diff --git a/src/crypto/mod.rs b/src/crypto/mod.rs index 1be9ee7..b30e4de 100644 --- a/src/crypto/mod.rs +++ b/src/crypto/mod.rs @@ -13,9 +13,9 @@ pub(crate) mod rsa; /// The actual HS signing + encoding /// Could be in its own file to match RSA/EC but it's 2 lines... -pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], message: &[u8]) -> Result { +pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], message: &[u8]) -> String { let digest = hmac::sign(&hmac::Key::new(alg, key), message); - Ok(b64_encode(digest.as_ref())) + b64_encode(digest.as_ref()) } /// Take the payload of a JWT, sign it using the algorithm given and return @@ -24,9 +24,9 @@ pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], message: &[u8]) -> Res /// If you just want to encode a JWT, use `encode` instead. pub fn sign(message: &[u8], key: &EncodingKey, algorithm: Algorithm) -> Result { match algorithm { - Algorithm::HS256 => sign_hmac(hmac::HMAC_SHA256, key.inner(), message), - Algorithm::HS384 => sign_hmac(hmac::HMAC_SHA384, key.inner(), message), - Algorithm::HS512 => sign_hmac(hmac::HMAC_SHA512, key.inner(), message), + Algorithm::HS256 => Ok(sign_hmac(hmac::HMAC_SHA256, key.inner(), message)), + Algorithm::HS384 => Ok(sign_hmac(hmac::HMAC_SHA384, key.inner(), message)), + Algorithm::HS512 => Ok(sign_hmac(hmac::HMAC_SHA512, key.inner(), message)), Algorithm::ES256 | Algorithm::ES384 => { ecdsa::sign(ecdsa::alg_to_ec_signing(algorithm), key.inner(), message) diff --git a/src/validation.rs b/src/validation.rs index b8e5a83..b5aaa84 100644 --- a/src/validation.rs +++ b/src/validation.rs @@ -69,9 +69,7 @@ pub struct Validation { impl Validation { /// Create a default validation setup allowing the given alg pub fn new(alg: Algorithm) -> Validation { - let mut validation = Validation::default(); - validation.algorithms = vec![alg]; - validation + Validation { algorithms: vec![alg], ..Default::default() } } /// `aud` is a collection of one or more acceptable audience members