Trait SigningKey 

pub trait SigningKey: Key {
    type Signature: AsRef<[u8]>;

    // Required methods
    fn sign(&self, s: &[u8]) -> Result<Self::Signature>;
    fn jwk(&self) -> Value;
}

Represents a key that can be used to sign a JWT.

Required Associated Types

type Signature: AsRef<[u8]>

The result of signing, e.g. [u8; 32].

Required Methods

fn sign(&self, s: &[u8]) -> Result<Self::Signature>

Returns a (non-base64-encoded) signature on s.

fn jwk(&self) -> Value

Returns JSON Web Key description of the associated public key.

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementations on Foreign Types

impl SigningKey for SigningKey

Implements signing JWTs using ed25519, See RFC8037.

use pubhubs::misc::jwt::SigningKey;
use base64ct::{Base64UrlUnpadded, Encoding as _};

let mut privhex : String = r#"9d 61 b1 9d ef fd 5a 60 ba 84 4a f4 92 ec 2c c4
               44 49 c5 69 7b 32 69 19 70 3b ac 03 1c ae 7f 60"#.into();
let mut pubhex : String = r#"d7 5a 98 01 82 b1 0a b7 d5 4b fe d3 c9 64 07 3a
              0e e1 72 f3 da a6 23 25 af 02 1a 68 f7 07 51 1a"#.into();
privhex.retain(|c| !c.is_whitespace());
pubhex.retain(|c| !c.is_whitespace());
let privkey = base16ct::lower::decode_vec(privhex.as_bytes()).unwrap();
let pubkey = base16ct::lower::decode_vec(pubhex.as_bytes()).unwrap();
let sk = ed25519_dalek::SigningKey::try_from(privkey.as_slice()).unwrap();

assert_eq!(sk.verifying_key().to_bytes().as_slice(), pubkey.as_slice());

// See "A.4 Ed25519 Signing" from RFC8037.
assert_eq!(
    Base64UrlUnpadded::encode_string(&SigningKey::sign(&sk,
            "eyJhbGciOiJFZERTQSJ9.RXhhbXBsZSBvZiBFZDI1NTE5IHNpZ25pbmc".as_bytes()
        ).unwrap().as_ref()
    ),
    "hgyY0il_MGCjP0JzlnLWG1PPOt7-09PGcvMg3AIbQR6dWbhijcNR4ki4iylGjg5BhVsPt9g7sVvpAr_MuM0KAg");

// See "A.3 JWK Thumbprint Canonicalization" from RFC8037.
assert_eq!(sk.jwk(), serde_json::json!({
    "kty": "OKP",
    "alg": "EdDSA",
    "crv": "Ed25519",
    "x": "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
    "use": "sig",
}));

type Signature = [u8; 64]

fn sign(&self, s: &[u8]) -> Result<[u8; 64]>

fn jwk(&self) -> Value

Implementors

impl SigningKey for HS256

Implements signing of JWTs using the sha256-hmac.

use pubhubs::misc::jwt::{HS256, SigningKey};
use base64ct::{Base64UrlUnpadded, Encoding as _};

// Example A.1.1 of RFC 7515
let key = HS256(Base64UrlUnpadded::decode_vec("AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow").unwrap().into());
let result = key.sign("eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ".as_bytes()).unwrap();
assert_eq!(Base64UrlUnpadded::encode_string(&result),
    "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk");

type Signature = GenericArray<u8, <CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>, OidSha256>> as OutputSizeUser>::OutputSize>

impl SigningKey for RS256Sk

type Signature = Box<[u8]>