Lib.rs

Cryptography
#json #jwt #web #signature-verification #token

jws

JSON Web Signature for Rust

by Maarten de Vries

10 releases

0.2.9 Nov 6, 2023
0.2.8 Jul 26, 2023
0.2.7 May 10, 2022
0.2.6 Jan 30, 2022
0.2.1 Dec 30, 2018

#849 in Cryptography

Download history 46/week @ 2024-07-20 57/week @ 2024-07-27 39/week @ 2024-08-03 10/week @ 2024-08-10 37/week @ 2024-08-17 16/week @ 2024-08-24 54/week @ 2024-08-31 76/week @ 2024-09-07 73/week @ 2024-09-14 145/week @ 2024-09-21 211/week @ 2024-09-28 151/week @ 2024-10-05 224/week @ 2024-10-12 140/week @ 2024-10-19 15/week @ 2024-10-26 34/week @ 2024-11-02

433 downloads per month
Used in passport_azure_ad

BSD-2-Clause

47KB
682 lines

Documentation crates.io tests

jws

This library provides JSON Web Signature encoding, decoding, signing and verification as described in RFC 7515.

Currently, encoding and decoding is available only for the JWS Compact Serialization scheme in the compact module.

Signing and verifying is done through the Signer and Verifier traits. The hmac module contains implementations for these traits that support the HMAC-SHA2 family of algorithms.

Example:

use jws::{JsonObject, JsonValue};
use jws::compact::{decode_verify, encode_sign};
use jws::hmac::{Hs512Signer, HmacVerifier};

fn encode_decode() -> jws::Result<()> {
  // Add custom header parameters.
  let mut header = JsonObject::new();
  header.insert(String::from("typ"), JsonValue::from("text/plain"));

  // Encode and sign the message.
  let encoded = encode_sign(header, b"payload", &Hs512Signer::new(b"secretkey"))?;

  // Decode and verify the message.
  let decoded = decode_verify(encoded.data().as_bytes(), &HmacVerifier::new(b"secretkey"))?;

  assert_eq!(decoded.payload, b"payload");
  assert_eq!(decoded.header.get("typ").and_then(|x| x.as_str()), Some("text/plain"));

  Ok(())
}

Dependencies

~1.3–2.3MB
~49K SLoC