Adding upstream version 0.70.1+ds1.upstream/0.70.1+ds1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 184 insertions, 0 deletions

diff --git a/vendor/spki/src/traits.rs b/vendor/spki/src/traits.rs
new file mode 100644
index 0000000..764b02a
--- /dev/null
+++ b/vendor/spki/src/traits.rs
@@ -0,0 +1,184 @@
+//! Traits for encoding/decoding SPKI public keys.
+
+use crate::{AlgorithmIdentifier, Error, Result, SubjectPublicKeyInfoRef};
+use der::{EncodeValue, Tagged};
+
+#[cfg(feature = "alloc")]
+use {
+    crate::AlgorithmIdentifierOwned,
+    der::{asn1::BitString, Any, Document},
+};
+
+#[cfg(feature = "pem")]
+use {
+    alloc::string::String,
+    der::pem::{LineEnding, PemLabel},
+};
+
+#[cfg(feature = "std")]
+use std::path::Path;
+
+#[cfg(doc)]
+use crate::SubjectPublicKeyInfo;
+
+/// Parse a public key object from an encoded SPKI document.
+pub trait DecodePublicKey: Sized {
+    /// Deserialize object from ASN.1 DER-encoded [`SubjectPublicKeyInfo`]
+    /// (binary format).
+    fn from_public_key_der(bytes: &[u8]) -> Result<Self>;
+
+    /// Deserialize PEM-encoded [`SubjectPublicKeyInfo`].
+    ///
+    /// Keys in this format begin with the following delimiter:
+    ///
+    /// ```text
+    /// -----BEGIN PUBLIC KEY-----
+    /// ```
+    #[cfg(feature = "pem")]
+    fn from_public_key_pem(s: &str) -> Result<Self> {
+        let (label, doc) = Document::from_pem(s)?;
+        SubjectPublicKeyInfoRef::validate_pem_label(label)?;
+        Self::from_public_key_der(doc.as_bytes())
+    }
+
+    /// Load public key object from an ASN.1 DER-encoded file on the local
+    /// filesystem (binary format).
+    #[cfg(feature = "std")]
+    fn read_public_key_der_file(path: impl AsRef<Path>) -> Result<Self> {
+        let doc = Document::read_der_file(path)?;
+        Self::from_public_key_der(doc.as_bytes())
+    }
+
+    /// Load public key object from a PEM-encoded file on the local filesystem.
+    #[cfg(all(feature = "pem", feature = "std"))]
+    fn read_public_key_pem_file(path: impl AsRef<Path>) -> Result<Self> {
+        let (label, doc) = Document::read_pem_file(path)?;
+        SubjectPublicKeyInfoRef::validate_pem_label(&label)?;
+        Self::from_public_key_der(doc.as_bytes())
+    }
+}
+
+impl<T> DecodePublicKey for T
+where
+    T: for<'a> TryFrom<SubjectPublicKeyInfoRef<'a>, Error = Error>,
+{
+    fn from_public_key_der(bytes: &[u8]) -> Result<Self> {
+        Self::try_from(SubjectPublicKeyInfoRef::try_from(bytes)?)
+    }
+}
+
+/// Serialize a public key object to a SPKI-encoded document.
+#[cfg(feature = "alloc")]
+pub trait EncodePublicKey {
+    /// Serialize a [`Document`] containing a SPKI-encoded public key.
+    fn to_public_key_der(&self) -> Result<Document>;
+
+    /// Serialize this public key as PEM-encoded SPKI with the given [`LineEnding`].
+    #[cfg(feature = "pem")]
+    fn to_public_key_pem(&self, line_ending: LineEnding) -> Result<String> {
+        let doc = self.to_public_key_der()?;
+        Ok(doc.to_pem(SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?)
+    }
+
+    /// Write ASN.1 DER-encoded public key to the given path
+    #[cfg(feature = "std")]
+    fn write_public_key_der_file(&self, path: impl AsRef<Path>) -> Result<()> {
+        Ok(self.to_public_key_der()?.write_der_file(path)?)
+    }
+
+    /// Write ASN.1 DER-encoded public key to the given path
+    #[cfg(all(feature = "pem", feature = "std"))]
+    fn write_public_key_pem_file(
+        &self,
+        path: impl AsRef<Path>,
+        line_ending: LineEnding,
+    ) -> Result<()> {
+        let doc = self.to_public_key_der()?;
+        Ok(doc.write_pem_file(path, SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?)
+    }
+}
+
+/// Returns `AlgorithmIdentifier` associated with the structure.
+///
+/// This is useful for e.g. keys for digital signature algorithms.
+pub trait AssociatedAlgorithmIdentifier {
+    /// Algorithm parameters.
+    type Params: Tagged + EncodeValue;
+
+    /// `AlgorithmIdentifier` for this structure.
+    const ALGORITHM_IDENTIFIER: AlgorithmIdentifier<Self::Params>;
+}
+
+/// Returns `AlgorithmIdentifier` associated with the structure.
+///
+/// This is useful for e.g. keys for digital signature algorithms.
+#[cfg(feature = "alloc")]
+pub trait DynAssociatedAlgorithmIdentifier {
+    /// `AlgorithmIdentifier` for this structure.
+    fn algorithm_identifier(&self) -> Result<AlgorithmIdentifierOwned>;
+}
+
+#[cfg(feature = "alloc")]
+impl<T> DynAssociatedAlgorithmIdentifier for T
+where
+    T: AssociatedAlgorithmIdentifier,
+{
+    fn algorithm_identifier(&self) -> Result<AlgorithmIdentifierOwned> {
+        Ok(AlgorithmIdentifierOwned {
+            oid: T::ALGORITHM_IDENTIFIER.oid,
+            parameters: T::ALGORITHM_IDENTIFIER
+                .parameters
+                .as_ref()
+                .map(Any::encode_from)
+                .transpose()?,
+        })
+    }
+}
+
+/// Returns `AlgorithmIdentifier` associated with the signature system.
+///
+/// Unlike AssociatedAlgorithmIdentifier this is intended to be implemented for public and/or
+/// private keys.
+pub trait SignatureAlgorithmIdentifier {
+    /// Algorithm parameters.
+    type Params: Tagged + EncodeValue;
+
+    /// `AlgorithmIdentifier` for the corresponding singature system.
+    const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifier<Self::Params>;
+}
+
+/// Returns `AlgorithmIdentifier` associated with the signature system.
+///
+/// Unlike AssociatedAlgorithmIdentifier this is intended to be implemented for public and/or
+/// private keys.
+#[cfg(feature = "alloc")]
+pub trait DynSignatureAlgorithmIdentifier {
+    /// `AlgorithmIdentifier` for the corresponding singature system.
+    fn signature_algorithm_identifier(&self) -> Result<AlgorithmIdentifierOwned>;
+}
+
+#[cfg(feature = "alloc")]
+impl<T> DynSignatureAlgorithmIdentifier for T
+where
+    T: SignatureAlgorithmIdentifier,
+{
+    fn signature_algorithm_identifier(&self) -> Result<AlgorithmIdentifierOwned> {
+        Ok(AlgorithmIdentifierOwned {
+            oid: T::SIGNATURE_ALGORITHM_IDENTIFIER.oid,
+            parameters: T::SIGNATURE_ALGORITHM_IDENTIFIER
+                .parameters
+                .as_ref()
+                .map(Any::encode_from)
+                .transpose()?,
+        })
+    }
+}
+
+/// Returns the `BitString` encoding of the signature.
+///
+/// X.509 and CSR structures require signatures to be BitString encoded.
+#[cfg(feature = "alloc")]
+pub trait SignatureBitStringEncoding {
+    /// `BitString` encoding for this signature.
+    fn to_bitstring(&self) -> der::Result<BitString>;
+}