Struct jwt_compact::alg::Rsa

source · 
pub struct Rsa { /* private fields */ }
Available on crate feature rsa only.
Expand description

Integrity algorithm using RSA digital signatures.

Depending on the variation, the algorithm employs PKCS#1 v1.5 or PSS padding and one of the hash functions from the SHA-2 family: SHA-256, SHA-384, or SHA-512. See RFC 7518 for more details. Depending on the chosen parameters, the name of the algorithm is one of RS256, RS384, RS512, PS256, PS384, PS512:

  • R / P denote the padding scheme: PKCS#1 v1.5 for R, PSS for P
  • 256 / 384 / 512 denote the hash function

The length of RSA keys is not unequivocally specified by the algorithm; nevertheless, it MUST be at least 2048 bits as per RFC 7518. To minimize risks of misconfiguration, use StrongAlg wrapper around Rsa:

const ALG: StrongAlg<Rsa> = StrongAlg(Rsa::rs256());
// `ALG` will not support RSA keys with unsecure lengths by design!

Implementations§

source§

impl Rsa

source

pub const fn rs256() -> Rsa

RSA with SHA-256 and PKCS#1 v1.5 padding.

source

pub const fn rs384() -> Rsa

RSA with SHA-384 and PKCS#1 v1.5 padding.

source

pub const fn rs512() -> Rsa

RSA with SHA-512 and PKCS#1 v1.5 padding.

source

pub const fn ps256() -> Rsa

RSA with SHA-256 and PSS padding.

source

pub const fn ps384() -> Rsa

RSA with SHA-384 and PSS padding.

source

pub const fn ps512() -> Rsa

RSA with SHA-512 and PSS padding.

source

pub fn with_name(name: &str) -> Self

RSA based on the specified algorithm name.

Panics
  • Panics if the name is not one of the six RSA-based JWS algorithms. Prefer using the FromStr trait if the conversion is potentially fallible.
source

pub fn generate<R: CryptoRng + RngCore>( rng: &mut R, modulus_bits: ModulusBits ) -> Result<(StrongKey<RsaPrivateKey>, StrongKey<RsaPublicKey>)>

Generates a new key pair with the specified modulus bit length (aka key length).

Trait Implementations§

source§

impl Algorithm for Rsa

§

type SigningKey = RsaPrivateKey

Key used when issuing new tokens.
§

type VerifyingKey = RsaPublicKey

Key used when verifying tokens. May coincide with Self::SigningKey for symmetric algorithms (e.g., HS*).
§

type Signature = RsaSignature

Signature produced by the algorithm.
source§

fn name(&self) -> Cow<'static, str>

Returns the name of this algorithm, as mentioned in the alg field of the JWT header.
source§

fn sign( &self, signing_key: &Self::SigningKey, message: &[u8] ) -> Self::Signature

Signs a message with the signing_key.
source§

fn verify_signature( &self, signature: &Self::Signature, verifying_key: &Self::VerifyingKey, message: &[u8] ) -> bool

Verifies the message against the signature and verifying_key.
source§

impl Clone for Rsa

source§

fn clone(&self) -> Rsa

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Rsa

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl FromStr for Rsa

§

type Err = RsaParseError

The associated error which can be returned from parsing.
source§

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more
source§

impl PartialEq<Rsa> for Rsa

source§

fn eq(&self, other: &Rsa) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Copy for Rsa

source§

impl Eq for Rsa

source§

impl StructuralEq for Rsa

source§

impl StructuralPartialEq for Rsa

Auto Trait Implementations§

§

impl RefUnwindSafe for Rsa

§

impl Send for Rsa

§

impl Sync for Rsa

§

impl Unpin for Rsa

§

impl UnwindSafe for Rsa

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

const: unstable · source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

const: unstable · source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

const: unstable · source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same<T> for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for Twhere T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
const: unstable · source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
const: unstable · source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for Twhere V: MultiLane<T>,

§

fn vzip(self) -> V