jaws::algorithms

Trait RandomizedTokenSigner

Source 
pub trait RandomizedTokenSigner<S = SignatureBytes>: DynJsonWebAlgorithm + SerializePublicJWK
where
    S: SignatureEncoding,
{
    // Required method
    fn try_sign_token(
        &self,
        header: &str,
        payload: &str,
        rng: &mut impl CryptoRngCore,
    ) -> Result<S, Error>;

    // Provided method
    fn sign_token(
        &self,
        header: &str,
        payload: &str,
        rng: &mut impl CryptoRngCore,
    ) -> S { ... }
}
Available on crate feature rand only.
Expand description

A trait to represent an algorithm which can sign a JWT, with a source of randomness.

This trait should be implemented by signing keys. It is not designed for direct use by end-users of the JAWS library, rather it is designed to be easily implemented by other RustCrypto crates, such as rsa or ecdsa.

Required Methods§

Source

fn try_sign_token( &self, header: &str, payload: &str, rng: &mut impl CryptoRngCore, ) -> Result<S, Error>

Sign the contents of the JWT, when provided with the base64url-encoded header and payload, and a source of randomness. The header and payload are already serialized to JSON and then base64url-encoded, so this function should not perform any additional encoding.

The signature must implement SignatureEncoding, and will be base64url-encoded and appended to the compact representation of the JWT. Signatures should not be pre-encoded, rather they should be in a format appropriate for verification.

This method is not intended to be called directly, rather it is designed to be easily implemented within the RustCrypto ecosystem.

To sign a token, use the Token::sign_randomized method, which provides the correct wrapping and format to produce a signed JWT.

Provided Methods§

Source

fn sign_token( &self, header: &str, payload: &str, rng: &mut impl CryptoRngCore, ) -> S

Sign the contents of the JWT, when provided with the base64url-encoded header and payload. See RandomizedTokenSigner::try_sign_token for more details.

§Panics

This function will panic if the signature cannot be computed.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§

Source§

impl<S, C> RandomizedTokenSigner<S> for jaws::algorithms::ecdsa::SigningKey<C>
where C: PrimeCurve + CurveArithmetic + JwkParameters + DigestPrimitive, Scalar<C>: Invert<Output = CtOption<Scalar<C>>> + SignPrimitive<C>, SignatureSize<C>: ArrayLength<u8>, AffinePoint<C>: FromEncodedPoint<C> + ToEncodedPoint<C>, FieldBytesSize<C>: ModulusSize, S: SignatureEncoding, Self: RandomizedDigestSigner<C::Digest, S> + DynJsonWebAlgorithm,

Available on crate feature ecdsa only.
Source§

impl<S, D> RandomizedTokenSigner<S> for jaws::algorithms::rsa::pss::SigningKey<D>
where D: Digest, S: SignatureEncoding, Self: RandomizedDigestSigner<D, S> + DynJsonWebAlgorithm,

Available on crate feature rsa only.