jose 0.0.2

A JSON Object Signing and Encryption implementation
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

use alloc::{collections::BTreeMap, string::String};

use serde::Serialize;

use crate::sealed::Sealed;

/// This trait is implemented by all key types, and can be used
/// to compute the thumbprint of any private, public or symmetric key.
///
/// If you want to use custom hashing functions, call the
/// [`Self::thumbprint_prehashed`] method and hash the result yourself.
pub trait Thumbprint: Sealed {
    /// Compute the thumbprint JSON string of this key.
    ///
    /// This method does not perform any hashing, it only returns
    /// the constructed JSON string, so that it can be hashed
    /// with some custom hashing algorithm that is not supported
    /// natively by this crate.
    ///
    /// For common hashing methods have a look at these methods:
    ///
    /// - SHA256 - [`thumbprint_sha256`](Self::thumbprint_sha256)
    /// - SHA384 - [`thumbprint_sha384`](Self::thumbprint_sha384)
    /// - SHA512 - [`thumbprint_sha512`](Self::thumbprint_sha512)
    ///
    /// # Errors
    ///
    /// This method can fail if the underlying key fails to be serialized.
    fn thumbprint_prehashed(&self) -> String;

    /// Computes the SHA256-hashed thumbprint of this key.
    ///
    /// # Errors
    ///
    /// This method can fail if the underlying key fails to be serialized.
    fn thumbprint_sha256(&self) -> [u8; 32] {
        let msg = self.thumbprint_prehashed();
        crate::crypto::sha256(msg.as_bytes())
    }

    /// Computes the SHA384-hashed thumbprint of this key.
    ///
    /// # Errors
    ///
    /// This method can fail if the underlying key fails to be serialized.
    fn thumbprint_sha384(&self) -> [u8; 48] {
        let msg = self.thumbprint_prehashed();
        crate::crypto::sha384(msg.as_bytes())
    }

    /// Computes the SHA512-hashed thumbprint of this key.
    ///
    /// # Errors
    ///
    /// This method can fail if the underlying key fails to be serialized.
    fn thumbprint_sha512(&self) -> [u8; 64] {
        let msg = self.thumbprint_prehashed();
        crate::crypto::sha512(msg.as_bytes())
    }
}

pub(crate) fn serialize_key_thumbprint<T: Serialize>(key: &T) -> String {
    let obj = serde_json::to_value(key).expect("serialization of OctetSequence can not fail");

    let map = match obj {
        serde_json::Value::Object(map) => BTreeMap::from_iter(map),
        _ => unreachable!("all keytypes must serialize to structs"),
    };

    serde_json::to_string(&map).expect("BTreeMap serialization can not fail")
}