catch all algs

nick9822 · Jan 16, 2023 · 3774b42 · 3774b42
1 parent a0b62a3
commit 3774b42
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 2 deletions.
diff --git a/src/algorithms.rs b/src/algorithms.rs
@@ -8,6 +8,7 @@ pub(crate) enum AlgorithmFamily {
     Rsa,
     Ec,
     Ed,
+    Other,
 }
 
 /// The algorithms supported for signing/verifying JWTs
@@ -42,6 +43,10 @@ pub enum Algorithm {
 
     /// Edwards-curve Digital Signature Algorithm (EdDSA)
     EdDSA,
+
+    /// Catch others unimplemented variants
+    #[serde(other)]
+    Other,
 }
 
 impl Default for Algorithm {
@@ -66,7 +71,7 @@ impl FromStr for Algorithm {
             "PS512" => Ok(Algorithm::PS512),
             "RS512" => Ok(Algorithm::RS512),
             "EdDSA" => Ok(Algorithm::EdDSA),
-            _ => Ok(None),
+            _ => Ok(Algorithm::Other),
         }
     }
 }
@@ -83,6 +88,7 @@ impl Algorithm {
             | Algorithm::PS512 => AlgorithmFamily::Rsa,
             Algorithm::ES256 | Algorithm::ES384 => AlgorithmFamily::Ec,
             Algorithm::EdDSA => AlgorithmFamily::Ed,
+            _ => AlgorithmFamily::Other,
         }
     }
 }
@@ -102,6 +108,7 @@ mod tests {
         assert!(Algorithm::from_str("PS256").is_ok());
         assert!(Algorithm::from_str("PS384").is_ok());
         assert!(Algorithm::from_str("PS512").is_ok());
+        assert!(Algorithm::from_str("RSA-OAEP").is_ok());
         assert!(Algorithm::from_str("").is_err());
     }
 }
diff --git a/src/crypto/mod.rs b/src/crypto/mod.rs
@@ -4,7 +4,7 @@ use ring::{hmac, signature};
 use crate::algorithms::Algorithm;
 use crate::decoding::{DecodingKey, DecodingKeyKind};
 use crate::encoding::EncodingKey;
-use crate::errors::Result;
+use crate::errors::{self, Error, Result};
 use crate::serialization::{b64_decode, b64_encode};
 
 pub(crate) mod ecdsa;
@@ -40,6 +40,7 @@ pub fn sign(message: &[u8], key: &EncodingKey, algorithm: Algorithm) -> Result<S
         | Algorithm::PS256
         | Algorithm::PS384
         | Algorithm::PS512 => rsa::sign(rsa::alg_to_rsa_signing(algorithm), key.inner(), message),
+        Algorithm::Other => Err(Error::from(errors::ErrorKind::InvalidAlgorithm)),
     }
 }
 
@@ -103,5 +104,6 @@ pub fn verify(
                 }
             }
         }
+        Algorithm::Other => Err(Error::from(errors::ErrorKind::InvalidAlgorithm)),
     }
 }