rm fatalErrors; fixes #3

vapor · Dec 10, 2019 · 3dd3cff · 3dd3cff
1 parent 2c5ffd2
commit 3dd3cff
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 12 deletions.
diff --git a/Sources/JWTKit/JWTError.swift b/Sources/JWTKit/JWTError.swift
@@ -5,7 +5,7 @@ public enum JWTError: Error, CustomStringConvertible, LocalizedError {
     case malformedToken
     case signatureVerifictionFailed
     case missingKIDHeader
-    case unknownKID(String)
+    case unknownKID(JWKIdentifier)
     case invalidJWK
 
     public var reason: String {

diff --git a/Sources/JWTKit/JWTSigner+ECDSA.swift b/Sources/JWTKit/JWTSigner+ECDSA.swift
@@ -129,16 +129,16 @@ private struct ECDSASigner: JWTAlgorithm, OpenSSLSigner {
         let signature = ECDSA_SIG_new()
         defer { ECDSA_SIG_free(signature) }
 
-        signatureBytes[0..<32].withUnsafeBufferPointer { r in
-            signatureBytes[32..<64].withUnsafeBufferPointer { s in
+        try signatureBytes[0..<32].withUnsafeBufferPointer { r in
+            try signatureBytes[32..<64].withUnsafeBufferPointer { s in
                 // passing bignums to this method transfers ownership
                 // (they will be freed when the signature is freed)
                 guard jwtkit_ECDSA_SIG_set0(
                     signature,
                     BN_bin2bn(r.baseAddress, 32, nil),
                     BN_bin2bn(s.baseAddress, 32, nil)
                 ) == 1 else {
-                    fatalError("ECDSA_SIG_set failed")
+                    throw JWTError.signingAlgorithmFailure(ECDSAError.signFailure)
                 }
             }
         }

diff --git a/Sources/JWTKit/JWTSigners.swift b/Sources/JWTKit/JWTSigners.swift
@@ -37,6 +37,17 @@ public final class JWTSigners {
         }
     }
 
+    public func require(kid: JWKIdentifier? = nil) throws -> JWTSigner {
+        guard let signer = self.get(kid: kid) else {
+            if let kid = kid {
+                throw JWTError.unknownKID(kid)
+            } else {
+                throw JWTError.missingKIDHeader
+            }
+        }
+        return signer
+    }
+
     public func unverified<Payload>(
         _ token: String,
         as payload: Payload.Type = Payload.self
@@ -73,10 +84,7 @@ public final class JWTSigners {
     {
         let parser = try JWTParser(token: token)
         let header = try parser.header()
-        guard let signer = self.get(kid: header.kid) else {
-            fatalError()
-        }
-        try parser.verify(using: signer)
+        try parser.verify(using: self.require(kid: header.kid))
         return try parser.payload(as: Payload.self)
     }
 
@@ -86,9 +94,10 @@ public final class JWTSigners {
     ) throws -> String
         where Payload: JWTPayload
     {
-        guard let signer = self.get(kid: kid) else {
-            fatalError()
-        }
-        return try JWTSerializer().sign(payload, using: signer, kid: kid)
+        return try JWTSerializer().sign(
+            payload,
+            using: self.require(kid: kid),
+            kid: kid
+        )
     }
 }