perf: don't duplicate signature name, available in header map key

DXist · DXist · commit eadff5311a4b · 2026-05-22T18:19:15.000+08:00
diff --git a/httpsig-hyper/src/hyper_http.rs b/httpsig-hyper/src/hyper_http.rs
@@ -254,6 +254,9 @@ where
   }
 }
 
+/// Default signature name used to indicate signature in http header (`signature` and `signature-input`)
+const DEFAULT_SIGNATURE_NAME: &str = "sig";
+
 impl<D> MessageSignatureReq for Request<D>
 where
   D: Send + Body + Sync,
@@ -289,21 +292,21 @@ where
         build_signature_base(&req_or_res, params, None as Option<&Request<()>>).map(|base| (base, key, name))
       })
       .collect::<Result<Vec<_>, _>>()?;
-    let vec_signature_headers = futures::future::join_all(
-      vec_signature_bases
-        .into_iter()
-        .map(|(base, key, name)| async move { base.build_signature_headers(key, name) }),
-    )
+    let vec_signature_headers = futures::future::join_all(vec_signature_bases.into_iter().map(|(base, key, name)| async move {
+      base
+        .build_signature_headers(key)
+        .map(|headers| (name.unwrap_or(DEFAULT_SIGNATURE_NAME), headers))
+    }))
     .await
     .into_iter()
     .collect::<Result<Vec<_>, _>>()?;
-    vec_signature_headers.iter().try_for_each(|headers| {
+    vec_signature_headers.iter().try_for_each(|(name, headers)| {
       self
         .headers_mut()
-        .append("signature-input", headers.signature_input_header_value().parse()?);
+        .append("signature-input", headers.signature_input_header_value(name).parse()?);
       self
         .headers_mut()
-        .append("signature", headers.signature_header_value().parse()?);
+        .append("signature", headers.signature_header_value(name).parse()?);
       Ok(()) as Result<(), HyperSigError>
     })
   }
@@ -413,22 +416,22 @@ where
       .into_iter()
       .map(|(params, key, name)| build_signature_base(&req_or_res, params, req_for_param).map(|base| (base, key, name)))
       .collect::<Result<Vec<_>, _>>()?;
-    let vec_signature_headers = futures::future::join_all(
-      vec_signature_bases
-        .into_iter()
-        .map(|(base, key, name)| async move { base.build_signature_headers(key, name) }),
-    )
+    let vec_signature_headers = futures::future::join_all(vec_signature_bases.into_iter().map(|(base, key, name)| async move {
+      base
+        .build_signature_headers(key)
+        .map(|headers| (name.unwrap_or(DEFAULT_SIGNATURE_NAME), headers))
+    }))
     .await
     .into_iter()
     .collect::<Result<Vec<_>, _>>()?;
 
-    vec_signature_headers.iter().try_for_each(|headers| {
+    vec_signature_headers.iter().try_for_each(|(name, headers)| {
       self
         .headers_mut()
-        .append("signature-input", headers.signature_input_header_value().parse()?);
+        .append("signature-input", headers.signature_input_header_value(name).parse()?);
       self
         .headers_mut()
-        .append("signature", headers.signature_header_value().parse()?);
+        .append("signature", headers.signature_header_value(name).parse()?);
       Ok(()) as Result<(), HyperSigError>
     })
   }
diff --git a/httpsig-hyper/src/hyper_http_tests.rs b/httpsig-hyper/src/hyper_http_tests.rs
@@ -159,9 +159,10 @@ async fn test_extract_tuples_from_request() {
   let req_or_res = RequestOrResponse::Request(&req);
   let tuples = extract_signature_headers_with_name(&req_or_res).unwrap();
   assert_eq!(tuples.len(), 1);
-  assert_eq!(tuples.get("sig11").unwrap().signature_name(), "sig11");
+  let (signature_name, headers) = tuples.into_iter().next().expect("not empty");
+  assert_eq!(signature_name, "sig11");
   assert_eq!(
-    tuples.get("sig11").unwrap().signature_params().to_string(),
+    headers.signature_params().to_string(),
     r##"("@method" "@authority");created=1704972031"##
   );
 }
@@ -238,7 +239,8 @@ async fn test_set_verify_with_signature_name() {
   let req_or_res = RequestOrResponse::Request(&req);
   let signature_headers_map = extract_signature_headers_with_name(&req_or_res).unwrap();
   assert_eq!(signature_headers_map.len(), 1);
-  assert_eq!(signature_headers_map[0].signature_name(), "custom_sig_name");
+  let sig_name = signature_headers_map.keys().next().expect("not empty");
+  assert_eq!(sig_name, "custom_sig_name");
 
   let public_key = PublicKey::from_pem(&AlgorithmName::Ed25519, EDDSA_PUBLIC_KEY).unwrap();
   let verification_res = req.verify_message_signature(&public_key, None).await;
diff --git a/httpsig/benches/noncrypto.rs b/httpsig/benches/noncrypto.rs
@@ -54,10 +54,10 @@ fn setup_signature_input() -> (String, String, &'static [&'static str]) {
   let signature_params = HttpSignatureParams::try_from(SIGNATURE_PARAMS).unwrap();
   let signature_base = HttpSignatureBase::try_new(component_lines, signature_params).unwrap();
   let sk = SecretKey::from_pem(&AlgorithmName::Ed25519, EDDSA_SECRET_KEY).unwrap();
-  let signature_headers = signature_base.build_signature_headers(&sk, Some("sig-b26")).unwrap();
+  let signature_headers = signature_base.build_signature_headers(&sk).unwrap();
   (
-    signature_headers.signature_input_header_value(),
-    signature_headers.signature_header_value(),
+    signature_headers.signature_input_header_value("sig-b26"),
+    signature_headers.signature_header_value("sig-b26"),
     COMPONENT_LINES,
   )
 }
diff --git a/httpsig/src/lib.rs b/httpsig/src/lib.rs
@@ -142,9 +142,9 @@ Signature: sig-b26=:wqcAqbmYJ2ji2glfAMaRy4gruYYnx2nEFN2HN6jrnDnQCK1u02Gb04v9EDgw
     let signature_params = HttpSignatureParams::try_from(SIGNATURE_PARAMS).unwrap();
     let signature_base = HttpSignatureBase::try_new(component_lines.clone(), signature_params).unwrap();
     let sk = SecretKey::from_pem(&AlgorithmName::Ed25519, EDDSA_SECRET_KEY).unwrap();
-    let signature_headers = signature_base.build_signature_headers(&sk, Some("sig-b26")).unwrap();
-    let signature_params_header_string = signature_headers.signature_input_header_value();
-    let signature_header_string = signature_headers.signature_header_value();
+    let signature_headers = signature_base.build_signature_headers(&sk).unwrap();
+    let signature_params_header_string = signature_headers.signature_input_header_value("sig-b26");
+    let signature_header_string = signature_headers.signature_header_value("sig-b26");
 
     assert_eq!(signature_params_header_string, format!("sig-b26={}", SIGNATURE_PARAMS));
     assert!(signature_header_string.starts_with("sig-b26=:") && signature_header_string.ends_with(':'));
diff --git a/httpsig/src/signature_base.rs b/httpsig/src/signature_base.rs
@@ -13,14 +13,9 @@ use sfv::{BareItem, Item, ListEntry, Parser};
 /// IndexMap of signature name and HttpSignatureHeaders
 pub type HttpSignatureHeadersMap = IndexMap<String, HttpSignatureHeaders, FxBuildHasher>;
 
-/// Default signature name used to indicate signature in http header (`signature` and `signature-input`)
-const DEFAULT_SIGNATURE_NAME: &str = "sig";
-
 #[derive(Debug, Clone)]
 /// Signature Headers derived from HttpSignatureBase
 pub struct HttpSignatureHeaders {
-  /// signature name coupling signature with signature input
-  signature_name: String,
   /// Signature value of "Signature" http header in the form of "<signature_name>=:<base64_signature>:"
   signature: HttpSignature,
   /// signature-params value of "Signature-Input" http header in the form of "<signature_name>=:<signature_params>:"
@@ -87,9 +82,8 @@ impl HttpSignatureHeaders {
         let signature = HttpSignature(signature_bytes);
 
         Ok((
-          signature_name.clone(),
+          signature_name,
           Self {
-            signature_name,
             signature,
             signature_params,
           },
@@ -99,11 +93,6 @@ impl HttpSignatureHeaders {
     Ok(res)
   }
 
-  /// Returns the signature name
-  pub fn signature_name(&self) -> &str {
-    &self.signature_name
-  }
-
   /// Returns the signature value without name
   pub fn signature(&self) -> &HttpSignature {
     &self.signature
@@ -120,12 +109,12 @@ impl HttpSignatureHeaders {
   }
 
   /// Returns the signature value of "Signature" http header in the form of "<signature_name>=:<base64_signature>:"
-  pub fn signature_header_value(&self) -> String {
-    format!("{}=:{}:", self.signature_name, self.signature)
+  pub fn signature_header_value(&self, signature_name: &str) -> String {
+    format!("{}=:{}:", signature_name, self.signature)
   }
   /// Returns the signature input value of "Signature-Input" http header in the form of "<signature_name>=<signature_params>"
-  pub fn signature_input_header_value(&self) -> String {
-    format!("{}={}", self.signature_name, self.signature_params)
+  pub fn signature_input_header_value(&self, signature_name: &str) -> String {
+    format!("{}={}", signature_name, self.signature_params)
   }
 }
 
@@ -190,16 +179,11 @@ impl HttpSignatureBase {
   }
 
   /// Build the signature and signature-input headers structs
-  pub fn build_signature_headers(
-    &self,
-    signing_key: &impl SigningKey,
-    signature_name: Option<&str>,
-  ) -> HttpSigResult<HttpSignatureHeaders> {
+  pub fn build_signature_headers(self, signing_key: &impl SigningKey) -> HttpSigResult<HttpSignatureHeaders> {
     let signature = self.build_raw_signature(signing_key)?;
     Ok(HttpSignatureHeaders {
-      signature_name: signature_name.unwrap_or(DEFAULT_SIGNATURE_NAME).to_string(),
       signature: HttpSignature(signature),
-      signature_params: self.signature_params.clone(),
+      signature_params: self.signature_params,
     })
   }
 
@@ -288,15 +272,15 @@ mod test {
     const SIGNATURE_INPUT: &str = r##"sig-b26=("date" "@method" "@path" "@authority" "content-type" "content-length");created=1618884473;keyid="test-key-ed25519", sig-b27=("date" "@method" "@path" "@authority" "content-type" "content-length");created=1618884473;keyid="test-key-ed25519-alt""##;
     const SIGNATURE: &str = r##"sig-b26=:wqcAqbmYJ2ji2glfAMaRy4gruYYnx2nEFN2HN6jrnDnQCK1u02Gb04v9EDgwUPiu4A0w6vuQv5lIp5WPpBKRCw==:, sig-b27=:wqcAqbmYJ2ji2glfAMaRy4gruYYnx2nEFN2HN6jrnDnQCK1u02Gb04v9EDgwUPiu4A0w6vuQv5lIp5WPpBKRCw==:"##;
 
-    let header_map = HttpSignatureHeaders::try_parse(SIGNATURE, SIGNATURE_INPUT).unwrap();
+    let mut header_map = HttpSignatureHeaders::try_parse(SIGNATURE, SIGNATURE_INPUT).unwrap();
     assert!(header_map.len() == 2);
-    let http_signature_headers = header_map.get("sig-b26").unwrap();
+    let http_signature_headers = header_map.swap_remove("sig-b26").unwrap();
     assert_eq!(
-      http_signature_headers.signature_header_value(),
+      http_signature_headers.signature_header_value("sig-b26"),
       SIGNATURE.split(',').next().unwrap()
     );
     assert_eq!(
-      http_signature_headers.signature_input_header_value(),
+      http_signature_headers.signature_input_header_value("sig-b26"),
       SIGNATURE_INPUT.split(',').next().unwrap()
     );
   }

Original file line number	Diff line number	Diff line change
`@@ -54,10 +54,10 @@ fn setup_signature_input() -> (String, String, &'static [&'static str]) {`
`54`	`54`	`let signature_params = HttpSignatureParams::try_from(SIGNATURE_PARAMS).unwrap();`
`55`	`55`	`let signature_base = HttpSignatureBase::try_new(component_lines, signature_params).unwrap();`
`56`	`56`	`let sk = SecretKey::from_pem(&AlgorithmName::Ed25519, EDDSA_SECRET_KEY).unwrap();`
`57`		`- let signature_headers = signature_base.build_signature_headers(&sk, Some("sig-b26")).unwrap();`
	`57`	`+ let signature_headers = signature_base.build_signature_headers(&sk).unwrap();`
`58`	`58`	`(`
`59`		`- signature_headers.signature_input_header_value(),`
`60`		`- signature_headers.signature_header_value(),`
	`59`	`+ signature_headers.signature_input_header_value("sig-b26"),`
	`60`	`+ signature_headers.signature_header_value("sig-b26"),`
`61`	`61`	`COMPONENT_LINES,`
`62`	`62`	`)`
`63`	`63`	`}`