Michael Pfaff
4d8679a53b
cargo fmt
2022-03-06 12:27:27 -05:00
Michael Pfaff
c562d2f22e
Use crosstime git instead of local
2022-03-06 12:17:15 -05:00
Michael Pfaff
3948597cd9
Remove no_verify feature flag in favor of cfg(target_arch)
2022-03-06 12:11:22 -05:00
Michael Pfaff
86ba5e1d6c
Support for WASM
2022-02-27 23:24:26 -05:00
1a9ca38b76
Update leeway docs
...
Closes #234
2022-02-03 16:23:33 +01:00
0ed16a34ad
Fix function name in doc comment
2022-02-03 13:08:21 +01:00
03927bf319
reduced default double allocation to one ( #232 )
2022-02-02 22:10:11 +01:00
1a46cfa7c9
Add default feature use_pem
2022-02-02 22:10:11 +01:00
5486f96f52
Remove iat mention
...
Closes #228
2022-02-02 22:10:11 +01:00
255c740e47
Add required_spec_claims ( #225 )
2022-02-02 22:10:11 +01:00
356fac075d
Fix validation for issuers
2022-02-02 22:10:11 +01:00
5ed8af440c
Rename set_iss to be in line with set_audience
2022-02-02 22:10:11 +01:00
c9c94c2b02
Change default leeway
2022-02-02 22:10:11 +01:00
bebeb5f222
Fix #220
2022-02-02 22:10:11 +01:00
7301e928b0
Implement Clone, Eq and PartialEq for Error. ( #218 )
...
* Implement Eq and PartialEq for Error.
* Implement Clone for Error.
serde_json::Error doesn't implement Clone, so wrapped it in an Arc.
2022-02-02 22:10:11 +01:00
2cc95b9f37
Numeric type ( #214 )
...
* exp & nbf as float
In order to properly align with JWT NumericType wire protocol
allow for type on wire to either be u64 or f64. In either case we
convert in the most lossless way possible to a u64, so that nobody
needs to know that the spec is overly permissive.
* minimal cleanup
2022-02-02 22:10:11 +01:00
733d29aa87
Add back Validation::default()
...
Closes #208
2022-02-02 22:10:11 +01:00
f9771f7835
Improve deserialization performance around validation and its tests ( #202 )
...
* Improve deserialization performance around validation and its tests
The claims validation was done via deserializing into a Map, which
implies allocations/deallocations. This was done even if the map was not
used afterwards.
This commit improves performance of the validation by never
deserializing in a `Map`, and deserializing only when necessary, to
a struct that typically only borrows from the original b64-decoded
json string.
The validation function interface change required update to the tests,
which are also made easier to read by using the `serde_json::json!`
macro.
* unrelated: fix bench compilation
2022-02-02 22:10:11 +01:00
1dcfda92f0
Unify various decode into the validation struct ( #199 )
2022-02-02 22:10:11 +01:00
6a7eec9030
Add support for x5t#S256 header ( #203 )
2022-02-02 22:10:11 +01:00
a11106faff
Add types for JWK/JWKS based on biscuit ( #195 )
...
* Add types for JWK/JWKS based on biscuit
* Address comments
* Fix issues
2022-02-02 22:10:11 +01:00
94fef12259
Docs: fix copy paste error in ErrorKind::InvalidSubject ( #196 )
...
The documentation for `ErrorKind::InvalidSubject` mentioned the `aud` claim instead of `sub`. This commit fixes it.
2022-02-02 22:10:11 +01:00
3e245e3e6b
Allow uppercase algorithms (too much breakage otherwise)
2022-02-02 22:10:11 +01:00
b6dafd63dd
Make Validation::algorithms an error if empty
2022-02-02 22:10:11 +01:00
fd2c314d3c
Add tests for Header::x5c_der(), and modify its return type to be fallible. ( #185 )
2022-02-02 22:10:11 +01:00
8bdc5215ea
Add an access method to decode the Header x5c field into DER PKIX format. ( #184 )
2022-02-02 22:10:11 +01:00
45fb43c1f7
removed unnecessary conversions ( #180 )
...
* removed unnecessary conversions
2022-02-02 22:10:11 +01:00
de5a1903b0
add x5c header ( #182 )
...
* add x5c header
* fix format
2022-02-02 22:10:11 +01:00
f3566ecd82
clone-free validate function ( #179 )
...
* clone-free validate function
It could save up to 300ns in my benches
2022-02-02 22:10:11 +01:00
d8cc36dd0c
clone-free serde Value deserialization ( #178 )
...
* clone-free serde Value deserialization
2022-02-02 22:10:11 +01:00
9fd9db55cd
Update validation.rs ( #176 )
2022-02-02 22:10:11 +01:00
da761fe039
checking iss for multiple values ( #173 )
2022-02-02 22:10:11 +01:00
c9442834ed
Make DecodingKey own all the data
...
Closes #120
Supersedes #128
2022-02-02 22:10:11 +01:00
60c92f2882
Fix clippy
2022-02-02 22:10:11 +01:00
f50e4901cb
Avoid allocation
2022-02-02 22:10:11 +01:00
2aad217087
add verify_sig fn ( #161 )
...
* add verify_sig fn
* fix missing comma
* fmt whitespace changes
2022-02-02 22:10:11 +01:00
d2c8ae3f11
Impl PartialEq for ErrorKind
...
Closes #125
2022-02-02 22:10:11 +01:00
5c706b005a
Remove deprecated fn
2022-02-02 22:10:11 +01:00
2c9c57fc4b
Expose get_current_timestamp
...
Closes #152
2022-02-02 22:10:11 +01:00
30571cafd2
Keep RSA key error message from ring
...
Closes #164
2022-02-02 22:10:11 +01:00
ea4ed55551
Bytes everywhere for sign/verify
2022-02-02 22:10:11 +01:00
4aee8bc382
Add sign and verify on bytes ( #150 )
2022-02-02 22:10:11 +01:00
2178cc7506
Add EdDSA (Ed25519) ( #154 )
2022-02-02 22:10:11 +01:00
2f25cbed0a
Add note about encoding keys ( #163 )
...
* Add note about encoding keys
* Update encoding.rs
* Format code
2020-12-07 16:00:44 +01:00
90b9700748
Clippy ( #146 )
...
* Bump minimum required Rust version to 1.40
Motivation for this change is use of `#[non_exhaustive]` attribute that
was stabilized in Rust 1.40.0
* Migrate benchmarks to criterion
Remove use of unstable features in favour of criterion benchmarks
* Enable clippy in Github Actions
* Fix clippy::manual_non_exhaustive
Remove manual implementations of the non-exhaustive pattern. Instead
use the `#[non_exhaustive]` attribute.
* Allow reexport of deprecated function
Silence rustc `deprecated` working in function reexport
* Remove redundant clone
* Fix various clippy warnings
* Remove redundant pattern
* Use `unreachable!()` to fail test
* No need to add `&` to all patterns
2020-08-31 12:04:57 +02:00
29aad97739
Format code and check style in Github Actions ( #145 )
2020-08-07 18:10:26 +02:00
64f276c814
Add new function and tests ( #138 )
...
Co-authored-by: Vincent Prouillet <balthek@gmail.com>
2020-06-30 20:03:53 +02:00
6262b4700b
Slight tweaks
2020-06-30 19:58:11 +02:00
636c0dc203
Rename dangerous_unsafe_decode to dangerous_insecure_decode ( #139 )
...
* Rename dangerous_unsafe_decode to dangerous_insecure_decode
* Add back old function name with deprecation flag
2020-06-30 19:50:45 +02:00
693a100128
Derive Hash for Header and Algorithm ( #137 )
2020-06-16 12:04:22 +02:00
946aef1b57
revert breaking change of DecodingKey
2020-02-28 15:20:41 +08:00
a750d5586f
fix issue 120: DecodingKey can be converted to static
2020-02-28 01:26:58 +08:00
2f359b515c
- Fix recursive `Display::fmt` implementation on `Error` to avoid stack overflow
...
- Added unit test to cover a sample case
2020-01-31 13:11:40 +08:00
c2f6093309
Get rid of deprecrated std error description
2020-01-27 20:52:46 -08:00
689cc6d32e
Validate key type with algo in encode/decode
2020-01-13 19:41:06 +01:00
4dd2f12c6d
Remove EncodingKey lifetime
2020-01-02 19:40:53 +01:00
77ae0effc8
Add DecodingKey
2019-12-29 21:50:06 +01:00
0abeeac25f
Add EncodingKey
2019-12-29 19:33:17 +01:00
bfcfc1d341
Handle aud not being a sequence
...
Closes #110
2019-11-28 19:27:33 +01:00
d550c5f318
Add more tests and document SEC1 lack of support
2019-11-15 20:16:38 +01:00
6e8d4a4be6
Remove pem encoding for now
2019-11-14 19:48:38 +01:00
51dacd9bc4
Update docs
2019-11-14 19:43:43 +01:00
8e4757cb1d
More refactoring in the crypto mod
2019-11-11 20:29:57 +01:00
1f6d0ffb2c
Refactor decoding
2019-11-11 20:16:34 +01:00
8169ee3d9f
Remove chrono from deps
2019-11-11 19:47:35 +01:00
614f3610a7
Fix stupid bug
2019-11-11 12:08:11 +01:00
b27981549f
Not working yet jwk decoding
2019-11-09 11:42:40 +00:00
34ea194179
Move crypto to a dir
2019-11-08 19:00:19 +00:00
e3632b3a2c
Remove Key approach in favour of &[u8] with pem
2019-11-06 22:32:13 +00:00
a6ea8c2c1a
clippy + fmt
2019-11-06 18:41:51 +00:00
382e4478cf
Move pem encoding tests
2019-11-06 18:30:59 +00:00
53188e1f40
Add functions to create pems and ders of the public keys ( #108 )
2019-11-06 13:58:49 +00:00
73d96357c3
Simplify header decoding
2019-11-03 16:13:22 +00:00
417e00780d
Use serde with derive feature
2019-11-03 15:46:08 +00:00
210e96063d
Reorganise tests
2019-11-03 15:36:19 +00:00
caef740ad4
Refactoring + more idiomatic enum names
2019-11-03 13:17:04 +00:00
06bebeaae3
cargo fmt
2019-11-03 12:55:36 +00:00
b9a3e3086f
Fix Option handling
2019-11-03 12:36:52 +00:00
571898252f
Add PEM decoding support ( #106 )
...
* Add PEM support with pem and simple_asn1. Documentation TODO
* Make pkcs1 and pkcs8 versions of the RSA key, confirm they pass tests.
* Add documentation, simplify
* Update readme
* Bump pem version
* Remove extra print
2019-11-03 12:22:51 +00:00
60a030874a
updated imports in validation.rs
2019-10-31 14:12:08 -04:00
68d6c84c8c
revised set_audience, cleaned up validation, and cleared compiler warnings
2019-10-28 11:49:02 -04:00
0d7184a787
added update to aud type and aud validation
2019-10-27 15:14:52 -04:00
f7423d075a
Use *ring* 0.16.5.
2019-08-10 11:38:54 -10:00
10105af2fd
Add support for modulus/exponent
2019-07-13 17:43:44 +02:00
b8627260b2
Update to edition 2018
2019-07-06 20:36:32 +02:00
20013a4e4f
Fixed conflicts
2019-06-16 18:00:00 +02:00
84ee604e88
trait -> enum
2019-06-16 17:51:43 +02:00
c26bdf7e06
Support for RSASSA-PSS signing algorithm
...
As specified in https://tools.ietf.org/html/rfc7518#section-3.5
- PS256 - RSASSA-PSS using SHA-256 hash algorithm
- PS384 - RSASSA-PSS using SHA-384 hash algorithm
- PS512 - RSASSA-PSS using SHA-512 hash algorithm
2019-06-08 03:08:54 +09:00
6cfb5c7c0e
Add Key trait and the supported formats
2019-05-15 16:19:38 +02:00
f68210c688
Fix algorithm mapping.
...
RS256/384/512 algorithm strings were mapped to HMAC-SHA256/384/512
enumerators.
2019-05-10 16:36:28 -07:00
b4e0ae5f6d
Merge branch 'next' into master
2019-03-22 09:24:02 +01:00
be27206088
Remove iat validation, it isnt supposed to be done
2019-02-04 18:44:08 +01:00
86dce0003e
Merge pull request #72 from endor/master
...
Fix documentation of default values in validation
2019-02-04 18:36:48 +01:00
e10b049d9a
implemented verification of ECDSA signatures and added tests
2019-02-01 12:11:20 +08:00
2793bc2be4
Fix documentation of default values in validation
2019-01-18 09:31:56 +02:00
716fe8b64d
Upgraded ring to 0.14
2019-01-13 00:20:34 +00:00
9883fab729
implemented ECDSA signing, updated ring to 0.14 alpha
2019-01-09 09:46:06 +08:00
6768230077
Added ES256/ES384/ES512 Algorithm stubs
2019-01-09 09:18:49 +08:00
8f0809318d
rustfmt
2018-10-28 19:58:35 +01:00
d63af8d6e0
clippy
2018-10-28 19:58:06 +01:00
Michael Pfaff
Vincent Prouillet