Enum biscuit::jws::Secret [] [src]

pub enum Secret {
    None,
    Bytes(Vec<u8>),
    RSAKeyPair(Arc<RSAKeyPair>),
    PublicKey(Vec<u8>),
}

The secrets used to sign and/or encrypt tokens

Variants

Used with the None algorithm variant.

Bytes used for HMAC secret. Can be constructed from a string literal

Examples

use biscuit::jws::Secret;

let secret = Secret::bytes_from_str("secret");

An RSA Key pair constructed from a DER-encoded private key

To generate a private key, use

openssl genpkey -algorithm RSA \
                -pkeyopt rsa_keygen_bits:2048 \
                -outform der \
                -out private_key.der

Often, keys generated for use in OpenSSL-based software are encoded in PEM format, which is not supported by ring. PEM-encoded keys that are in RSAPrivateKey format can be decoded into the using an OpenSSL command like this:

openssl rsa -in private_key.pem -outform DER -out private_key.der

Examples

use biscuit::jws::Secret;

let secret = Secret::rsa_keypair_from_file("test/fixtures/rsa_private_key.der");

Bytes of a DER encoded RSA Public Key

To generate the public key from your DER-encoded private key

openssl rsa -in private_key.der \
            -inform DER
            -RSAPublicKey_out \
            -outform DER \
            -out public_key.der

To convert a PEM formatted public key

openssl rsa -RSAPublicKey_in \
            -in public_key.pem \
            -inform PEM \
            -outform DER \
            -RSAPublicKey_out \
            -out public_key.der

Examples

use biscuit::jws::Secret;

let secret = Secret::public_key_from_file("test/fixtures/rsa_public_key.der");

Methods

impl Secret
[src]

Convenience function to create a secret bytes array from a string See example in the [Secret::Bytes] variant documentation for usage.

Convenience function to get the RSA Keypair from a DER encoded RSA private key. See example in the [Secret::RSAKeyPair] variant documentation for usage.

Convenience function to create a Public key from a DER encoded RSA or ECDSA public key See examples in the [Secret::PublicKey] variant documentation for usage.