diff --git a/CHANGELOG.md b/CHANGELOG.md index acd53a1..856fc38 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,6 @@ # Changelog -# 7.0.0 (unreleased) +# 7.0.0 (2020-01-28) - Add support for PS256, PS384 and PS512 - Add support for verifying with modulus/exponent components for RSA @@ -8,6 +8,7 @@ - Changed aud field type in Validation to `Option>`. Audience validation now tests for "any-of-these" audience membership. - Add support for keys in PEM format +- Add EncodingKey/DecodingKey API to improve performance and UX ## 6.0.1 (2019-05-10) diff --git a/Cargo.toml b/Cargo.toml index 4bf6c71..7456549 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "jsonwebtoken" -version = "7.0.0-beta.1" +version = "7.0.0" authors = ["Vincent Prouillet "] license = "MIT" readme = "README.md" diff --git a/README.md b/README.md index 15dda9d..48db6cc 100644 --- a/README.md +++ b/README.md @@ -84,6 +84,9 @@ Encoding a JWT takes 3 parameters: When using HS256, HS2384 or HS512, the key is always a shared secret like in the example above. When using RSA/EC, the key should always be the content of the private key in the PEM or DER format. +If your key is in PEM format, it is better performance wise to generate the `EncodingKey` once in a `lazy_static` or +something similar and reuse it. + ### Decoding ```rust @@ -121,9 +124,12 @@ The main use-case is for JWK where your public key is in a JSON format like so: ```rust // `token` is a struct with 2 fields: `header` and `claims` where `claims` is your own struct. -let token = decode::(&token, &EncodingKey::from_rsa_components(jwk["n"], jwk["e"]), &Validation::new(Algorithm::RS256))?; +let token = decode::(&token, &DecodingKey::from_rsa_components(jwk["n"], jwk["e"]), &Validation::new(Algorithm::RS256))?; ``` +If your key is in PEM format, it is better performance wise to generate the `DecodingKey` once in a `lazy_static` or +something similar and reuse it. + ### Convert SEC1 private key to PKCS8 `jsonwebtoken` currently only supports PKCS8 format for private EC keys. If your key has `BEGIN EC PRIVATE KEY` at the top, this is a SEC1 type and can be converted to PKCS8 like so: