Michael Pfaff
3948597cd9
Remove no_verify feature flag in favor of cfg(target_arch)
2022-03-06 12:11:22 -05:00
Michael Pfaff
86ba5e1d6c
Support for WASM
2022-02-27 23:24:26 -05:00
Vincent Prouillet
1a9ca38b76
Update leeway docs
...
Closes #234
2022-02-03 16:23:33 +01:00
Vivien Maisonneuve
0ed16a34ad
Fix function name in doc comment
2022-02-03 13:08:21 +01:00
Pietro
03927bf319
reduced default double allocation to one ( #232 )
2022-02-02 22:10:11 +01:00
Vincent Prouillet
1a46cfa7c9
Add default feature use_pem
2022-02-02 22:10:11 +01:00
Vincent Prouillet
5486f96f52
Remove iat mention
...
Closes #228
2022-02-02 22:10:11 +01:00
Vincent Prouillet
255c740e47
Add required_spec_claims ( #225 )
2022-02-02 22:10:11 +01:00
Vincent Prouillet
356fac075d
Fix validation for issuers
2022-02-02 22:10:11 +01:00
Vincent Prouillet
5ed8af440c
Rename set_iss to be in line with set_audience
2022-02-02 22:10:11 +01:00
Vincent Prouillet
c9c94c2b02
Change default leeway
2022-02-02 22:10:11 +01:00
Vincent Prouillet
bebeb5f222
Fix #220
2022-02-02 22:10:11 +01:00
Andrew Walbran
7301e928b0
Implement Clone, Eq and PartialEq for Error. ( #218 )
...
* Implement Eq and PartialEq for Error.
* Implement Clone for Error.
serde_json::Error doesn't implement Clone, so wrapped it in an Arc.
2022-02-02 22:10:11 +01:00
emeryc
2cc95b9f37
Numeric type ( #214 )
...
* exp & nbf as float
In order to properly align with JWT NumericType wire protocol
allow for type on wire to either be u64 or f64. In either case we
convert in the most lossless way possible to a u64, so that nobody
needs to know that the spec is overly permissive.
* minimal cleanup
2022-02-02 22:10:11 +01:00
Vincent Prouillet
733d29aa87
Add back Validation::default()
...
Closes #208
2022-02-02 22:10:11 +01:00
Ten0
f9771f7835
Improve deserialization performance around validation and its tests ( #202 )
...
* Improve deserialization performance around validation and its tests
The claims validation was done via deserializing into a Map, which
implies allocations/deallocations. This was done even if the map was not
used afterwards.
This commit improves performance of the validation by never
deserializing in a `Map`, and deserializing only when necessary, to
a struct that typically only borrows from the original b64-decoded
json string.
The validation function interface change required update to the tests,
which are also made easier to read by using the `serde_json::json!`
macro.
* unrelated: fix bench compilation
2022-02-02 22:10:11 +01:00
Vincent Prouillet
1dcfda92f0
Unify various decode into the validation struct ( #199 )
2022-02-02 22:10:11 +01:00
Ten0
6a7eec9030
Add support for x5t#S256 header ( #203 )
2022-02-02 22:10:11 +01:00
Vincent Prouillet
a11106faff
Add types for JWK/JWKS based on biscuit ( #195 )
...
* Add types for JWK/JWKS based on biscuit
* Address comments
* Fix issues
2022-02-02 22:10:11 +01:00
Matteo Bertucci
94fef12259
Docs: fix copy paste error in ErrorKind::InvalidSubject ( #196 )
...
The documentation for `ErrorKind::InvalidSubject` mentioned the `aud` claim instead of `sub`. This commit fixes it.
2022-02-02 22:10:11 +01:00
Vincent Prouillet
3e245e3e6b
Allow uppercase algorithms (too much breakage otherwise)
2022-02-02 22:10:11 +01:00
Vincent Prouillet
b6dafd63dd
Make Validation::algorithms an error if empty
2022-02-02 22:10:11 +01:00
Jarred Nicholls
fd2c314d3c
Add tests for Header::x5c_der(), and modify its return type to be fallible. ( #185 )
2022-02-02 22:10:11 +01:00
Jarred Nicholls
8bdc5215ea
Add an access method to decode the Header x5c field into DER PKIX format. ( #184 )
2022-02-02 22:10:11 +01:00
Saber Haj Rabiee
45fb43c1f7
removed unnecessary conversions ( #180 )
...
* removed unnecessary conversions
2022-02-02 22:10:11 +01:00
Oliver Thallmair
de5a1903b0
add x5c header ( #182 )
...
* add x5c header
* fix format
2022-02-02 22:10:11 +01:00
Saber Haj Rabiee
f3566ecd82
clone-free validate function ( #179 )
...
* clone-free validate function
It could save up to 300ns in my benches
2022-02-02 22:10:11 +01:00
Saber Haj Rabiee
d8cc36dd0c
clone-free serde Value deserialization ( #178 )
...
* clone-free serde Value deserialization
2022-02-02 22:10:11 +01:00
Saber Haj Rabiee
9fd9db55cd
Update validation.rs ( #176 )
2022-02-02 22:10:11 +01:00
Saber Haj Rabiee
da761fe039
checking iss for multiple values ( #173 )
2022-02-02 22:10:11 +01:00
Vincent Prouillet
c9442834ed
Make DecodingKey own all the data
...
Closes #120
Supersedes #128
2022-02-02 22:10:11 +01:00
Vincent Prouillet
60c92f2882
Fix clippy
2022-02-02 22:10:11 +01:00
Vincent Prouillet
f50e4901cb
Avoid allocation
2022-02-02 22:10:11 +01:00
Adrian Black
2aad217087
add verify_sig fn ( #161 )
...
* add verify_sig fn
* fix missing comma
* fmt whitespace changes
2022-02-02 22:10:11 +01:00
Vincent Prouillet
d2c8ae3f11
Impl PartialEq for ErrorKind
...
Closes #125
2022-02-02 22:10:11 +01:00
Vincent Prouillet
5c706b005a
Remove deprecated fn
2022-02-02 22:10:11 +01:00
Vincent Prouillet
2c9c57fc4b
Expose get_current_timestamp
...
Closes #152
2022-02-02 22:10:11 +01:00
Vincent Prouillet
30571cafd2
Keep RSA key error message from ring
...
Closes #164
2022-02-02 22:10:11 +01:00
Vincent Prouillet
ea4ed55551
Bytes everywhere for sign/verify
2022-02-02 22:10:11 +01:00
Charles Lehner
4aee8bc382
Add sign and verify on bytes ( #150 )
2022-02-02 22:10:11 +01:00
Charles Lehner
2178cc7506
Add EdDSA (Ed25519) ( #154 )
2022-02-02 22:10:11 +01:00
Arniu Tseng
2f25cbed0a
Add note about encoding keys ( #163 )
...
* Add note about encoding keys
* Update encoding.rs
* Format code
2020-12-07 16:00:44 +01:00
Piotr Maks
90b9700748
Clippy ( #146 )
...
* Bump minimum required Rust version to 1.40
Motivation for this change is use of `#[non_exhaustive]` attribute that
was stabilized in Rust 1.40.0
* Migrate benchmarks to criterion
Remove use of unstable features in favour of criterion benchmarks
* Enable clippy in Github Actions
* Fix clippy::manual_non_exhaustive
Remove manual implementations of the non-exhaustive pattern. Instead
use the `#[non_exhaustive]` attribute.
* Allow reexport of deprecated function
Silence rustc `deprecated` working in function reexport
* Remove redundant clone
* Fix various clippy warnings
* Remove redundant pattern
* Use `unreachable!()` to fail test
* No need to add `&` to all patterns
2020-08-31 12:04:57 +02:00
Piotr Maks
29aad97739
Format code and check style in Github Actions ( #145 )
2020-08-07 18:10:26 +02:00
Craig Colegrove
64f276c814
Add new function and tests ( #138 )
...
Co-authored-by: Vincent Prouillet <balthek@gmail.com>
2020-06-30 20:03:53 +02:00
Vincent Prouillet
6262b4700b
Slight tweaks
2020-06-30 19:58:11 +02:00
Craig Colegrove
636c0dc203
Rename dangerous_unsafe_decode to dangerous_insecure_decode ( #139 )
...
* Rename dangerous_unsafe_decode to dangerous_insecure_decode
* Add back old function name with deprecation flag
2020-06-30 19:50:45 +02:00
Craig Colegrove
693a100128
Derive Hash for Header and Algorithm ( #137 )
2020-06-16 12:04:22 +02:00
Hexilee
946aef1b57
revert breaking change of DecodingKey
2020-02-28 15:20:41 +08:00
Hexilee
a750d5586f
fix issue 120: DecodingKey can be converted to static
2020-02-28 01:26:58 +08:00
FujiApple
2f359b515c
- Fix recursive `Display::fmt` implementation on `Error` to avoid stack overflow
...
- Added unit test to cover a sample case
2020-01-31 13:11:40 +08:00
Vincent Prouillet
c2f6093309
Get rid of deprecrated std error description
2020-01-27 20:52:46 -08:00
Vincent Prouillet
689cc6d32e
Validate key type with algo in encode/decode
2020-01-13 19:41:06 +01:00
Vincent Prouillet
4dd2f12c6d
Remove EncodingKey lifetime
2020-01-02 19:40:53 +01:00
Vincent Prouillet
77ae0effc8
Add DecodingKey
2019-12-29 21:50:06 +01:00
Vincent Prouillet
0abeeac25f
Add EncodingKey
2019-12-29 19:33:17 +01:00
Vincent Prouillet
bfcfc1d341
Handle aud not being a sequence
...
Closes #110
2019-11-28 19:27:33 +01:00
Vincent Prouillet
d550c5f318
Add more tests and document SEC1 lack of support
2019-11-15 20:16:38 +01:00
Vincent Prouillet
6e8d4a4be6
Remove pem encoding for now
2019-11-14 19:48:38 +01:00
Vincent Prouillet
51dacd9bc4
Update docs
2019-11-14 19:43:43 +01:00
Vincent Prouillet
8e4757cb1d
More refactoring in the crypto mod
2019-11-11 20:29:57 +01:00
Vincent Prouillet
1f6d0ffb2c
Refactor decoding
2019-11-11 20:16:34 +01:00
Vincent Prouillet
8169ee3d9f
Remove chrono from deps
2019-11-11 19:47:35 +01:00
Vincent Prouillet
614f3610a7
Fix stupid bug
2019-11-11 12:08:11 +01:00
Vincent Prouillet
b27981549f
Not working yet jwk decoding
2019-11-09 11:42:40 +00:00
Vincent Prouillet
34ea194179
Move crypto to a dir
2019-11-08 19:00:19 +00:00
Vincent Prouillet
e3632b3a2c
Remove Key approach in favour of &[u8] with pem
2019-11-06 22:32:13 +00:00
Vincent Prouillet
a6ea8c2c1a
clippy + fmt
2019-11-06 18:41:51 +00:00
Vincent Prouillet
382e4478cf
Move pem encoding tests
2019-11-06 18:30:59 +00:00
Levi
53188e1f40
Add functions to create pems and ders of the public keys ( #108 )
2019-11-06 13:58:49 +00:00
Vincent Prouillet
73d96357c3
Simplify header decoding
2019-11-03 16:13:22 +00:00
Vincent Prouillet
417e00780d
Use serde with derive feature
2019-11-03 15:46:08 +00:00
Vincent Prouillet
210e96063d
Reorganise tests
2019-11-03 15:36:19 +00:00
Vincent Prouillet
caef740ad4
Refactoring + more idiomatic enum names
2019-11-03 13:17:04 +00:00
Vincent Prouillet
06bebeaae3
cargo fmt
2019-11-03 12:55:36 +00:00
Vincent Prouillet
b9a3e3086f
Fix Option handling
2019-11-03 12:36:52 +00:00
Levi
571898252f
Add PEM decoding support ( #106 )
...
* Add PEM support with pem and simple_asn1. Documentation TODO
* Make pkcs1 and pkcs8 versions of the RSA key, confirm they pass tests.
* Add documentation, simplify
* Update readme
* Bump pem version
* Remove extra print
2019-11-03 12:22:51 +00:00
dowwie
60a030874a
updated imports in validation.rs
2019-10-31 14:12:08 -04:00
dowwie
68d6c84c8c
revised set_audience, cleaned up validation, and cleared compiler warnings
2019-10-28 11:49:02 -04:00
dowwie
0d7184a787
added update to aud type and aud validation
2019-10-27 15:14:52 -04:00
Brian Smith
f7423d075a
Use *ring* 0.16.5.
2019-08-10 11:38:54 -10:00
Vincent Prouillet
10105af2fd
Add support for modulus/exponent
2019-07-13 17:43:44 +02:00
Vincent Prouillet
b8627260b2
Update to edition 2018
2019-07-06 20:36:32 +02:00
Vincent Prouillet
20013a4e4f
Fixed conflicts
2019-06-16 18:00:00 +02:00
Vincent Prouillet
84ee604e88
trait -> enum
2019-06-16 17:51:43 +02:00
Kan-Ru Chen
c26bdf7e06
Support for RSASSA-PSS signing algorithm
...
As specified in https://tools.ietf.org/html/rfc7518#section-3.5
- PS256 - RSASSA-PSS using SHA-256 hash algorithm
- PS384 - RSASSA-PSS using SHA-384 hash algorithm
- PS512 - RSASSA-PSS using SHA-512 hash algorithm
2019-06-08 03:08:54 +09:00
Jake Shadle
6cfb5c7c0e
Add Key trait and the supported formats
2019-05-15 16:19:38 +02:00
Max Burke
f68210c688
Fix algorithm mapping.
...
RS256/384/512 algorithm strings were mapped to HMAC-SHA256/384/512
enumerators.
2019-05-10 16:36:28 -07:00
Vincent Prouillet
b4e0ae5f6d
Merge branch 'next' into master
2019-03-22 09:24:02 +01:00
Vincent Prouillet
be27206088
Remove iat validation, it isnt supposed to be done
2019-02-04 18:44:08 +01:00
Vincent Prouillet
86dce0003e
Merge pull request #72 from endor/master
...
Fix documentation of default values in validation
2019-02-04 18:36:48 +01:00
Jasper Bryant-Greene
e10b049d9a
implemented verification of ECDSA signatures and added tests
2019-02-01 12:11:20 +08:00
Frank Prößdorf
2793bc2be4
Fix documentation of default values in validation
2019-01-18 09:31:56 +02:00
Alex Gaynor
716fe8b64d
Upgraded ring to 0.14
2019-01-13 00:20:34 +00:00
Jasper Bryant-Greene
9883fab729
implemented ECDSA signing, updated ring to 0.14 alpha
2019-01-09 09:46:06 +08:00
Jasper Bryant-Greene
6768230077
Added ES256/ES384/ES512 Algorithm stubs
2019-01-09 09:18:49 +08:00
Vincent Prouillet
8f0809318d
rustfmt
2018-10-28 19:58:35 +01:00
Vincent Prouillet
d63af8d6e0
clippy
2018-10-28 19:58:06 +01:00
himanoa
4bd4c8b3de
feat: Implement FromStr trait for Algorithm
2018-08-31 03:53:55 +09:00
Vincent Prouillet
c78574aae4
Remove some commented out code
2018-07-26 09:43:21 +02:00