Finish clean up

src/crypt.rs

@@ -28,7 +28,7 @@ pub fn verify(target: &str, data: &str, key: &[u8], algorithm: &Algorithm) -> bo
     }
 }
 
-pub fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
+fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
     let secret_key = PKey::hmac(key).unwrap();
 
     let mut signer = Signer::new(digest, &secret_key).unwrap();
@@ -38,7 +38,7 @@ pub fn sign_hmac(data: &str, key: &[u8], digest: MessageDigest) -> String {
     encode_config(&mac, URL_SAFE)
 }
 
-pub fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
+fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
     let private_key = Rsa::private_key_from_pem(key).unwrap();
     let pkey = PKey::from_rsa(private_key).unwrap();
 
@@ -48,7 +48,7 @@ pub fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
     encode_config(&sig, URL_SAFE)
 }
 
-pub fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
+fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
     let target_bytes: Vec<u8> = decode_config(target, URL_SAFE).unwrap();
     let secret_key = PKey::hmac(key).unwrap();
 
@@ -60,7 +60,7 @@ pub fn verify_hmac(target: &str, data: &str, key: &[u8], digest: MessageDigest)
     memcmp::eq(&mac, &target_bytes)
 }
 
-pub fn verify_rsa(signature: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
+fn verify_rsa(signature: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
     let signature_bytes: Vec<u8> = decode_config(signature, URL_SAFE).unwrap();
     let public_key = Rsa::public_key_from_pem(key).unwrap();
     let pkey = PKey::from_rsa(public_key).unwrap();

src/lib.rs

@@ -6,7 +6,6 @@ extern crate serde_derive;
 extern crate serde_json;
 
 use base64::{decode_config, encode_config, URL_SAFE};
-use openssl::hash::MessageDigest;
 use serde::{Serialize, Deserialize};
 pub use error::Error;
 pub use header::DefaultHeader;
@@ -77,17 +76,6 @@ impl<H, C> Token<H, C>
 
     /// Verify a from_base64 token with a key and the token's specific algorithm
     pub fn verify(&self, key: &[u8]) -> bool {
-        match self.header.alg() {
-            &Algorithm::HS256 => self.verify_hmac(key, MessageDigest::sha256()),
-            &Algorithm::HS384 => self.verify_hmac(key, MessageDigest::sha384()),
-            &Algorithm::HS512 => self.verify_hmac(key, MessageDigest::sha512()),
-            &Algorithm::RS256 => self.verify_rsa(key, MessageDigest::sha256()),
-            &Algorithm::RS384 => self.verify_rsa(key, MessageDigest::sha384()),
-            &Algorithm::RS512 => self.verify_rsa(key, MessageDigest::sha512()),
-        }
-    }
-
-    fn verify_hmac(&self, key: &[u8], digest: MessageDigest) -> bool {
         let raw = match self.raw {
             Some(ref s) => s,
             None => return false,
@@ -97,20 +85,7 @@ impl<H, C> Token<H, C>
         let sig = pieces[0];
         let data = pieces[1];
 
-        crypt::verify_hmac(sig, data, key, digest)
+        crypt::verify(sig, data, key, &self.header.alg())
-    }
-
-    fn verify_rsa(&self, key: &[u8], digest: MessageDigest) -> bool {
-        let raw = match self.raw {
-            Some(ref s) => s,
-            None => return false,
-        };
-
-        let pieces: Vec<_> = raw.rsplitn(2, '.').collect();
-        let sig = pieces[0];
-        let data = pieces[1];
-
-        crypt::verify_rsa(sig, data, key, digest)
     }
 
     /// Generate the signed token from a key and the specific algorithm