DecodeKey
type DecodeKey = Hmac | VerifyingKey | PublicKey | VerifyingKey
A key used to decode a JWT.
Methods
[src]
pub fn from_jwk(jwk: Jwk): DecodeKey throws {
switch (let algorithm = jwk.algorithm.(type)) {
case EllipticCurveKeyParameters:
let x = try base64.decode(algorithm.x, mode: Base64Mode.URLSafeNoPadding);
let y = try base64.decode(algorithm.y, mode: Base64Mode.URLSafeNoPadding);
let bytes = Bytes.new();
bytes.push(0x4);
bytes.append(x);
bytes.append(y);
switch (algorithm.curve) {
case .P256:
return try ecdsa.VerifyingKey.from_sec1_bytes(.P256, bytes);
case .P384:
return try ecdsa.VerifyingKey.from_sec1_bytes(.P384, bytes);
case .P521, .Ed25519:
throw "not implemented";
}
case RSAKeyParameters:
let n = try base64.decode(algorithm.n, mode: Base64Mode.URLSafeNoPadding);
let e = try base64.decode(algorithm.e, mode: Base64Mode.URLSafeNoPadding);
let n = BigInt.from_bytes_be(.Plus, n);
let e = BigInt.from_bytes_be(.Plus, e);
return try rsa.PublicKey.new(n, e);
case OctetKeyParameters:
let key = try base64.decode(algorithm.key, mode: Base64Mode.URLSafeNoPadding);
switch (jwk.key_algorithm) {
case .HS256:
return hmac.Hmac.new::<sha2.Sha256>(key);
case .HS384:
return hmac.Hmac.new::<sha2.Sha384>(key);
case .HS512:
return hmac.Hmac.new::<sha2.Sha512>(key);
default:
throw "invalid key algorithm";
}
case OctetKeyPairParameters:
let x = try base64.decode(algorithm.x, mode: Base64Mode.URLSafeNoPadding);
return try ed25519.VerifyingKey.from_bytes(x);
}
}
Creates a decoding key from JSON Web Key (JWK).
[src]
pub fn from_jwk(jwk: Jwk): DecodeKey throws {
switch (let algorithm = jwk.algorithm.(type)) {
case EllipticCurveKeyParameters:
let x = try base64.decode(algorithm.x, mode: Base64Mode.URLSafeNoPadding);
let y = try base64.decode(algorithm.y, mode: Base64Mode.URLSafeNoPadding);
let bytes = Bytes.new();
bytes.push(0x4);
bytes.append(x);
bytes.append(y);
switch (algorithm.curve) {
case .P256:
return try ecdsa.VerifyingKey.from_sec1_bytes(.P256, bytes);
case .P384:
return try ecdsa.VerifyingKey.from_sec1_bytes(.P384, bytes);
case .P521, .Ed25519:
throw "not implemented";
}
case RSAKeyParameters:
let n = try base64.decode(algorithm.n, mode: Base64Mode.URLSafeNoPadding);
let e = try base64.decode(algorithm.e, mode: Base64Mode.URLSafeNoPadding);
let n = BigInt.from_bytes_be(.Plus, n);
let e = BigInt.from_bytes_be(.Plus, e);
return try rsa.PublicKey.new(n, e);
case OctetKeyParameters:
let key = try base64.decode(algorithm.key, mode: Base64Mode.URLSafeNoPadding);
switch (jwk.key_algorithm) {
case .HS256:
return hmac.Hmac.new::<sha2.Sha256>(key);
case .HS384:
return hmac.Hmac.new::<sha2.Sha384>(key);
case .HS512:
return hmac.Hmac.new::<sha2.Sha512>(key);
default:
throw "invalid key algorithm";
}
case OctetKeyPairParameters:
let x = try base64.decode(algorithm.x, mode: Base64Mode.URLSafeNoPadding);
return try ed25519.VerifyingKey.from_bytes(x);
}
}
Creates a decoding key from JSON Web Key (JWK).
Creates a decoding key from JSON Web Key (JWK).
Reference: RFC7517