Keats
diff --git a/‎src/crypto/aws_lc/ecdsa.rs‎
Lines changed: 54 additions & 97 deletions b/‎src/crypto/aws_lc/ecdsa.rs‎
Lines changed: 54 additions & 97 deletions
diff --git a/‎src/crypto/aws_lc/hmac.rs‎
Lines changed: 65 additions & 137 deletions b/‎src/crypto/aws_lc/hmac.rs‎
Lines changed: 65 additions & 137 deletions
@@ -12,115 +12,72 @@ use aws_lc_rs::signature::{
 };
 use signature::{Error, Signer, Verifier};
 
-pub struct Es256Signer(EcdsaKeyPair);
-
-impl Es256Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        if encoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+macro_rules! define_ecdsa_signer {
+    ($name:ident, $alg:expr, $signing_alg:expr) => {
+        pub struct $name(EcdsaKeyPair);
+
+        impl $name {
+            pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
+                if encoding_key.family != AlgorithmFamily::Ec {
+                    return Err(new_error(ErrorKind::InvalidKeyFormat));
+                }
+
+                Ok(Self(
+                    EcdsaKeyPair::from_pkcs8($signing_alg, encoding_key.inner())
+                        .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
+                ))
+            }
         }
 
-        Ok(Self(
-            EcdsaKeyPair::from_pkcs8(&ECDSA_P256_SHA256_FIXED_SIGNING, encoding_key.inner())
-                .map_err(|_| ErrorKind::InvalidEcdsaKey)?,
-        ))
-    }
-}
-
-impl Signer<Vec<u8>> for Es256Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
-        let rng = SystemRandom::new();
-        let signature = self.0.sign(&rng, msg).map_err(Error::from_source)?;
-        Ok(signature.as_ref().to_vec())
-    }
-}
-
-impl JwtSigner for Es256Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES256
-    }
-}
-
-pub struct Es256Verifier(DecodingKey);
-
-impl Es256Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        if decoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+        impl Signer<Vec<u8>> for $name {
+            fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
+                let rng = SystemRandom::new();
+                let signature = self.0.sign(&rng, msg).map_err(Error::from_source)?;
+                Ok(signature.as_ref().to_vec())
+            }
         }
 
-        Ok(Self(decoding_key.clone()))
-    }
-}
-
-impl Verifier<Vec<u8>> for Es256Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), Error> {
-        ECDSA_P256_SHA256_FIXED
-            .verify_sig(self.0.as_bytes(), msg, signature)
-            .map_err(Error::from_source)?;
-        Ok(())
-    }
-}
-
-impl JwtVerifier for Es256Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES256
-    }
-}
-
-pub struct Es384Signer(EcdsaKeyPair);
-
-impl Es384Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        if encoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+        impl JwtSigner for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
         }
-
-        Ok(Self(
-            EcdsaKeyPair::from_pkcs8(&ECDSA_P384_SHA384_FIXED_SIGNING, encoding_key.inner())
-                .map_err(|_| crate::errors::ErrorKind::InvalidEcdsaKey)?,
-        ))
-    }
+    };
 }
 
-impl Signer<Vec<u8>> for Es384Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
-        let rng = SystemRandom::new();
-        let signature = self.0.sign(&rng, msg).map_err(Error::from_source)?;
-        Ok(signature.as_ref().to_vec())
-    }
-}
+macro_rules! define_ecdsa_verifier {
+    ($name:ident, $alg:expr, $verification_alg:expr) => {
+        pub struct $name(DecodingKey);
 
-impl JwtSigner for Es384Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES384
-    }
-}
+        impl $name {
+            pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
+                if decoding_key.family != AlgorithmFamily::Ec {
+                    return Err(new_error(ErrorKind::InvalidKeyFormat));
+                }
 
-pub struct Es384Verifier(DecodingKey);
+                Ok(Self(decoding_key.clone()))
+            }
+        }
 
-impl Es384Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        if decoding_key.family != AlgorithmFamily::Ec {
-            return Err(new_error(ErrorKind::InvalidKeyFormat));
+        impl Verifier<Vec<u8>> for $name {
+            fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), Error> {
+                $verification_alg
+                    .verify_sig(self.0.as_bytes(), msg, signature)
+                    .map_err(Error::from_source)?;
+                Ok(())
+            }
         }
 
-        Ok(Self(decoding_key.clone()))
-    }
+        impl JwtVerifier for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
 }
 
-impl Verifier<Vec<u8>> for Es384Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), Error> {
-        ECDSA_P384_SHA384_FIXED
-            .verify_sig(self.0.as_bytes(), msg, signature)
-            .map_err(Error::from_source)?;
+define_ecdsa_signer!(Es256Signer, Algorithm::ES256, &ECDSA_P256_SHA256_FIXED_SIGNING);
+define_ecdsa_verifier!(Es256Verifier, Algorithm::ES256, ECDSA_P256_SHA256_FIXED);
 
-        Ok(())
-    }
-}
-
-impl JwtVerifier for Es384Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::ES384
-    }
-}
+define_ecdsa_signer!(Es384Signer, Algorithm::ES384, &ECDSA_P384_SHA384_FIXED_SIGNING);
+define_ecdsa_verifier!(Es384Verifier, Algorithm::ES384, ECDSA_P384_SHA384_FIXED);
@@ -11,140 +11,68 @@ use crate::crypto::{JwtSigner, JwtVerifier};
 use crate::errors::Result;
 use crate::{Algorithm, DecodingKey, EncodingKey};
 
-pub struct Hs256Signer(hmac::Key);
-
-impl Hs256Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA256,
-            try_get_hmac_secret_from_encoding_key(encoding_key)?,
-        )))
-    }
-}
-
-impl Signer<Vec<u8>> for Hs256Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
-        Ok(hmac::sign(&self.0, msg).as_ref().to_vec())
-    }
-}
-
-impl JwtSigner for Hs256Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS256
-    }
-}
-
-pub struct Hs256Verifier(hmac::Key);
-
-impl Hs256Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA256,
-            try_get_hmac_secret_from_decoding_key(decoding_key)?,
-        )))
-    }
-}
-
-impl Verifier<Vec<u8>> for Hs256Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), signature::Error> {
-        hmac::verify(&self.0, msg, signature).map_err(signature::Error::from_source)
-    }
-}
-
-impl JwtVerifier for Hs256Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS256
-    }
-}
-
-pub struct Hs384Signer(hmac::Key);
-
-impl Hs384Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA384,
-            try_get_hmac_secret_from_encoding_key(encoding_key)?,
-        )))
-    }
-}
-
-impl Signer<Vec<u8>> for Hs384Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
-        Ok(hmac::sign(&self.0, msg).as_ref().to_vec())
-    }
-}
-
-impl JwtSigner for Hs384Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS384
-    }
-}
-
-pub struct Hs384Verifier(hmac::Key);
-
-impl Hs384Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA384,
-            try_get_hmac_secret_from_decoding_key(decoding_key)?,
-        )))
-    }
-}
-
-impl Verifier<Vec<u8>> for Hs384Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), signature::Error> {
-        hmac::verify(&self.0, msg, signature).map_err(signature::Error::from_source)
-    }
-}
-
-impl JwtVerifier for Hs384Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS384
-    }
-}
-
-pub struct Hs512Signer(hmac::Key);
-
-impl Hs512Signer {
-    pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA512,
-            try_get_hmac_secret_from_encoding_key(encoding_key)?,
-        )))
-    }
-}
-
-impl Signer<Vec<u8>> for Hs512Signer {
-    fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
-        Ok(hmac::sign(&self.0, msg).as_ref().to_vec())
-    }
-}
-
-impl JwtSigner for Hs512Signer {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS512
-    }
-}
-
-pub struct Hs512Verifier(hmac::Key);
-
-impl Hs512Verifier {
-    pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
-        Ok(Self(hmac::Key::new(
-            hmac::HMAC_SHA512,
-            try_get_hmac_secret_from_decoding_key(decoding_key)?,
-        )))
-    }
-}
-
-impl Verifier<Vec<u8>> for Hs512Verifier {
-    fn verify(&self, msg: &[u8], signature: &Vec<u8>) -> std::result::Result<(), signature::Error> {
-        hmac::verify(&self.0, msg, signature).map_err(signature::Error::from_source)
-    }
-}
-
-impl JwtVerifier for Hs512Verifier {
-    fn algorithm(&self) -> Algorithm {
-        Algorithm::HS512
-    }
-}
+macro_rules! define_hmac_signer {
+    ($name:ident, $alg:expr, $hmac_alg:expr) => {
+        pub struct $name(hmac::Key);
+
+        impl $name {
+            pub(crate) fn new(encoding_key: &EncodingKey) -> Result<Self> {
+                Ok(Self(hmac::Key::new(
+                    $hmac_alg,
+                    try_get_hmac_secret_from_encoding_key(encoding_key)?,
+                )))
+            }
+        }
+
+        impl Signer<Vec<u8>> for $name {
+            fn try_sign(&self, msg: &[u8]) -> std::result::Result<Vec<u8>, signature::Error> {
+                Ok(hmac::sign(&self.0, msg).as_ref().to_vec())
+            }
+        }
+
+        impl JwtSigner for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
+}
+
+macro_rules! define_hmac_verifier {
+    ($name:ident, $alg:expr, $hmac_alg:expr) => {
+        pub struct $name(hmac::Key);
+
+        impl $name {
+            pub(crate) fn new(decoding_key: &DecodingKey) -> Result<Self> {
+                Ok(Self(hmac::Key::new(
+                    $hmac_alg,
+                    try_get_hmac_secret_from_decoding_key(decoding_key)?,
+                )))
+            }
+        }
+
+        impl Verifier<Vec<u8>> for $name {
+            fn verify(
+                &self,
+                msg: &[u8],
+                signature: &Vec<u8>,
+            ) -> std::result::Result<(), signature::Error> {
+                hmac::verify(&self.0, msg, signature).map_err(signature::Error::from_source)
+            }
+        }
+
+        impl JwtVerifier for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
+}
+
+define_hmac_signer!(Hs256Signer, Algorithm::HS256, hmac::HMAC_SHA256);
+define_hmac_signer!(Hs384Signer, Algorithm::HS384, hmac::HMAC_SHA384);
+define_hmac_signer!(Hs512Signer, Algorithm::HS512, hmac::HMAC_SHA512);
+
+define_hmac_verifier!(Hs256Verifier, Algorithm::HS256, hmac::HMAC_SHA256);
+define_hmac_verifier!(Hs384Verifier, Algorithm::HS384, hmac::HMAC_SHA384);
+define_hmac_verifier!(Hs512Verifier, Algorithm::HS512, hmac::HMAC_SHA512);