[−][src]Enum biscuit::jws::Secret
The secrets used to sign and/or encrypt tokens
Variants
Used with the None
algorithm variant.
Bytes used for HMAC secret. Can be constructed from a string literal
Examples
use biscuit::jws::Secret; let secret = Secret::bytes_from_str("secret");
RsaKeyPair(Arc<RsaKeyPair>)
An RSA Key pair constructed from a DER-encoded private key
To generate a private key, use
openssl genpkey -algorithm RSA \
-pkeyopt rsa_keygen_bits:2048 \
-outform der \
-out private_key.der
Often, keys generated for use in OpenSSL-based software are
encoded in PEM format, which is not supported by ring. PEM-encoded
keys that are in RSAPrivateKey
format can be decoded into the using
an OpenSSL command like this:
openssl rsa -in private_key.pem -outform DER -out private_key.der
Examples
use biscuit::jws::Secret; let secret = Secret::rsa_keypair_from_file("test/fixtures/rsa_private_key.der");
EcdsaKeyPair(Arc<EcdsaKeyPair>)
An ECDSA Key pair constructed from a PKCS8 DER encoded private key
To generate a private key, use
openssl ecparam -genkey -name prime256v1 | \
openssl pkcs8 -topk8 -nocrypt -outform DER > ecdsa_private_key.p8
Examples
use biscuit::jws::Secret; let secret = Secret::ecdsa_keypair_from_file(biscuit::jwa::SignatureAlgorithm::ES256, "test/fixtures/ecdsa_private_key.p8");
Bytes of a DER encoded RSA Public Key
To generate the public key from your DER-encoded private key
openssl rsa -in private_key.der \
-inform DER
-RSAPublicKey_out \
-outform DER \
-out public_key.der
To convert a PEM formatted public key
openssl rsa -RSAPublicKey_in \
-in public_key.pem \
-inform PEM \
-outform DER \
-RSAPublicKey_out \
-out public_key.der
Examples
use biscuit::jws::Secret; let secret = Secret::public_key_from_file("test/fixtures/rsa_public_key.der");
Use the modulus (n
) and exponent (e
) of an RSA key directly
These parameters can be obtained from a JWK directly using
jwk::RSAKeyParameters::jws_public_key_secret
Methods
impl Secret
[src]
pub fn bytes_from_str(secret: &str) -> Self
[src]
Convenience function to create a secret bytes array from a string
See example in the Secret::Bytes
variant documentation for usage.
pub fn rsa_keypair_from_file(path: &str) -> Result<Self, Error>
[src]
Convenience function to get the RSA Keypair from a DER encoded RSA private key.
See example in the Secret::RsaKeyPair
variant documentation for usage.
pub fn ecdsa_keypair_from_file(
algorithm: SignatureAlgorithm,
path: &str
) -> Result<Self, Error>
[src]
algorithm: SignatureAlgorithm,
path: &str
) -> Result<Self, Error>
Convenience function to get the ECDSA Keypair from a PKCS8-DER encoded EC private key.
pub fn public_key_from_file(path: &str) -> Result<Self, Error>
[src]
Convenience function to create a Public key from a DER encoded RSA or ECDSA public key
See examples in the Secret::PublicKey
variant documentation for usage.
Trait Implementations
impl From<RSAKeyParameters> for Secret
[src]
fn from(rsa: RSAKeyParameters) -> Self
[src]
Auto Trait Implementations
impl RefUnwindSafe for Secret
impl Send for Secret
impl Sync for Secret
impl Unpin for Secret
impl UnwindSafe for Secret
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,