Crate jose_jwk

Source
Expand description

§RustCrypto: JOSE JWK

Crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the JSON Web Key (JWK) component of the Javascript Object Signing and Encryption (JOSE) specification as described in RFC7517.

A JWK is a way to represent cryptographic keys in JSON, typically public keys. This format contains information about how the key needs to be used so a child node can validate what a parent node sends (e.g. with JWTs) or encrypt messages for the parent node using this key (e.g. with JWEs). This crate provides data structures to interface with this format.

use jose_jwk::{Jwk, JwkSet, Key};
use jose_jwk::jose_jwa::{Algorithm, Signing};

let keys = serde_json::json!({
    "keys": [
        {
            "kty": "EC",
            "crv": "P-256",
            "x": "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
            "y": "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
            "use": "enc",
            "kid": "some-ec-kid"
        },
        {
            "kty": "RSA",
            "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtV\
            T86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5\
            JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMic\
            AtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bF\
            TWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-\
            kEgU8awapJzKnqDKgw",
            "e": "AQAB",
            "alg": "RS256",
            "kid": "some-rsa-kid"
        }
    ]
});

let jwkset: JwkSet = serde_json::from_value(keys).unwrap();
let ec_jwk: &Jwk = &jwkset.keys[0];
let rsa_jwk: &Jwk = &jwkset.keys[1];

assert!(matches!(ec_jwk.key, Key::Ec(_)));
assert!(matches!(rsa_jwk.key, Key::Rsa(_)));

assert_eq!(ec_jwk.prm.kid, Some(String::from("some-ec-kid")));
assert_eq!(rsa_jwk.prm.kid, Some(String::from("some-rsa-kid")));

assert_eq!(rsa_jwk.prm.alg, Some(Algorithm::Signing(Signing::Rs256)));

Documentation

§Minimum Supported Rust Version

This crate requires Rust 1.65 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.

§License

Licensed under either of:

at your option.

§Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Re-exports§

pub use jose_b64;
pub use jose_jwa;

Modules§

crypto
Cryptographic primitives for JWK

Structs§

Ec
An elliptic-curve key.
Jwk
A JSON Web Key.
JwkSet
A set of JSON Web Keys.
Oct
A symmetric octet key.
Okp
A octet key pair CFRG-curve key, as defined in RFC 8037
Parameters
JWK parameters unrelated to the key implementation
Rsa
An RSA key.
RsaOptional
Optional RSA private key material.
RsaOtherPrimes
Additional RSA private primes.
RsaPrivate
RSA key private material.
Thumbprint
An X.509 thumbprint.

Enums§

Class
Key Class (i.e. use in the RFC)
EcCurves
The elliptic curve.
Key
A key type that can be contained in a JWK.
OkpCurves
The CFRG Curve.
Operations
Key operations (i.e. key_use in the RFC)