pub struct Signable { /* private fields */ }
Expand description
Data that can be turned into a JWS
This struct ensures that the serialized data is stable;
Signable::protected_header_serialized
and Signable::payload
will always return the same bytes; Signable::protected_header_registered
will always return a reference to the same RegisteredHeader
struct.
This allows SignedData
to retain the data as it was signed,
carrying a signature that remains verifiable.
Examples
use biscuit::jws::{Header, RegisteredHeader, Signable};
use biscuit::jwa::SignatureAlgorithm;
use biscuit::Empty;
let header = Header::<Empty>::from(RegisteredHeader {
algorithm: SignatureAlgorithm::ES256,
..Default::default()
});
let payload = b"These bytes cannot be altered";
let data = Signable::new(header, payload.to_vec())?;
Implementations§
source§impl Signable
impl Signable
sourcepub fn new<H: Serialize>(
header: Header<H>,
payload: Vec<u8>
) -> Result<Self, Error>
pub fn new<H: Serialize>( header: Header<H>, payload: Vec<u8> ) -> Result<Self, Error>
Build a Signable from a header and a payload
Header and payload will both be protected by the signature, we do not make use of unprotected headers
Errors
Errors are returned if headers can’t be serialized;
this would only happen if the H
type carrying extension headers
can not be serialized.
sourcepub fn sign(self, secret: Secret) -> Result<SignedData, Error>
pub fn sign(self, secret: Secret) -> Result<SignedData, Error>
Convenience function to build a SignedData from this Signable
See SignedData::sign
sourcepub fn protected_header_registered(&self) -> &RegisteredHeader
pub fn protected_header_registered(&self) -> &RegisteredHeader
Return a reference to the registered (known to biscuit) protected headers
sourcepub fn protected_header_serialized(&self) -> &[u8] ⓘ
pub fn protected_header_serialized(&self) -> &[u8] ⓘ
Return a reference to protected headers as they were serialized
sourcepub fn deserialize_protected_header<H: DeserializeOwned>(
&self
) -> Result<Header<H>>
pub fn deserialize_protected_header<H: DeserializeOwned>( &self ) -> Result<Header<H>>
Deserialize protected headers
This allows access to protected headers beyond those that are recognized with RegisteredHeader
sourcepub fn deserialize_json_payload<T: DeserializeOwned>(&self) -> Result<T>
pub fn deserialize_json_payload<T: DeserializeOwned>(&self) -> Result<T>
Deserialize a JSON payload
Note
JWS does not put any requirement on payload bytes, which need not be JSON