok(Algorithm::ES384),
"ES512" => Ok(Algorithm::ES512),
"RS256" => Ok(Algorithm::HS256), "RS256" => Ok(Algorithm::HS256),
"RS384" => Ok(Algorithm::HS384), "RS384" => Ok(Algorithm::HS384),
"RS512" => Ok(Algorithm::HS512), "RS512" => Ok(Algorithm::HS512),
@ -55,6 +67,11 @@ fn sign_hmac(alg: &'static digest::Algorithm, key: &[u8], signing_input: &str) -
Ok(base64::encode_config::<hmac::Signature>(&digest, base64::URL_SAFE_NO_PAD)) Ok(base64::encode_config::<hmac::Signature>(&digest, base64::URL_SAFE_NO_PAD))
} }
/// The actual ECDSA signing + encoding
fn sign_ecdsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
unimplemented!()
}
/// The actual RSA signing + encoding /// The actual RSA signing + encoding
/// Taken from Ring doc https://briansmith.org/rustdoc/ring/signature/index.html /// Taken from Ring doc https://briansmith.org/rustdoc/ring/signature/index.html
fn sign_rsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> { fn sign_rsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
@ -90,6 +107,10 @@ pub fn sign(signing_input: &str, key: &[u8], algorithm: Algorithm) -> Result<Str
Algorithm::HS384 => sign_hmac(&digest::SHA384, key, signing_input), Algorithm::HS384 => sign_hmac(&digest::SHA384, key, signing_input),
Algorithm::HS512 => sign_hmac(&digest::SHA512, key, signing_input), Algorithm::HS512 => sign_hmac(&digest::SHA512, key, signing_input),
Algorithm::ES256 | Algorithm::ES384 | Algorithm::ES512 => {
sign_ecdsa(algorithm, key, signing_input)
}
Algorithm::RS256 | Algorithm::RS384 | Algorithm::RS512 => { Algorithm::RS256 | Algorithm::RS384 | Algorithm::RS512 => {
sign_rsa(algorithm, key, signing_input) sign_rsa(algorithm, key, signing_input)
} }
@ -133,6 +154,9 @@ pub fn verify(
let signed = sign(signing_input, key, algorithm)?; let signed = sign(signing_input, key, algorithm)?;
Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok()) Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
} }
Algorithm::ES256 | Algorithm::ES384 | Algorithm::ES512 => {
unimplemented!()
}
Algorithm::RS256 => { Algorithm::RS256 => {
verify_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key) verify_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)
} }