Added ES256/ES384/ES512 Algorithm stubs
This commit is contained in:
parent
8f0809318d
commit
6768230077
|
@ -18,6 +18,15 @@ pub enum Algorithm {
|
||||||
/// HMAC using SHA-512
|
/// HMAC using SHA-512
|
||||||
HS512,
|
HS512,
|
||||||
|
|
||||||
|
/// ECDSA using SHA-256
|
||||||
|
ES256,
|
||||||
|
|
||||||
|
/// ECDSA using SHA-384
|
||||||
|
ES384,
|
||||||
|
|
||||||
|
/// ECDSA using SHA-512
|
||||||
|
ES512,
|
||||||
|
|
||||||
/// RSASSA-PKCS1-v1_5 using SHA-256
|
/// RSASSA-PKCS1-v1_5 using SHA-256
|
||||||
RS256,
|
RS256,
|
||||||
/// RSASSA-PKCS1-v1_5 using SHA-384
|
/// RSASSA-PKCS1-v1_5 using SHA-384
|
||||||
|
@ -39,6 +48,9 @@ impl FromStr for Algorithm {
|
||||||
"HS256" => Ok(Algorithm::HS256),
|
"HS256" => Ok(Algorithm::HS256),
|
||||||
"HS384" => Ok(Algorithm::HS384),
|
"HS384" => Ok(Algorithm::HS384),
|
||||||
"HS512" => Ok(Algorithm::HS512),
|
"HS512" => Ok(Algorithm::HS512),
|
||||||
|
"ES256" => Ok(Algorithm::ES256),
|
||||||
|
"ES384" => Ok(Algorithm::ES384),
|
||||||
|
"ES512" => Ok(Algorithm::ES512),
|
||||||
"RS256" => Ok(Algorithm::HS256),
|
"RS256" => Ok(Algorithm::HS256),
|
||||||
"RS384" => Ok(Algorithm::HS384),
|
"RS384" => Ok(Algorithm::HS384),
|
||||||
"RS512" => Ok(Algorithm::HS512),
|
"RS512" => Ok(Algorithm::HS512),
|
||||||
|
@ -55,6 +67,11 @@ fn sign_hmac(alg: &'static digest::Algorithm, key: &[u8], signing_input: &str) -
|
||||||
Ok(base64::encode_config::<hmac::Signature>(&digest, base64::URL_SAFE_NO_PAD))
|
Ok(base64::encode_config::<hmac::Signature>(&digest, base64::URL_SAFE_NO_PAD))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// The actual ECDSA signing + encoding
|
||||||
|
fn sign_ecdsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
|
||||||
|
unimplemented!()
|
||||||
|
}
|
||||||
|
|
||||||
/// The actual RSA signing + encoding
|
/// The actual RSA signing + encoding
|
||||||
/// Taken from Ring doc https://briansmith.org/rustdoc/ring/signature/index.html
|
/// Taken from Ring doc https://briansmith.org/rustdoc/ring/signature/index.html
|
||||||
fn sign_rsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
|
fn sign_rsa(alg: Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
|
||||||
|
@ -90,6 +107,10 @@ pub fn sign(signing_input: &str, key: &[u8], algorithm: Algorithm) -> Result<Str
|
||||||
Algorithm::HS384 => sign_hmac(&digest::SHA384, key, signing_input),
|
Algorithm::HS384 => sign_hmac(&digest::SHA384, key, signing_input),
|
||||||
Algorithm::HS512 => sign_hmac(&digest::SHA512, key, signing_input),
|
Algorithm::HS512 => sign_hmac(&digest::SHA512, key, signing_input),
|
||||||
|
|
||||||
|
Algorithm::ES256 | Algorithm::ES384 | Algorithm::ES512 => {
|
||||||
|
sign_ecdsa(algorithm, key, signing_input)
|
||||||
|
}
|
||||||
|
|
||||||
Algorithm::RS256 | Algorithm::RS384 | Algorithm::RS512 => {
|
Algorithm::RS256 | Algorithm::RS384 | Algorithm::RS512 => {
|
||||||
sign_rsa(algorithm, key, signing_input)
|
sign_rsa(algorithm, key, signing_input)
|
||||||
}
|
}
|
||||||
|
@ -133,6 +154,9 @@ pub fn verify(
|
||||||
let signed = sign(signing_input, key, algorithm)?;
|
let signed = sign(signing_input, key, algorithm)?;
|
||||||
Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
|
Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
|
||||||
}
|
}
|
||||||
|
Algorithm::ES256 | Algorithm::ES384 | Algorithm::ES512 => {
|
||||||
|
unimplemented!()
|
||||||
|
}
|
||||||
Algorithm::RS256 => {
|
Algorithm::RS256 => {
|
||||||
verify_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)
|
verify_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue