Enum Thumbprint 

#[non_exhaustive]
pub enum Thumbprint<const N: usize> {
    Bytes([u8; N]),
    String(String),
}

Representation of a X.509 certificate thumbprint (x5t and x5t#S256 fields in the JWT Header).

As per the JWS spec in RFC 7515, a certificate thumbprint (i.e., the SHA-1 / SHA-256 digest of the certificate) must be base64url-encoded. Some JWS implementations however encode not the thumbprint itself, but rather its hex encoding, sometimes even with additional chars spliced within. To account for these implementations, a thumbprint is represented as an enum – either a properly encoded hash digest, or an opaque base64-encoded string.

Examples

let key = Hs256Key::new(b"super_secret_key_donut_steel");

// Creates a token with a custom-encoded SHA-1 thumbprint.
let thumbprint = "65:AF:69:09:B1:B0:75:8E:06:C6:E0:48:C4:60:02:B5:C6:95:E3:6B";
let header = Header::empty()
    .with_key_id("my_key")
    .with_certificate_sha1_thumbprint(thumbprint);
let token = Hs256.token(&header, &Claims::empty(), &key)?;
println!("{token}");

// Deserialize the token and check that its header fields are readable.
let token = UntrustedToken::new(&token)?;
let deserialized_thumbprint =
    token.header().certificate_sha1_thumbprint.as_ref();
assert_matches!(
    deserialized_thumbprint,
    Some(Thumbprint::String(s)) if s == thumbprint
);

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

Bytes([u8; N])

Byte representation of a SHA-1 or SHA-256 digest.

String(String)

Opaque string representation of the thumbprint. It is the responsibility of an application to verify that this value is valid.

Trait Implementations

impl<const N: usize> Clone for Thumbprint<N>

fn clone(&self) -> Thumbprint<N>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<const N: usize> Debug for Thumbprint<N>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<const N: usize> Decode for Thumbprint<N>

fn decode<__CodecInputEdqy: Input>( __codec_input_edqy: &mut __CodecInputEdqy, ) -> Result<Self, Error>

Attempt to deserialise the value from input.

fn decode_into<I>( input: &mut I, dst: &mut MaybeUninit<Self>, ) -> Result<DecodeFinished, Error>

where I: Input,

Attempt to deserialize the value from input into a pre-allocated piece of memory.

fn skip<I>(input: &mut I) -> Result<(), Error>

where I: Input,

Attempt to skip the encoded value from input.

fn encoded_fixed_size() -> Option<usize>

Returns the fixed encoded size of the type.

impl<'de, const N: usize> Deserialize<'de> for Thumbprint<N>

fn deserialize<D: Deserializer<'de>>(deserializer: D) -> Result<Self, D::Error>

Deserialize this value from the given Serde deserializer.

impl<const N: usize> Encode for Thumbprint<N>

fn size_hint(&self) -> usize

If possible give a hint of expected size of the encoding.

fn encode_to<__CodecOutputEdqy: Output + ?Sized>( &self, __codec_dest_edqy: &mut __CodecOutputEdqy, )

Convert self to a slice and append it to the destination.

fn encode(&self) -> Vec<u8>

Convert self to an owned vector.

fn using_encoded<R, F>(&self, f: F) -> R

where F: FnOnce(&[u8]) -> R,

Convert self to a slice and then invoke the given closure with it.

fn encoded_size(&self) -> usize

Calculates the encoded size.

impl<const N: usize> From<&str> for Thumbprint<N>

fn from(s: &str) -> Self

Converts to this type from the input type.

impl<const N: usize> From<[u8; N]> for Thumbprint<N>

fn from(value: [u8; N]) -> Self

Converts to this type from the input type.

impl<const N: usize> From<String> for Thumbprint<N>

fn from(s: String) -> Self

Converts to this type from the input type.

impl<const N: usize> Hash for Thumbprint<N>

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl<const N: usize> PartialEq for Thumbprint<N>

fn eq(&self, other: &Thumbprint<N>) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<const N: usize> Serialize for Thumbprint<N>

fn serialize<S: Serializer>(&self, serializer: S) -> Result<S::Ok, S::Error>

Serialize this value into the given Serde serializer.

impl<const N: usize> TypeInfo for Thumbprint<N>

type Identity = Thumbprint<N>

The type identifying for which type info is provided.

fn type_info() -> Type

Returns the static type identifier for Self.

impl<const N: usize> EncodeLike for Thumbprint<N>

impl<const N: usize> Eq for Thumbprint<N>

impl<const N: usize> StructuralPartialEq for Thumbprint<N>