Struct jwt_compact::alg::Es256k

source · 
pub struct Es256k<D = Sha256> { /* private fields */ }
Expand description

Algorithm implementing elliptic curve digital signatures (ECDSA) on the secp256k1 curve.

The algorithm does not fix the choice of the message digest algorithm; instead, it is provided as a type parameter. SHA-256 is the default parameter value, but it can be set to any cryptographically secure hash function with 32-byte output (e.g., SHA3-256).

Implementations§

source§

impl<D> Es256k<D>
where D: FixedOutputReset<OutputSize = U32> + BlockSizeUser + Clone + Default + HashMarker,

source

pub fn new(context: Secp256k1<All>) -> Self

Available on crate feature es256k only.

Creates a new algorithm instance. This is a (moderately) expensive operation, so if necessary, the algorithm should be clone()d rather than created anew.

Trait Implementations§

source§

impl<D> Algorithm for Es256k<D>
where D: FixedOutputReset<OutputSize = U32> + BlockSizeUser + Clone + Default + HashMarker,

§

type SigningKey = SecretKey

Key used when issuing new tokens.
§

type VerifyingKey = PublicKey

Key used when verifying tokens. May coincide with Self::SigningKey for symmetric algorithms (e.g., HS*).
§

type Signature = Signature

Signature produced by the algorithm.
source§

fn name(&self) -> Cow<'static, str>

Returns the name of this algorithm, as mentioned in the alg field of the JWT header.
source§

fn sign( &self, signing_key: &Self::SigningKey, message: &[u8] ) -> Self::Signature

Signs a message with the signing_key.
source§

fn verify_signature( &self, signature: &Self::Signature, verifying_key: &Self::VerifyingKey, message: &[u8] ) -> bool

Verifies the message against the signature and verifying_key.
source§

impl<D: Debug> Debug for Es256k<D>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<D> Default for Es256k<D>
where D: FixedOutputReset<OutputSize = U32> + BlockSizeUser + Clone + Default + HashMarker,

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl SigningKey<Es256k> for SecretKey

This implementation initializes a libsecp256k1 context once on the first call to to_verifying_key if it was not initialized previously.

source§

fn from_slice(raw: &[u8]) -> Result<Self>

Creates a key from raw bytes. Returns an error if the bytes do not represent a valid key.
source§

fn to_verifying_key(&self) -> PublicKey

Converts a signing key to a verification key.
source§

fn as_bytes(&self) -> SecretBytes<'_>

Returns the key as raw bytes. Read more
source§

impl VerifyingKey<Es256k> for PublicKey

source§

fn as_bytes(&self) -> Cow<'_, [u8]>

Serializes the key as a 33-byte compressed form, as per Self::serialize().

source§

fn from_slice(raw: &[u8]) -> Result<Self>

Creates a key from raw bytes. Returns an error if the bytes do not represent a valid key.

Auto Trait Implementations§

§

impl<D> Freeze for Es256k<D>

§

impl<D> RefUnwindSafe for Es256k<D>
where D: RefUnwindSafe,

§

impl<D> Send for Es256k<D>
where D: Send,

§

impl<D> Sync for Es256k<D>
where D: Sync,

§

impl<D> Unpin for Es256k<D>
where D: Unpin,

§

impl<D> UnwindSafe for Es256k<D>
where D: UnwindSafe,

Blanket Implementations§

source§

impl<A> AlgorithmExt for A
where A: Algorithm,

source§

fn token<T>( &self, header: &Header<impl Serialize>, claims: &Claims<T>, signing_key: &<A as Algorithm>::SigningKey ) -> Result<String, CreationError>
where T: Serialize,

Creates a new token and serializes it to string.
source§

fn compact_token<T>( &self, header: &Header<impl Serialize>, claims: &Claims<T>, signing_key: &<A as Algorithm>::SigningKey ) -> Result<String, CreationError>
where T: Serialize,

Available on crate feature ciborium only.
Creates a new token with CBOR-encoded claims and serializes it to string.
source§

fn validator<'a, T>( &'a self, verifying_key: &'a <A as Algorithm>::VerifyingKey ) -> Validator<'a, A, T>

Creates a JWT validator for the specified verifying key and the claims type. The validator can then be used to validate integrity of one or more tokens.
source§

fn validate_integrity<T>( &self, token: &UntrustedToken<'_>, verifying_key: &<A as Algorithm>::VerifyingKey ) -> Result<Token<T>, ValidationError>
where T: DeserializeOwned,

👎Deprecated: Use .validator().validate() for added flexibility
Validates the token integrity against the provided verifying_key.
source§

fn validate_for_signed_token<T>( &self, token: &UntrustedToken<'_>, verifying_key: &<A as Algorithm>::VerifyingKey ) -> Result<SignedToken<A, T>, ValidationError>
where T: DeserializeOwned,

👎Deprecated: Use .validator().validate_for_signed_token() for added flexibility
Validates the token integrity against the provided verifying_key. Read more
source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V