Skip to content

Commit

Permalink
Change Cargo Fmt line length
Browse files Browse the repository at this point in the history
  • Loading branch information
@lawliet89
lawliet89 committed Jul 19, 2019
1 parent e856fff commit 2cf6de8
Show file tree
Hide file tree
Showing 12 changed files with 592 additions and 257 deletions.
1 change: 0 additions & 1 deletion .rustfmt.toml
View file

This file was deleted.

22 changes: 16 additions & 6 deletions src/errors.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,9 @@ impl error::Error for Error {
IOError(ref err) => err.description(),
UriParseError(ref err) => err.description(),
KeyRejected(ref err) => err.description_(),
WrongKeyType { .. } => "The wrong type of key was provided for the cryptographic operation",
WrongKeyType { .. } => {
"The wrong type of key was provided for the cryptographic operation"
}
WrongEncryptionOptions { .. } => {
"Wrong variant of `EncryptionOptions` was provided for the encryption operation"
}
Expand Down Expand Up @@ -209,7 +211,9 @@ impl error::Error for ValidationError {

match *self {
InvalidSignature => "Invalid Signature",
WrongAlgorithmHeader => "Token provided was signed or encrypted with an unexpected algorithm",
WrongAlgorithmHeader => {
"Token provided was signed or encrypted with an unexpected algorithm"
}
MissingRequiredClaims(_) => "Missing required claim",
Expired(_) => "Token expired",
NotYetValid(_) => "Token not yet valid",
Expand Down Expand Up @@ -241,11 +245,17 @@ impl fmt::Display for ValidationError {
use std::error::Error;

match *self {
MissingRequiredClaims(ref fields) => {
write!(f, "The following claims are required, but missing: {:?}", fields)
}
MissingRequiredClaims(ref fields) => write!(
f,
"The following claims are required, but missing: {:?}",
fields
),
Expired(ago) => write!(f, "Token expired {} seconds ago", ago.num_seconds()),
NotYetValid(nyv_for) => write!(f, "Token will be valid in {} seconds", nyv_for.num_seconds()),
NotYetValid(nyv_for) => write!(
f,
"Token will be valid in {} seconds",
nyv_for.num_seconds()
),
TooOld(duration) => write!(
f,
"Token has been considered too old for {} seconds",
Expand Down
262 changes: 194 additions & 68 deletions src/jwa.rs
View file

Large diffs are not rendered by default.

89 changes: 56 additions & 33 deletions src/jwe.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@ use serde::{self, Deserialize, Deserializer, Serialize, Serializer};
use serde_json;

use crate::errors::{DecodeError, Error, ValidationError};
use crate::jwa::{self, ContentEncryptionAlgorithm, EncryptionOptions, EncryptionResult, KeyManagementAlgorithm};
use crate::jwa::{
self, ContentEncryptionAlgorithm, EncryptionOptions, EncryptionResult, KeyManagementAlgorithm,
};
use crate::jwk;
use crate::serde_custom;
use crate::{CompactJson, CompactPart, Empty};
Expand Down Expand Up @@ -380,27 +382,33 @@ where
use std::borrow::Cow;

// Resolve encryption option
let (key_option, content_option): (_, Cow<'_, _>) = match header.registered.cek_algorithm {
KeyManagementAlgorithm::DirectSymmetricKey => {
(jwa::NONE_ENCRYPTION_OPTIONS, Cow::Borrowed(options))
}
_ => (
options,
Cow::Owned(header.registered.enc_algorithm.random_encryption_options()?),
),
};
let (key_option, content_option): (_, Cow<'_, _>) =
match header.registered.cek_algorithm {
KeyManagementAlgorithm::DirectSymmetricKey => {
(jwa::NONE_ENCRYPTION_OPTIONS, Cow::Borrowed(options))
}
_ => (
options,
Cow::Owned(
header
.registered
.enc_algorithm
.random_encryption_options()?,
),
),
};

// RFC 7516 Section 5.1 describes the steps involved in encryption.
// From steps 1 to 8, we will first determine the CEK, and then encrypt the CEK.
let cek = header
.registered
.cek_algorithm
.cek(header.registered.enc_algorithm, key)?;
let encrypted_cek =
header
.registered
.cek_algorithm
.wrap_key(cek.algorithm.octect_key()?, key, key_option)?;
let encrypted_cek = header.registered.cek_algorithm.wrap_key(
cek.algorithm.octect_key()?,
key,
key_option,
)?;
// Update header
let mut header = header.clone();
header.update_cek_algorithm(&encrypted_cek);
Expand All @@ -417,11 +425,12 @@ where
// Steps 12 to 14 involves the calculation of `Additional Authenticated Data` for encryption. In
// our compact example, our header is the AAD.
// Step 15 involves the actual encryption.
let encrypted_payload =
header
.registered
.enc_algorithm
.encrypt(&payload, &header.to_bytes()?, &cek, &content_option)?;
let encrypted_payload = header.registered.enc_algorithm.encrypt(
&payload,
&header.to_bytes()?,
&cek,
&content_option,
)?;

// Finally create the JWE
let mut compact = crate::Compact::with_capacity(5);
Expand Down Expand Up @@ -475,8 +484,12 @@ where
let tag: Vec<u8> = encrypted.part(4)?;

// Verify that the algorithms are expected
if header.registered.cek_algorithm != cek_alg || header.registered.enc_algorithm != enc_alg {
Err(Error::ValidationError(ValidationError::WrongAlgorithmHeader))?;
if header.registered.cek_algorithm != cek_alg
|| header.registered.enc_algorithm != enc_alg
{
Err(Error::ValidationError(
ValidationError::WrongAlgorithmHeader,
))?;
}

// TODO: Steps 4-5 not implemented at the moment.
Expand Down Expand Up @@ -542,7 +555,9 @@ where
/// Convenience method to get a mutable reference to the payload from an Decrypted JWE
pub fn payload_mut(&mut self) -> Result<&mut T, Error> {
match *self {
Compact::Decrypted { ref mut payload, .. } => Ok(payload),
Compact::Decrypted {
ref mut payload, ..
} => Ok(payload),
Compact::Encrypted(_) => Err(Error::UnsupportedOperation),
}
}
Expand Down Expand Up @@ -644,7 +659,10 @@ mod tests {
assert_tokens(
&test_value,
&[
Token::Struct { name: "Test", len: 1 },
Token::Struct {
name: "Test",
len: 1,
},
Token::Str("test"),
Token::Str("DEF"),
Token::StructEnd,
Expand All @@ -657,7 +675,10 @@ mod tests {
assert_tokens(
&test_value,
&[
Token::Struct { name: "Test", len: 1 },
Token::Struct {
name: "Test",
len: 1,
},
Token::Str("test"),
Token::Str("xxx"),
Token::StructEnd,
Expand Down Expand Up @@ -799,9 +820,9 @@ mod tests {
registered: crate::RegisteredClaims {
issuer: Some(not_err!(FromStr::from_str("https://www.acme.com"))),
subject: Some(not_err!(FromStr::from_str("John Doe"))),
audience: Some(crate::SingleOrMultiple::Single(not_err!(FromStr::from_str(
"htts://acme-customer.com"
)))),
audience: Some(crate::SingleOrMultiple::Single(not_err!(
FromStr::from_str("htts://acme-customer.com")
))),
not_before: Some(1234.into()),
..Default::default()
},
Expand All @@ -814,7 +835,8 @@ mod tests {
}),
claims.clone(),
);
let jws = not_err!(jws.into_encoded(&jws::Secret::Bytes("secret".to_string().into_bytes())));
let jws =
not_err!(jws.into_encoded(&jws::Secret::Bytes("secret".to_string().into_bytes())));

// Construct the encryption key
let key = cek_oct_key(256 / 8);
Expand Down Expand Up @@ -873,9 +895,9 @@ mod tests {
registered: crate::RegisteredClaims {
issuer: Some(not_err!(FromStr::from_str("https://www.acme.com"))),
subject: Some(not_err!(FromStr::from_str("John Doe"))),
audience: Some(crate::SingleOrMultiple::Single(not_err!(FromStr::from_str(
"htts://acme-customer.com"
)))),
audience: Some(crate::SingleOrMultiple::Single(not_err!(
FromStr::from_str("htts://acme-customer.com")
))),
not_before: Some(1234.into()),
..Default::default()
},
Expand All @@ -888,7 +910,8 @@ mod tests {
}),
claims.clone(),
);
let jws = not_err!(jws.into_encoded(&jws::Secret::Bytes("secret".to_string().into_bytes())));
let jws =
not_err!(jws.into_encoded(&jws::Secret::Bytes("secret".to_string().into_bytes())));

// Construct the encryption key
let key = cek_oct_key(256 / 8);
Expand Down
Loading

0 comments on commit 2cf6de8

Please sign in to comment.