Factor out the signing code so the test framework can use it

Author: ehuss

src/payload.rs

@@ -12,6 +12,13 @@ impl fmt::Display for SignedPayloadError {
 
 impl std::error::Error for SignedPayloadError {}
 
+pub fn sign(secret: &str, payload: &[u8]) -> Vec<u8> {
+    let key = PKey::hmac(secret.as_bytes()).unwrap();
+    let mut signer = Signer::new(MessageDigest::sha1(), &key).unwrap();
+    signer.update(&payload).unwrap();
+    signer.sign_to_vec().unwrap()
+}
+
 pub fn assert_signed(signature: &str, payload: &[u8]) -> Result<(), SignedPayloadError> {
     let signature = signature.get("sha1=".len()..).ok_or(SignedPayloadError)?;
     let signature = match hex::decode(&signature) {
@@ -22,15 +29,8 @@ pub fn assert_signed(signature: &str, payload: &[u8]) -> Result<(), SignedPayloa
         }
     };
 
-    let key = PKey::hmac(
-        std::env::var("GITHUB_WEBHOOK_SECRET")
-            .expect("Missing GITHUB_WEBHOOK_SECRET")
-            .as_bytes(),
-    )
-    .unwrap();
-    let mut signer = Signer::new(MessageDigest::sha1(), &key).unwrap();
-    signer.update(&payload).unwrap();
-    let hmac = signer.sign_to_vec().unwrap();
+    let secret = std::env::var("GITHUB_WEBHOOK_SECRET").expect("Missing GITHUB_WEBHOOK_SECRET");
+    let hmac = sign(&secret, payload);
 
     if !memcmp::eq(&hmac, &signature) {
         return Err(SignedPayloadError);