diff --git a/crates/jose/src/jwa/asymmetric.rs b/crates/jose/src/jwa/asymmetric.rs index e49d1c93..8ac64b98 100644 --- a/crates/jose/src/jwa/asymmetric.rs +++ b/crates/jose/src/jwa/asymmetric.rs @@ -12,7 +12,9 @@ // See the License for the specific language governing permissions and // limitations under the License. +use digest::Digest; use mas_iana::jose::{JsonWebKeyEcEllipticCurve, JsonWebSignatureAlg}; +use sha2::{Sha256, Sha384, Sha512}; use thiserror::Error; use super::signature::Signature; @@ -27,9 +29,9 @@ pub enum AsymmetricKeyFromJwkError { }, #[error("Invalid Elliptic Curve parameters")] - Ecdsa { + EllipticCurve { #[from] - inner: ecdsa::Error, + inner: elliptic_curve::Error, }, #[error("Unsupported algorithm {alg}")] @@ -54,32 +56,85 @@ pub enum AsymmetricSigningKey { } impl AsymmetricSigningKey { - #[allow(dead_code)] + #[must_use] + pub fn rs256(key: rsa::RsaPrivateKey) -> Self { + Self::Rs256(rsa::pkcs1v15::SigningKey::new_with_prefix(key)) + } + + #[must_use] + pub fn rs384(key: rsa::RsaPrivateKey) -> Self { + Self::Rs384(rsa::pkcs1v15::SigningKey::new_with_prefix(key)) + } + + #[must_use] + pub fn rs512(key: rsa::RsaPrivateKey) -> Self { + Self::Rs512(rsa::pkcs1v15::SigningKey::new_with_prefix(key)) + } + + #[must_use] + pub fn ps256(key: rsa::RsaPrivateKey) -> Self { + Self::Ps256(rsa::pss::SigningKey::new_with_salt_len( + key, + Sha256::output_size(), + )) + } + + #[must_use] + pub fn ps384(key: rsa::RsaPrivateKey) -> Self { + Self::Ps384(rsa::pss::SigningKey::new_with_salt_len( + key, + Sha384::output_size(), + )) + } + + #[must_use] + pub fn ps512(key: rsa::RsaPrivateKey) -> Self { + Self::Ps512(rsa::pss::SigningKey::new_with_salt_len( + key, + Sha512::output_size(), + )) + } + + #[must_use] + pub fn es256(key: elliptic_curve::SecretKey) -> Self { + Self::Es256(ecdsa::SigningKey::from(key)) + } + + #[must_use] + pub fn es384(key: elliptic_curve::SecretKey) -> Self { + Self::Es384(ecdsa::SigningKey::from(key)) + } + + #[must_use] + pub fn es256k(key: elliptic_curve::SecretKey) -> Self { + Self::Es256K(ecdsa::SigningKey::from(key)) + } + pub fn from_jwk_and_alg( params: &JsonWebKeyPrivateParameters, alg: &JsonWebSignatureAlg, ) -> Result { match (params, alg) { (JsonWebKeyPrivateParameters::Rsa(params), alg) => match alg { - JsonWebSignatureAlg::Rs256 => Ok(Self::Rs256(params.try_into()?)), - JsonWebSignatureAlg::Rs384 => Ok(Self::Rs384(params.try_into()?)), - JsonWebSignatureAlg::Rs512 => Ok(Self::Rs512(params.try_into()?)), - JsonWebSignatureAlg::Ps256 => Ok(Self::Ps256(params.try_into()?)), - JsonWebSignatureAlg::Ps384 => Ok(Self::Ps384(params.try_into()?)), - JsonWebSignatureAlg::Ps512 => Ok(Self::Ps512(params.try_into()?)), + JsonWebSignatureAlg::Rs256 => Ok(Self::rs256(params.try_into()?)), + JsonWebSignatureAlg::Rs384 => Ok(Self::rs384(params.try_into()?)), + JsonWebSignatureAlg::Rs512 => Ok(Self::rs512(params.try_into()?)), + JsonWebSignatureAlg::Ps256 => Ok(Self::ps256(params.try_into()?)), + JsonWebSignatureAlg::Ps384 => Ok(Self::ps384(params.try_into()?)), + JsonWebSignatureAlg::Ps512 => Ok(Self::ps512(params.try_into()?)), _ => Err(AsymmetricKeyFromJwkError::KeyNotSuitable { alg: alg.clone() }), }, (JsonWebKeyPrivateParameters::Ec(params), JsonWebSignatureAlg::Es256) if params.crv == JsonWebKeyEcEllipticCurve::P256 => { - Ok(Self::Es256(params.try_into()?)) + Ok(Self::es256(params.try_into()?)) } (JsonWebKeyPrivateParameters::Ec(params), JsonWebSignatureAlg::Es384) if params.crv == JsonWebKeyEcEllipticCurve::P384 => { - Ok(Self::Es384(params.try_into()?)) + Ok(Self::es384(params.try_into()?)) } (JsonWebKeyPrivateParameters::Ec(params), JsonWebSignatureAlg::Es512) @@ -91,7 +146,7 @@ impl AsymmetricSigningKey { (JsonWebKeyPrivateParameters::Ec(params), JsonWebSignatureAlg::Es256K) if params.crv == JsonWebKeyEcEllipticCurve::Secp256K1 => { - Ok(Self::Es256K(params.try_into()?)) + Ok(Self::es256k(params.try_into()?)) } (JsonWebKeyPrivateParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => { @@ -219,31 +274,76 @@ pub enum AsymmetricVerifyingKey { } impl AsymmetricVerifyingKey { + #[must_use] + pub fn rs256(key: rsa::RsaPublicKey) -> Self { + Self::Rs256(rsa::pkcs1v15::VerifyingKey::new_with_prefix(key)) + } + + #[must_use] + pub fn rs384(key: rsa::RsaPublicKey) -> Self { + Self::Rs384(rsa::pkcs1v15::VerifyingKey::new_with_prefix(key)) + } + + #[must_use] + pub fn rs512(key: rsa::RsaPublicKey) -> Self { + Self::Rs512(rsa::pkcs1v15::VerifyingKey::new_with_prefix(key)) + } + + #[must_use] + pub fn ps256(key: rsa::RsaPublicKey) -> Self { + Self::Ps256(rsa::pss::VerifyingKey::new(key)) + } + + #[must_use] + pub fn ps384(key: rsa::RsaPublicKey) -> Self { + Self::Ps384(rsa::pss::VerifyingKey::new(key)) + } + + #[must_use] + pub fn ps512(key: rsa::RsaPublicKey) -> Self { + Self::Ps512(rsa::pss::VerifyingKey::new(key)) + } + + #[must_use] + pub fn es256(key: elliptic_curve::PublicKey) -> Self { + Self::Es256(ecdsa::VerifyingKey::from(key)) + } + + #[must_use] + pub fn es384(key: elliptic_curve::PublicKey) -> Self { + Self::Es384(ecdsa::VerifyingKey::from(key)) + } + + #[must_use] + pub fn es256k(key: elliptic_curve::PublicKey) -> Self { + Self::Es256K(ecdsa::VerifyingKey::from(key)) + } + pub fn from_jwk_and_alg( params: &JsonWebKeyPublicParameters, alg: &JsonWebSignatureAlg, ) -> Result { match (params, alg) { (JsonWebKeyPublicParameters::Rsa(params), alg) => match alg { - JsonWebSignatureAlg::Rs256 => Ok(Self::Rs256(params.try_into()?)), - JsonWebSignatureAlg::Rs384 => Ok(Self::Rs384(params.try_into()?)), - JsonWebSignatureAlg::Rs512 => Ok(Self::Rs512(params.try_into()?)), - JsonWebSignatureAlg::Ps256 => Ok(Self::Ps256(params.try_into()?)), - JsonWebSignatureAlg::Ps384 => Ok(Self::Ps384(params.try_into()?)), - JsonWebSignatureAlg::Ps512 => Ok(Self::Ps512(params.try_into()?)), + JsonWebSignatureAlg::Rs256 => Ok(Self::rs256(params.try_into()?)), + JsonWebSignatureAlg::Rs384 => Ok(Self::rs384(params.try_into()?)), + JsonWebSignatureAlg::Rs512 => Ok(Self::rs512(params.try_into()?)), + JsonWebSignatureAlg::Ps256 => Ok(Self::ps256(params.try_into()?)), + JsonWebSignatureAlg::Ps384 => Ok(Self::ps384(params.try_into()?)), + JsonWebSignatureAlg::Ps512 => Ok(Self::ps512(params.try_into()?)), _ => Err(AsymmetricKeyFromJwkError::KeyNotSuitable { alg: alg.clone() }), }, (JsonWebKeyPublicParameters::Ec(params), JsonWebSignatureAlg::Es256) if params.crv == JsonWebKeyEcEllipticCurve::P256 => { - Ok(Self::Es256(params.try_into()?)) + Ok(Self::es256(params.try_into()?)) } (JsonWebKeyPublicParameters::Ec(params), JsonWebSignatureAlg::Es384) if params.crv == JsonWebKeyEcEllipticCurve::P384 => { - Ok(Self::Es384(params.try_into()?)) + Ok(Self::es384(params.try_into()?)) } (JsonWebKeyPublicParameters::Ec(params), JsonWebSignatureAlg::Es512) @@ -255,7 +355,7 @@ impl AsymmetricVerifyingKey { (JsonWebKeyPublicParameters::Ec(params), JsonWebSignatureAlg::Es256K) if params.crv == JsonWebKeyEcEllipticCurve::Secp256K1 => { - Ok(Self::Es256K(params.try_into()?)) + Ok(Self::es256k(params.try_into()?)) } (JsonWebKeyPublicParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => { diff --git a/crates/jose/src/jwk/mod.rs b/crates/jose/src/jwk/mod.rs index 07420e54..4e001cf2 100644 --- a/crates/jose/src/jwk/mod.rs +++ b/crates/jose/src/jwk/mod.rs @@ -526,12 +526,12 @@ mod tests { rsa::RsaPublicKey::try_from(keys.next().unwrap().params().rsa().unwrap()).unwrap(); rsa::RsaPublicKey::try_from(keys.next().unwrap().params().rsa().unwrap()).unwrap(); // 7th is P-256 - ecdsa::VerifyingKey::::try_from( + elliptic_curve::PublicKey::::try_from( keys.next().unwrap().params().ec().unwrap(), ) .unwrap(); // 8th is P-384 - ecdsa::VerifyingKey::::try_from( + elliptic_curve::PublicKey::::try_from( keys.next().unwrap().params().ec().unwrap(), ) .unwrap(); diff --git a/crates/jose/src/jwk/private_parameters.rs b/crates/jose/src/jwk/private_parameters.rs index df9214bc..7a041f80 100644 --- a/crates/jose/src/jwk/private_parameters.rs +++ b/crates/jose/src/jwk/private_parameters.rs @@ -228,53 +228,10 @@ struct RsaOtherPrimeInfo { } mod rsa_impls { - use digest::{const_oid::AssociatedOid, Digest}; use rsa::{BigUint, RsaPrivateKey}; use super::RsaPrivateParameters; - impl TryFrom for rsa::pkcs1v15::SigningKey - where - H: Digest + AssociatedOid, - { - type Error = rsa::errors::Error; - fn try_from(value: RsaPrivateParameters) -> Result { - Self::try_from(&value) - } - } - - impl TryFrom<&RsaPrivateParameters> for rsa::pkcs1v15::SigningKey - where - H: Digest + AssociatedOid, - { - type Error = rsa::errors::Error; - fn try_from(value: &RsaPrivateParameters) -> Result { - let key: RsaPrivateKey = value.try_into()?; - Ok(Self::new_with_prefix(key)) - } - } - - impl TryFrom for rsa::pss::SigningKey - where - H: Digest, - { - type Error = rsa::errors::Error; - fn try_from(value: RsaPrivateParameters) -> Result { - Self::try_from(&value) - } - } - - impl TryFrom<&RsaPrivateParameters> for rsa::pss::SigningKey - where - H: Digest, - { - type Error = rsa::errors::Error; - fn try_from(value: &RsaPrivateParameters) -> Result { - let key: RsaPrivateKey = value.try_into()?; - Ok(Self::new_with_salt_len(key, ::output_size())) - } - } - impl TryFrom for RsaPrivateKey { type Error = rsa::errors::Error; fn try_from(value: RsaPrivateParameters) -> Result { @@ -347,48 +304,16 @@ impl From for super::public_parameters::EcPublicParameters } mod ec_impls { - use digest::typenum::Unsigned; - use ecdsa::{hazmat::SignPrimitive, EncodedPoint, PrimeCurve, SignatureSize, SigningKey}; use elliptic_curve::{ - ops::{Invert, Reduce}, - sec1::{Coordinates, FromEncodedPoint, ModulusSize, ToEncodedPoint, ValidatePublicKey}, - subtle::CtOption, - AffinePoint, Curve, FieldBytes, FieldSize, ProjectiveArithmetic, Scalar, SecretKey, + sec1::{Coordinates, FromEncodedPoint, ModulusSize, ToEncodedPoint}, + AffinePoint, Curve, FieldSize, SecretKey, }; - use generic_array::ArrayLength; use super::{super::JwkEcCurve, EcPrivateParameters}; - impl TryFrom for SigningKey - where - C: PrimeCurve + ProjectiveArithmetic, - Scalar: Invert>> + Reduce + SignPrimitive, - SignatureSize: ArrayLength, - { - type Error = ecdsa::Error; - - fn try_from(value: EcPrivateParameters) -> Result { - Self::try_from(&value) - } - } - - impl TryFrom<&EcPrivateParameters> for SigningKey - where - C: PrimeCurve + ProjectiveArithmetic, - Scalar: Invert>> + Reduce + SignPrimitive, - SignatureSize: ArrayLength, - { - type Error = ecdsa::Error; - - fn try_from(value: &EcPrivateParameters) -> Result { - SigningKey::from_bytes(&value.d) - } - } - impl TryFrom for SecretKey where - C: Curve + ValidatePublicKey, - FieldSize: ModulusSize, + C: Curve, { type Error = elliptic_curve::Error; fn try_from(value: EcPrivateParameters) -> Result { @@ -398,27 +323,12 @@ mod ec_impls { impl TryFrom<&EcPrivateParameters> for SecretKey where - C: Curve + ValidatePublicKey, - FieldSize: ModulusSize, + C: Curve, { type Error = elliptic_curve::Error; fn try_from(value: &EcPrivateParameters) -> Result { - let x = value - .x - .get(..FieldSize::::USIZE) - .ok_or(elliptic_curve::Error)?; - let y = value - .x - .get(..FieldSize::::USIZE) - .ok_or(elliptic_curve::Error)?; - - let x = FieldBytes::::from_slice(x); - let y = FieldBytes::::from_slice(y); - let pubkey = EncodedPoint::::from_affine_coordinates(x, y, false); - let privkey = SecretKey::from_be_bytes(&value.d)?; - C::validate_public_key(&privkey, &pubkey)?; - Ok(privkey) + SecretKey::from_be_bytes(&value.d) } } diff --git a/crates/jose/src/jwk/public_parameters.rs b/crates/jose/src/jwk/public_parameters.rs index ef3c58cc..bea1d7d3 100644 --- a/crates/jose/src/jwk/public_parameters.rs +++ b/crates/jose/src/jwk/public_parameters.rs @@ -136,10 +136,6 @@ impl EcPublicParameters { pub const fn new(crv: JsonWebKeyEcEllipticCurve, x: Vec, y: Vec) -> Self { Self { crv, x, y } } - - pub const fn crv(&self) -> &JsonWebKeyEcEllipticCurve { - &self.crv - } } impl ParametersInfo for EcPublicParameters { @@ -182,14 +178,9 @@ impl OkpPublicParameters { pub const fn new(crv: JsonWebKeyOkpEllipticCurve, x: Vec) -> Self { Self { crv, x } } - - pub const fn crv(&self) -> &JsonWebKeyOkpEllipticCurve { - &self.crv - } } mod rsa_impls { - use digest::{const_oid::AssociatedOid, Digest}; use rsa::{BigUint, PublicKeyParts, RsaPublicKey}; use super::{JsonWebKeyPublicParameters, RsaPublicParameters}; @@ -221,48 +212,6 @@ mod rsa_impls { } } - impl TryFrom for rsa::pkcs1v15::VerifyingKey - where - H: Digest + AssociatedOid, - { - type Error = rsa::errors::Error; - fn try_from(value: RsaPublicParameters) -> Result { - Self::try_from(&value) - } - } - - impl TryFrom<&RsaPublicParameters> for rsa::pkcs1v15::VerifyingKey - where - H: Digest + AssociatedOid, - { - type Error = rsa::errors::Error; - fn try_from(value: &RsaPublicParameters) -> Result { - let key: RsaPublicKey = value.try_into()?; - Ok(Self::new_with_prefix(key)) - } - } - - impl TryFrom for rsa::pss::VerifyingKey - where - H: Digest, - { - type Error = rsa::errors::Error; - fn try_from(value: RsaPublicParameters) -> Result { - Self::try_from(&value) - } - } - - impl TryFrom<&RsaPublicParameters> for rsa::pss::VerifyingKey - where - H: Digest, - { - type Error = rsa::errors::Error; - fn try_from(value: &RsaPublicParameters) -> Result { - let key: RsaPublicKey = value.try_into()?; - Ok(Self::new(key)) - } - } - impl TryFrom for RsaPublicKey { type Error = rsa::errors::Error; fn try_from(value: RsaPublicParameters) -> Result { @@ -283,102 +232,58 @@ mod rsa_impls { mod ec_impls { use digest::typenum::Unsigned; - use ecdsa::{EncodedPoint, PrimeCurve, VerifyingKey}; + use ecdsa::EncodedPoint; use elliptic_curve::{ sec1::{Coordinates, FromEncodedPoint, ModulusSize, ToEncodedPoint}, - AffinePoint, Curve, FieldBytes, FieldSize, ProjectiveArithmetic, PublicKey, + AffinePoint, Curve, FieldBytes, FieldSize, PublicKey, }; use super::{super::JwkEcCurve, EcPublicParameters, JsonWebKeyPublicParameters}; - impl From> for JsonWebKeyPublicParameters + impl TryFrom<&EcPublicParameters> for PublicKey where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, + C: Curve + elliptic_curve::ProjectiveArithmetic, AffinePoint: FromEncodedPoint + ToEncodedPoint, FieldSize: ModulusSize, { - fn from(key: ecdsa::VerifyingKey) -> Self { - Self::from(&key) - } - } - - impl From<&ecdsa::VerifyingKey> for JsonWebKeyPublicParameters - where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, - AffinePoint: FromEncodedPoint + ToEncodedPoint, - FieldSize: ModulusSize, - { - fn from(key: &ecdsa::VerifyingKey) -> Self { - Self::Ec(key.into()) - } - } - - impl From> for EcPublicParameters - where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, - AffinePoint: FromEncodedPoint + ToEncodedPoint, - FieldSize: ModulusSize, - { - fn from(key: ecdsa::VerifyingKey) -> Self { - Self::from(&key) - } - } - - impl From<&ecdsa::VerifyingKey> for EcPublicParameters - where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, - AffinePoint: FromEncodedPoint + ToEncodedPoint, - FieldSize: ModulusSize, - { - fn from(key: &ecdsa::VerifyingKey) -> Self { - let points = key.to_encoded_point(false); - EcPublicParameters { - x: points.x().unwrap().to_vec(), - y: points.y().unwrap().to_vec(), - crv: C::CRV, - } - } - } - - impl TryFrom for VerifyingKey - where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, - AffinePoint: FromEncodedPoint + ToEncodedPoint, - FieldSize: ModulusSize, - { - type Error = ecdsa::Error; - fn try_from(value: EcPublicParameters) -> Result { - (&value).try_into() - } - } - - impl TryFrom<&EcPublicParameters> for VerifyingKey - where - C: PrimeCurve + ProjectiveArithmetic + JwkEcCurve, - AffinePoint: FromEncodedPoint + ToEncodedPoint, - FieldSize: ModulusSize, - { - type Error = ecdsa::Error; - + type Error = elliptic_curve::Error; fn try_from(value: &EcPublicParameters) -> Result { - if *value.crv() != C::CRV { - return Err(Self::Error::default()); - } - let x = value .x .get(..FieldSize::::USIZE) - .ok_or_else(Self::Error::default)?; + .ok_or(elliptic_curve::Error)?; let y = value .y .get(..FieldSize::::USIZE) - .ok_or_else(Self::Error::default)?; + .ok_or(elliptic_curve::Error)?; let x = FieldBytes::::from_slice(x); let y = FieldBytes::::from_slice(y); let pubkey = EncodedPoint::::from_affine_coordinates(x, y, false); - let pubkey = VerifyingKey::from_encoded_point(&pubkey)?; - Ok(pubkey) + let pubkey: Option<_> = PublicKey::from_encoded_point(&pubkey).into(); + pubkey.ok_or(elliptic_curve::Error) + } + } + + impl From> for JsonWebKeyPublicParameters + where + C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve, + AffinePoint: FromEncodedPoint + ToEncodedPoint, + FieldSize: ModulusSize, + { + fn from(key: PublicKey) -> Self { + (&key).into() + } + } + + impl From<&PublicKey> for JsonWebKeyPublicParameters + where + C: Curve + elliptic_curve::ProjectiveArithmetic + JwkEcCurve, + AffinePoint: FromEncodedPoint + ToEncodedPoint, + FieldSize: ModulusSize, + { + fn from(key: &PublicKey) -> Self { + Self::Ec(key.into()) } } diff --git a/crates/keystore/src/lib.rs b/crates/keystore/src/lib.rs index 798528ca..997c3edc 100644 --- a/crates/keystore/src/lib.rs +++ b/crates/keystore/src/lib.rs @@ -438,38 +438,26 @@ impl PrivateKey { (Self::Rsa(key), _) => { let key: rsa::RsaPublicKey = key.to_public_key(); match alg { - JsonWebSignatureAlg::Rs256 => { - AsymmetricVerifyingKey::Rs256(rsa::pkcs1v15::VerifyingKey::new(key)) - } - JsonWebSignatureAlg::Rs384 => { - AsymmetricVerifyingKey::Rs384(rsa::pkcs1v15::VerifyingKey::new(key)) - } - JsonWebSignatureAlg::Rs512 => { - AsymmetricVerifyingKey::Rs512(rsa::pkcs1v15::VerifyingKey::new(key)) - } - JsonWebSignatureAlg::Ps256 => { - AsymmetricVerifyingKey::Ps256(rsa::pss::VerifyingKey::new(key)) - } - JsonWebSignatureAlg::Ps384 => { - AsymmetricVerifyingKey::Ps384(rsa::pss::VerifyingKey::new(key)) - } - JsonWebSignatureAlg::Ps512 => { - AsymmetricVerifyingKey::Ps512(rsa::pss::VerifyingKey::new(key)) - } + JsonWebSignatureAlg::Rs256 => AsymmetricVerifyingKey::rs256(key), + JsonWebSignatureAlg::Rs384 => AsymmetricVerifyingKey::rs384(key), + JsonWebSignatureAlg::Rs512 => AsymmetricVerifyingKey::rs512(key), + JsonWebSignatureAlg::Ps256 => AsymmetricVerifyingKey::ps256(key), + JsonWebSignatureAlg::Ps384 => AsymmetricVerifyingKey::ps384(key), + JsonWebSignatureAlg::Ps512 => AsymmetricVerifyingKey::ps512(key), _ => return Err(WrongAlgorithmError), } } (Self::EcP256(key), JsonWebSignatureAlg::Es256) => { - AsymmetricVerifyingKey::Es256(key.public_key().into()) + AsymmetricVerifyingKey::es256(key.public_key()) } (Self::EcP384(key), JsonWebSignatureAlg::Es384) => { - AsymmetricVerifyingKey::Es384(key.public_key().into()) + AsymmetricVerifyingKey::es384(key.public_key()) } (Self::EcK256(key), JsonWebSignatureAlg::Es256K) => { - AsymmetricVerifyingKey::Es256K(key.public_key().into()) + AsymmetricVerifyingKey::es256k(key.public_key()) } _ => return Err(WrongAlgorithmError), @@ -492,38 +480,26 @@ impl PrivateKey { (Self::Rsa(key), _) => { let key: rsa::RsaPrivateKey = *key.clone(); match alg { - JsonWebSignatureAlg::Rs256 => { - AsymmetricSigningKey::Rs256(rsa::pkcs1v15::SigningKey::new(key)) - } - JsonWebSignatureAlg::Rs384 => { - AsymmetricSigningKey::Rs384(rsa::pkcs1v15::SigningKey::new(key)) - } - JsonWebSignatureAlg::Rs512 => { - AsymmetricSigningKey::Rs512(rsa::pkcs1v15::SigningKey::new(key)) - } - JsonWebSignatureAlg::Ps256 => { - AsymmetricSigningKey::Ps256(rsa::pss::SigningKey::new(key)) - } - JsonWebSignatureAlg::Ps384 => { - AsymmetricSigningKey::Ps384(rsa::pss::SigningKey::new(key)) - } - JsonWebSignatureAlg::Ps512 => { - AsymmetricSigningKey::Ps512(rsa::pss::SigningKey::new(key)) - } + JsonWebSignatureAlg::Rs256 => AsymmetricSigningKey::rs256(key), + JsonWebSignatureAlg::Rs384 => AsymmetricSigningKey::rs384(key), + JsonWebSignatureAlg::Rs512 => AsymmetricSigningKey::rs512(key), + JsonWebSignatureAlg::Ps256 => AsymmetricSigningKey::ps256(key), + JsonWebSignatureAlg::Ps384 => AsymmetricSigningKey::ps384(key), + JsonWebSignatureAlg::Ps512 => AsymmetricSigningKey::ps512(key), _ => return Err(WrongAlgorithmError), } } (Self::EcP256(key), JsonWebSignatureAlg::Es256) => { - AsymmetricSigningKey::Es256(key.as_ref().into()) + AsymmetricSigningKey::es256(*key.clone()) } (Self::EcP384(key), JsonWebSignatureAlg::Es384) => { - AsymmetricSigningKey::Es384(key.as_ref().into()) + AsymmetricSigningKey::es384(*key.clone()) } (Self::EcK256(key), JsonWebSignatureAlg::Es256K) => { - AsymmetricSigningKey::Es256K(key.as_ref().into()) + AsymmetricSigningKey::es256k(*key.clone()) } _ => return Err(WrongAlgorithmError), @@ -565,18 +541,9 @@ impl From<&PrivateKey> for JsonWebKeyPublicParameters { fn from(val: &PrivateKey) -> Self { match val { PrivateKey::Rsa(key) => key.to_public_key().into(), - PrivateKey::EcP256(key) => { - let key: ecdsa::VerifyingKey<_> = key.public_key().into(); - key.into() - } - PrivateKey::EcP384(key) => { - let key: ecdsa::VerifyingKey<_> = key.public_key().into(); - key.into() - } - PrivateKey::EcK256(key) => { - let key: ecdsa::VerifyingKey<_> = key.public_key().into(); - key.into() - } + PrivateKey::EcP256(key) => key.public_key().into(), + PrivateKey::EcP384(key) => key.public_key().into(), + PrivateKey::EcK256(key) => key.public_key().into(), } } }