diff --git a/Cargo.toml b/Cargo.toml index 424091f..c86dac7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -25,6 +25,7 @@ p256 = { version = "0.13", features = ["ecdsa", "jwk"], optional = true } p384 = { version = "0.13", optional = true } p521 = { version = "0.13", optional = true } pkcs8 = "0.10" +rand_core = { version = "0.6.4", optional = true, default-features = false } rsa = { version = "0.9", features = ["sha2"], optional = true } serde = { version = "1", features = ["derive"] } serde_json = "1" @@ -46,6 +47,7 @@ static_assertions = "1.1.0" [features] default = ["fmt", "rsa", "ecdsa", "p256", "p384", "p521", "hmac"] fmt = [] +rand = ["dep:rand_core"] rsa = ["dep:rsa"] hmac = ["dep:hmac"] ecdsa = ["dep:ecdsa", "dep:elliptic-curve"] diff --git a/src/algorithms/ecdsa.rs b/src/algorithms/ecdsa.rs index 295ca60..9d13aed 100644 --- a/src/algorithms/ecdsa.rs +++ b/src/algorithms/ecdsa.rs @@ -81,6 +81,7 @@ use base64ct::Base64UrlUnpadded as Base64Url; use base64ct::Encoding; use bytes::Bytes; use digest::generic_array::{ArrayLength, GenericArray}; +#[cfg(feature = "rand")] use digest::Digest; use ecdsa::EncodedPoint; use elliptic_curve::{ @@ -90,6 +91,8 @@ use elliptic_curve::{ AffinePoint, Curve, CurveArithmetic, FieldBytes, FieldBytesSize, JwkParameters, PublicKey, Scalar, SecretKey, }; + +#[cfg(feature = "rand")] use signature::RandomizedDigestSigner; #[cfg(feature = "p256")] @@ -347,6 +350,7 @@ macro_rules! jose_ecdsa_algorithm { }; } +#[cfg(feature = "rand")] impl crate::algorithms::RandomizedTokenSigner for ecdsa::SigningKey where C: PrimeCurve + CurveArithmetic + JwkParameters + ecdsa::hazmat::DigestPrimitive, @@ -361,7 +365,7 @@ where &self, header: &str, payload: &str, - rng: &mut impl elliptic_curve::rand_core::CryptoRngCore, + rng: &mut impl rand_core::CryptoRngCore, ) -> Result { let mut digest = C::Digest::new(); digest.update(header.as_bytes()); diff --git a/src/algorithms/mod.rs b/src/algorithms/mod.rs index 49e21af..9a76f53 100644 --- a/src/algorithms/mod.rs +++ b/src/algorithms/mod.rs @@ -58,8 +58,9 @@ use std::fmt; use base64ct::Encoding; use bytes::Bytes; use digest::Digest; +#[cfg(feature = "rand")] +use rand_core::CryptoRngCore; use serde::{Deserialize, Serialize}; -use signature::rand_core::CryptoRngCore; use signature::SignatureEncoding; #[cfg(any(feature = "p256", feature = "hmac", feature = "rsa"))] @@ -225,6 +226,7 @@ where } } +#[cfg(feature = "rand")] /// A trait to represent an algorithm which can sign a JWT, with a source of /// randomness. pub trait RandomizedTokenSigner: DynJsonWebAlgorithm + SerializePublicJWK diff --git a/src/token/mod.rs b/src/token/mod.rs index eac8a20..d0981d4 100644 --- a/src/token/mod.rs +++ b/src/token/mod.rs @@ -450,11 +450,12 @@ where } /// Sign this token using the given algorithm, and a random number generator. + #[cfg(feature = "rand")] #[allow(clippy::type_complexity)] pub fn sign_randomized( self, algorithm: &A, - rng: &mut impl elliptic_curve::rand_core::CryptoRngCore, + rng: &mut impl rand_core::CryptoRngCore, ) -> Result, Fmt>, TokenSigningError> where A: crate::algorithms::RandomizedTokenSigner + ?Sized, @@ -897,6 +898,7 @@ mod test_ecdsa { assert_eq!(verified.payload(), Some(&"This is a signed message")); } + #[cfg(feature = "rand")] #[test] fn rfc7515_example_a3_randomized() { let pkey = &json!({