Finish clean up
This commit is contained in:
parent
29037a0df7
commit
7cc935244d
|
|
@ -28,7 +28,7 @@ pub fn verify(target: &str, data: &str, key: &[u8], algorithm: &Algorithm) -> bo
|
|||
}
|
||||
}
|
||||
|
||||
pub fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
||||
fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
||||
let secret_key = PKey::hmac(key).unwrap();
|
||||
|
||||
let mut signer = Signer::new(digest, &secret_key).unwrap();
|
||||
|
|
@ -38,7 +38,7 @@ pub fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
|||
encode_config(&mac, URL_SAFE)
|
||||
}
|
||||
|
||||
pub fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
||||
fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
||||
let private_key = Rsa::private_key_from_pem(key).unwrap();
|
||||
let pkey = PKey::from_rsa(private_key).unwrap();
|
||||
|
||||
|
|
@ -48,7 +48,7 @@ pub fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
|||
encode_config(&sig, URL_SAFE)
|
||||
}
|
||||
|
||||
pub fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
||||
fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
||||
let target_bytes: Vec<u8> = decode_config(target, URL_SAFE).unwrap();
|
||||
let secret_key = PKey::hmac(key).unwrap();
|
||||
|
||||
|
|
@ -60,7 +60,7 @@ pub fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest)
|
|||
memcmp::eq(&mac, &target_bytes)
|
||||
}
|
||||
|
||||
pub fn verify_rsa(signature: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
||||
fn verify_rsa(signature: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
||||
let signature_bytes: Vec<u8> = decode_config(signature, URL_SAFE).unwrap();
|
||||
let public_key = Rsa::public_key_from_pem(key).unwrap();
|
||||
let pkey = PKey::from_rsa(public_key).unwrap();
|
||||
|
|
|
|||
27
src/lib.rs
27
src/lib.rs
|
|
@ -6,7 +6,6 @@ extern crate serde_derive;
|
|||
extern crate serde_json;
|
||||
|
||||
use base64::{decode_config, encode_config, URL_SAFE};
|
||||
use openssl::hash::MessageDigest;
|
||||
use serde::{Serialize, Deserialize};
|
||||
pub use error::Error;
|
||||
pub use header::DefaultHeader;
|
||||
|
|
@ -77,17 +76,6 @@ impl<H, C> Token<H, C>
|
|||
|
||||
/// Verify a from_base64 token with a key and the token's specific algorithm
|
||||
pub fn verify(&self, key: &[u8]) -> bool {
|
||||
match self.header.alg() {
|
||||
&Algorithm::HS256 => self.verify_hmac(key, MessageDigest::sha256()),
|
||||
&Algorithm::HS384 => self.verify_hmac(key, MessageDigest::sha384()),
|
||||
&Algorithm::HS512 => self.verify_hmac(key, MessageDigest::sha512()),
|
||||
&Algorithm::RS256 => self.verify_rsa(key, MessageDigest::sha256()),
|
||||
&Algorithm::RS384 => self.verify_rsa(key, MessageDigest::sha384()),
|
||||
&Algorithm::RS512 => self.verify_rsa(key, MessageDigest::sha512()),
|
||||
}
|
||||
}
|
||||
|
||||
fn verify_hmac(&self, key: &[u8], digest: MessageDigest) -> bool {
|
||||
let raw = match self.raw {
|
||||
Some(ref s) => s,
|
||||
None => return false,
|
||||
|
|
@ -97,20 +85,7 @@ impl<H, C> Token<H, C>
|
|||
let sig = pieces[0];
|
||||
let data = pieces[1];
|
||||
|
||||
crypt::verify_hmac(sig, data, key, digest)
|
||||
}
|
||||
|
||||
fn verify_rsa(&self, key: &[u8], digest: MessageDigest) -> bool {
|
||||
let raw = match self.raw {
|
||||
Some(ref s) => s,
|
||||
None => return false,
|
||||
};
|
||||
|
||||
let pieces: Vec<_> = raw.rsplitn(2, '.').collect();
|
||||
let sig = pieces[0];
|
||||
let data = pieces[1];
|
||||
|
||||
crypt::verify_rsa(sig, data, key, digest)
|
||||
crypt::verify(sig, data, key, &self.header.alg())
|
||||
}
|
||||
|
||||
/// Generate the signed token from a key and the specific algorithm
|
||||
|
|
|
|||
Loading…
Reference in New Issue