#json #jwt #json-key #json-object #jose #json-format #jwk

jose-jwk

Pure Rust implementation of the JSON Web Key (JWK) component of the Javascript Object Signing and Encryption (JOSE) specification as described in RFC7517

4 releases

0.1.2 Aug 21, 2023
0.1.1 Aug 19, 2023
0.1.0 May 21, 2023
0.0.0 Sep 5, 2022

#2636 in Cryptography

Download history 168/week @ 2024-07-20 236/week @ 2024-07-27 3643/week @ 2024-08-03 13786/week @ 2024-08-10 9858/week @ 2024-08-17 2212/week @ 2024-08-24 2737/week @ 2024-08-31 1434/week @ 2024-09-07 2366/week @ 2024-09-14 3003/week @ 2024-09-21 3261/week @ 2024-09-28 5170/week @ 2024-10-05 5199/week @ 2024-10-12 4756/week @ 2024-10-19 4729/week @ 2024-10-26 4687/week @ 2024-11-02

20,111 downloads per month
Used in 6 crates (4 directly)

Apache-2.0 OR MIT

75KB
1.5K SLoC

RustCrypto: JOSE JWK

Crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the JSON Web Key (JWK) component of the Javascript Object Signing and Encryption (JOSE) specification as described in RFC7517.

A JWK is a way to represent cryptographic keys in JSON, typically public keys. This format contains information about how the key needs to be used so a child node can validate what a parent node sends (e.g. with JWTs) or encrypt messages for the parent node using this key (e.g. with JWEs). This crate provides data structures to interface with this format.

use jose_jwk::{Jwk, JwkSet, Key};
use jose_jwk::jose_jwa::{Algorithm, Signing};

let keys = serde_json::json!({
    "keys": [
        {
            "kty": "EC",
            "crv": "P-256",
            "x": "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
            "y": "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
            "use": "enc",
            "kid": "some-ec-kid"
        },
        {
            "kty": "RSA",
            "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtV\
            T86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5\
            JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMic\
            AtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bF\
            TWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-\
            kEgU8awapJzKnqDKgw",
            "e": "AQAB",
            "alg": "RS256",
            "kid": "some-rsa-kid"
        }
    ]
});

let jwkset: JwkSet = serde_json::from_value(keys).unwrap();
let ec_jwk: &Jwk = &jwkset.keys[0];
let rsa_jwk: &Jwk = &jwkset.keys[1];

assert!(matches!(ec_jwk.key, Key::Ec(_)));
assert!(matches!(rsa_jwk.key, Key::Rsa(_)));

assert_eq!(ec_jwk.prm.kid, Some(String::from("some-ec-kid")));
assert_eq!(rsa_jwk.prm.kid, Some(String::from("some-rsa-kid")));

assert_eq!(rsa_jwk.prm.alg, Some(Algorithm::Signing(Signing::Rs256)));

Documentation

Minimum Supported Rust Version

This crate requires Rust 1.65 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~0.5–2.5MB
~49K SLoC