Updates for webauthn-rs

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "compact_jwt"
-version = "0.4.1"
+version = "0.4.2"
 edition = "2021"
 authors = ["William Brown <[email protected]>"]
 description = "Minimal implementation of JWT for OIDC and other applications"

src/crypto/x509.rs

@@ -176,6 +176,26 @@ pub struct JwsX509Verifier {
     pkey: x509::X509,
 }
 
+impl JwsX509Verifier {
+    /// Create a new Jws Verifier directly from an x509 certificate. Note that this bypasses
+    /// any verification of the trust chain in the x5c attribute. If possible, you should use
+    /// [JwsX509VerifierBuilder] instead.
+    pub fn from_x509(pkey: x509::X509) -> Result<Self, JwtError> {
+        let digest = hash::MessageDigest::sha256();
+        let kid = pkey
+            .public_key()
+            .and_then(|pkey| pkey.public_key_to_der())
+            .and_then(|der| hash::hash(digest, &der))
+            .map(hex::encode)
+            .map_err(|e| {
+                debug!(?e);
+                JwtError::OpenSSLError
+            })?;
+
+        Ok(JwsX509Verifier { kid, pkey })
+    }
+}
+
 impl JwsVerifier for JwsX509Verifier {
     fn get_kid(&self) -> &str {
         &self.kid

src/error.rs

@@ -52,6 +52,8 @@ pub enum JwtError {
     AlgorithmUnavailable,
     /// The request to release the key is unable to be satisfied.
     UnableToReleaseKey,
+    /// Serialisation / Deserialisation error
+    Serde,
 }
 
 impl fmt::Display for JwtError {