Add unimplemented ES256K algorithm for aws_lc_rs

ThisIsMissEm · ThisIsMissEm · commit 4639024aa5c4 · 2025-11-25T20:35:08.000+01:00
diff --git a/src/crypto/aws_lc/ecdsa.rs b/src/crypto/aws_lc/ecdsa.rs
@@ -76,8 +76,59 @@ macro_rules! define_ecdsa_verifier {
     };
 }
 
+macro_rules! define_ecdsa_signer_not_implemented {
+    ($name:ident, $alg:expr) => {
+        pub struct $name;
+
+        impl $name {
+            pub(crate) fn new(_encoding_key: &EncodingKey) -> Result<Self> {
+                return Err(new_error(ErrorKind::InvalidKeyFormat));
+            }
+        }
+
+        impl Signer<Vec<u8>> for $name {
+            fn try_sign(&self, _msg: &[u8]) -> std::result::Result<Vec<u8>, Error> {
+                return Err(Error::from_source(new_error(ErrorKind::InvalidKeyFormat)));
+            }
+        }
+
+        impl JwtSigner for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    }
+}
+
+macro_rules! define_ecdsa_verifier_not_implemented {
+    ($name:ident, $alg:expr) => {
+        pub struct $name;
+
+        impl $name {
+            pub(crate) fn new(_decoding_key: &DecodingKey) -> Result<Self> {
+                return Err(new_error(ErrorKind::InvalidKeyFormat));
+            }
+        }
+
+        impl Verifier<Vec<u8>> for $name {
+            fn verify(&self, _msg: &[u8], _signature: &Vec<u8>) -> std::result::Result<(), Error> {
+                return Err(Error::from_source(new_error(ErrorKind::InvalidKeyFormat)));
+            }
+        }
+
+        impl JwtVerifier for $name {
+            fn algorithm(&self) -> Algorithm {
+                $alg
+            }
+        }
+    };
+}
+
 define_ecdsa_signer!(Es256Signer, Algorithm::ES256, &ECDSA_P256_SHA256_FIXED_SIGNING);
 define_ecdsa_verifier!(Es256Verifier, Algorithm::ES256, ECDSA_P256_SHA256_FIXED);
 
 define_ecdsa_signer!(Es384Signer, Algorithm::ES384, &ECDSA_P384_SHA384_FIXED_SIGNING);
 define_ecdsa_verifier!(Es384Verifier, Algorithm::ES384, ECDSA_P384_SHA384_FIXED);
+
+define_ecdsa_signer_not_implemented!(Es256KSigner, Algorithm::ES256K);
+define_ecdsa_verifier_not_implemented!(Es256KVerifier, Algorithm::ES256K);
diff --git a/src/decoding.rs b/src/decoding.rs
@@ -16,7 +16,7 @@ use crate::validation::{Validation, validate};
 // Crypto
 #[cfg(feature = "aws_lc_rs")]
 use crate::crypto::aws_lc::{
-    ecdsa::{Es256Verifier, Es384Verifier},
+    ecdsa::{Es256Verifier, Es384Verifier, Es256KVerifier},
     eddsa::EdDSAVerifier,
     hmac::{Hs256Verifier, Hs384Verifier, Hs512Verifier},
     rsa::{
diff --git a/src/encoding.rs b/src/encoding.rs
@@ -17,7 +17,7 @@ use crate::serialization::{b64_encode, b64_encode_part};
 // Crypto
 #[cfg(feature = "aws_lc_rs")]
 use crate::crypto::aws_lc::{
-    ecdsa::{Es256Signer, Es384Signer},
+    ecdsa::{Es256Signer, Es384Signer, Es256KSigner},
     eddsa::EdDSASigner,
     hmac::{Hs256Signer, Hs384Signer, Hs512Signer},
     rsa::{
diff --git a/tests/ecdsa/mod.rs b/tests/ecdsa/mod.rs
@@ -103,7 +103,7 @@ fn ec_x_y() {
     assert!(res.is_ok());
 }
 
-#[cfg(feature = "use_pem")]
+#[cfg(all(feature = "use_pem", feature = "rust_crypto"))]
 #[test]
 #[wasm_bindgen_test]
 fn es256k_pem() {
@@ -131,7 +131,7 @@ fn es256k_pem() {
     assert!(res.is_ok());
 }
 
-#[cfg(feature = "use_pem")]
+#[cfg(all(feature = "use_pem", feature = "rust_crypto"))]
 #[test]
 #[wasm_bindgen_test]
 fn es256k_jwk() {
