[][src]Enum biscuit::jws::Secret

pub enum Secret {
    None,
    Bytes(Vec<u8>),
    RSAKeyPair(Arc<RSAKeyPair>),
    ECDSAKeyPair(Arc<ECDSAKeyPair>),
    PublicKey(Vec<u8>),
    RSAModulusExponent {
        n: BigUint,
        e: BigUint,
    },
}

The secrets used to sign and/or encrypt tokens

Variants

None

Used with the None algorithm variant.

Bytes(Vec<u8>)

Bytes used for HMAC secret. Can be constructed from a string literal

Examples

use biscuit::jws::Secret;

let secret = Secret::bytes_from_str("secret");
RSAKeyPair(Arc<RSAKeyPair>)

An RSA Key pair constructed from a DER-encoded private key

To generate a private key, use

openssl genpkey -algorithm RSA \
                -pkeyopt rsa_keygen_bits:2048 \
                -outform der \
                -out private_key.der

Often, keys generated for use in OpenSSL-based software are encoded in PEM format, which is not supported by ring. PEM-encoded keys that are in RSAPrivateKey format can be decoded into the using an OpenSSL command like this:

openssl rsa -in private_key.pem -outform DER -out private_key.der

Examples

use biscuit::jws::Secret;

let secret = Secret::rsa_keypair_from_file("test/fixtures/rsa_private_key.der");
ECDSAKeyPair(Arc<ECDSAKeyPair>)

An ECDSA Key pair constructed from a PKCS8 DER encoded private key

To generate a private key, use

openssl ecparam -genkey -name prime256v1 | \
openssl pkcs8 -topk8 -nocrypt -outform DER > ecdsa_private_key.p8

Examples

use biscuit::jws::Secret;

let secret = Secret::ecdsa_keypair_from_file(biscuit::jwa::SignatureAlgorithm::ES256, "test/fixtures/ecdsa_private_key.p8");
PublicKey(Vec<u8>)

Bytes of a DER encoded RSA Public Key

To generate the public key from your DER-encoded private key

openssl rsa -in private_key.der \
            -inform DER
            -RSAPublicKey_out \
            -outform DER \
            -out public_key.der

To convert a PEM formatted public key

openssl rsa -RSAPublicKey_in \
            -in public_key.pem \
            -inform PEM \
            -outform DER \
            -RSAPublicKey_out \
            -out public_key.der

Examples

use biscuit::jws::Secret;

let secret = Secret::public_key_from_file("test/fixtures/rsa_public_key.der");
RSAModulusExponent

Use the modulus (n) and exponent (e) of an RSA key directly

These parameters can be obtained from a JWK directly using jwk::RSAKeyParameters::jws_public_key_secret

Fields of RSAModulusExponent

n: BigUint

RSA modulus

e: BigUint

RSA exponent

Methods

impl Secret[src]

pub fn bytes_from_str(secret: &str) -> Self[src]

Convenience function to create a secret bytes array from a string See example in the Secret::Bytes variant documentation for usage.

pub fn rsa_keypair_from_file(path: &str) -> Result<Self, Error>[src]

Convenience function to get the RSA Keypair from a DER encoded RSA private key. See example in the Secret::RSAKeyPair variant documentation for usage.

pub fn ecdsa_keypair_from_file(
    algorithm: SignatureAlgorithm,
    path: &str
) -> Result<Self, Error>[src]

Convenience function to get the ECDSA Keypair from a PKCS8-DER encoded EC private key.

pub fn public_key_from_file(path: &str) -> Result<Self, Error>[src]

Convenience function to create a Public key from a DER encoded RSA or ECDSA public key See examples in the Secret::PublicKey variant documentation for usage.

Trait Implementations

impl From<RSAKeyParameters> for Secret[src]

Auto Trait Implementations

impl Send for Secret

impl Sync for Secret

Blanket Implementations

impl<T, U> Into for T where
    U: From<T>, [src]

impl<T> From for T[src]

impl<T, U> TryFrom for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized[src]

impl<T> BorrowMut for T where
    T: ?Sized[src]

impl<T, U> TryInto for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<T> Any for T where
    T: 'static + ?Sized[src]