From 9835e2ae736235810b4ea1c162ca5e65c547e770 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 18 May 2024 04:49:50 +0200 Subject: Merging upstream version 1.71.1+dfsg1. Signed-off-by: Daniel Baumann --- vendor/spki/src/algorithm.rs | 131 +++++++++++++++++++++++++---------- vendor/spki/src/fingerprint.rs | 1 - vendor/spki/src/lib.rs | 39 +++++++---- vendor/spki/src/spki.rs | 150 +++++++++++++++++++++++++++++------------ vendor/spki/src/traits.rs | 119 ++++++++++++++++++++++++++------ 5 files changed, 329 insertions(+), 111 deletions(-) (limited to 'vendor/spki/src') diff --git a/vendor/spki/src/algorithm.rs b/vendor/spki/src/algorithm.rs index 2a8b6c7f9..b0e08b5b3 100644 --- a/vendor/spki/src/algorithm.rs +++ b/vendor/spki/src/algorithm.rs @@ -2,8 +2,14 @@ use crate::{Error, Result}; use core::cmp::Ordering; -use der::asn1::{AnyRef, ObjectIdentifier}; -use der::{Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd}; +use der::{ + asn1::{AnyRef, Choice, ObjectIdentifier}, + Decode, DecodeValue, DerOrd, Encode, EncodeValue, Header, Length, Reader, Sequence, ValueOrd, + Writer, +}; + +#[cfg(feature = "alloc")] +use der::asn1::Any; /// X.509 `AlgorithmIdentifier` as defined in [RFC 5280 Section 4.1.1.2]. /// @@ -14,17 +20,79 @@ use der::{Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOr /// ``` /// /// [RFC 5280 Section 4.1.1.2]: https://tools.ietf.org/html/rfc5280#section-4.1.1.2 +#[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))] #[derive(Copy, Clone, Debug, Eq, PartialEq, PartialOrd, Ord)] -pub struct AlgorithmIdentifier<'a> { +pub struct AlgorithmIdentifier { /// Algorithm OID, i.e. the `algorithm` field in the `AlgorithmIdentifier` /// ASN.1 schema. pub oid: ObjectIdentifier, /// Algorithm `parameters`. - pub parameters: Option>, + pub parameters: Option, +} + +impl<'a, Params> DecodeValue<'a> for AlgorithmIdentifier +where + Params: Choice<'a>, +{ + fn decode_value>(reader: &mut R, header: Header) -> der::Result { + reader.read_nested(header.length, |reader| { + Ok(Self { + oid: reader.decode()?, + parameters: reader.decode()?, + }) + }) + } +} + +impl EncodeValue for AlgorithmIdentifier +where + Params: Encode, +{ + fn value_len(&self) -> der::Result { + self.oid.encoded_len()? + self.parameters.encoded_len()? + } + + fn encode_value(&self, writer: &mut impl Writer) -> der::Result<()> { + self.oid.encode(writer)?; + self.parameters.encode(writer)?; + Ok(()) + } +} + +impl<'a, Params> Sequence<'a> for AlgorithmIdentifier where Params: Choice<'a> + Encode {} + +impl<'a, Params> TryFrom<&'a [u8]> for AlgorithmIdentifier +where + Params: Choice<'a> + Encode, +{ + type Error = Error; + + fn try_from(bytes: &'a [u8]) -> Result { + Ok(Self::from_der(bytes)?) + } +} + +impl ValueOrd for AlgorithmIdentifier +where + Params: DerOrd, +{ + fn value_cmp(&self, other: &Self) -> der::Result { + match self.oid.der_cmp(&other.oid)? { + Ordering::Equal => self.parameters.der_cmp(&other.parameters), + other => Ok(other), + } + } } -impl<'a> AlgorithmIdentifier<'a> { +/// `AlgorithmIdentifier` reference which has `AnyRef` parameters. +pub type AlgorithmIdentifierRef<'a> = AlgorithmIdentifier>; + +/// `AlgorithmIdentifier` reference which has `Any` parameters. +#[cfg(feature = "alloc")] +pub type AlgorithmIdentifierOwned = AlgorithmIdentifier; + +impl AlgorithmIdentifier { /// Assert the `algorithm` OID is an expected value. pub fn assert_algorithm_oid(&self, expected_oid: ObjectIdentifier) -> Result { if self.oid == expected_oid { @@ -33,7 +101,9 @@ impl<'a> AlgorithmIdentifier<'a> { Err(Error::OidUnknown { oid: expected_oid }) } } +} +impl<'a> AlgorithmIdentifierRef<'a> { /// Assert `parameters` is an OID and has the expected value. pub fn assert_parameters_oid( &self, @@ -87,46 +157,35 @@ impl<'a> AlgorithmIdentifier<'a> { None => None, Some(p) => match p { AnyRef::NULL => None, - _ => Some(p.oid()?), + _ => Some(p.decode_as::()?), }, }, )) } } -impl<'a> DecodeValue<'a> for AlgorithmIdentifier<'a> { - fn decode_value>(reader: &mut R, header: Header) -> der::Result { - reader.read_nested(header.length, |reader| { - Ok(Self { - oid: reader.decode()?, - parameters: reader.decode()?, - }) - }) - } -} - -impl<'a> Sequence<'a> for AlgorithmIdentifier<'a> { - fn fields(&self, f: F) -> der::Result - where - F: FnOnce(&[&dyn Encode]) -> der::Result, - { - f(&[&self.oid, &self.parameters]) - } -} +#[cfg(feature = "alloc")] +mod allocating { + use super::*; + use der::referenced::*; -impl<'a> TryFrom<&'a [u8]> for AlgorithmIdentifier<'a> { - type Error = Error; - - fn try_from(bytes: &'a [u8]) -> Result { - Ok(Self::from_der(bytes)?) + impl<'a> RefToOwned<'a> for AlgorithmIdentifierRef<'a> { + type Owned = AlgorithmIdentifierOwned; + fn ref_to_owned(&self) -> Self::Owned { + AlgorithmIdentifier { + oid: self.oid, + parameters: self.parameters.ref_to_owned(), + } + } } -} -impl ValueOrd for AlgorithmIdentifier<'_> { - fn value_cmp(&self, other: &Self) -> der::Result { - match self.oid.der_cmp(&other.oid)? { - Ordering::Equal => self.parameters.der_cmp(&other.parameters), - other => Ok(other), + impl OwnedToRef for AlgorithmIdentifierOwned { + type Borrowed<'a> = AlgorithmIdentifierRef<'a>; + fn owned_to_ref(&self) -> Self::Borrowed<'_> { + AlgorithmIdentifier { + oid: self.oid, + parameters: self.parameters.owned_to_ref(), + } } } } diff --git a/vendor/spki/src/fingerprint.rs b/vendor/spki/src/fingerprint.rs index 6a3901fb1..ba06e62e8 100644 --- a/vendor/spki/src/fingerprint.rs +++ b/vendor/spki/src/fingerprint.rs @@ -12,7 +12,6 @@ pub(crate) const SIZE: usize = 32; /// See [RFC7469 § 2.1.1] for more information. /// /// [RFC7469 § 2.1.1]: https://datatracker.ietf.org/doc/html/rfc7469#section-2.1.1 -#[cfg_attr(docsrs, doc(cfg(feature = "fingerprint")))] pub type FingerprintBytes = [u8; SIZE]; /// Writer newtype which accepts DER being serialized on-the-fly and computes a diff --git a/vendor/spki/src/lib.rs b/vendor/spki/src/lib.rs index f46675674..2ac8d9d12 100644 --- a/vendor/spki/src/lib.rs +++ b/vendor/spki/src/lib.rs @@ -1,13 +1,19 @@ #![no_std] -#![cfg_attr(docsrs, feature(doc_cfg))] +#![cfg_attr(docsrs, feature(doc_auto_cfg))] #![doc = include_str!("../README.md")] #![doc( - html_logo_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg", - html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/meta/master/logo.svg" + html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg", + html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/6ee8e381/logo.svg" +)] +#![forbid(unsafe_code)] +#![warn( + clippy::mod_module_files, + clippy::unwrap_used, + missing_docs, + rust_2018_idioms, + unused_lifetimes, + unused_qualifications )] -#![forbid(unsafe_code, clippy::unwrap_used)] -#![warn(missing_docs, rust_2018_idioms, unused_qualifications)] - //! # Usage //! The following example demonstrates how to use an OID as the `parameters` //! of an [`AlgorithmIdentifier`]. @@ -15,14 +21,14 @@ //! Borrow the [`ObjectIdentifier`] first then use [`der::AnyRef::from`] or `.into()`: //! //! ``` -//! use spki::{AlgorithmIdentifier, ObjectIdentifier, der::AnyRef}; +//! use spki::{AlgorithmIdentifier, ObjectIdentifier}; //! //! let alg_oid = "1.2.840.10045.2.1".parse::().unwrap(); //! let params_oid = "1.2.840.10045.3.1.7".parse::().unwrap(); //! //! let alg_id = AlgorithmIdentifier { //! oid: alg_oid, -//! parameters: Some(AnyRef::from(¶ms_oid)) +//! parameters: Some(params_oid) //! }; //! ``` @@ -41,15 +47,24 @@ mod traits; mod fingerprint; pub use crate::{ - algorithm::AlgorithmIdentifier, + algorithm::{AlgorithmIdentifier, AlgorithmIdentifierRef}, error::{Error, Result}, - spki::SubjectPublicKeyInfo, - traits::DecodePublicKey, + spki::{SubjectPublicKeyInfo, SubjectPublicKeyInfoRef}, + traits::{AssociatedAlgorithmIdentifier, DecodePublicKey, SignatureAlgorithmIdentifier}, }; pub use der::{self, asn1::ObjectIdentifier}; #[cfg(feature = "alloc")] -pub use {crate::traits::EncodePublicKey, der::Document}; +pub use { + crate::{ + algorithm::AlgorithmIdentifierOwned, + spki::SubjectPublicKeyInfoOwned, + traits::{ + DynAssociatedAlgorithmIdentifier, DynSignatureAlgorithmIdentifier, EncodePublicKey, + }, + }, + der::Document, +}; #[cfg(feature = "fingerprint")] pub use crate::fingerprint::FingerprintBytes; diff --git a/vendor/spki/src/spki.rs b/vendor/spki/src/spki.rs index 9058e49c7..3d949f887 100644 --- a/vendor/spki/src/spki.rs +++ b/vendor/spki/src/spki.rs @@ -3,24 +3,30 @@ use crate::{AlgorithmIdentifier, Error, Result}; use core::cmp::Ordering; use der::{ - asn1::BitStringRef, Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd, + asn1::{AnyRef, BitStringRef}, + Choice, Decode, DecodeValue, DerOrd, Encode, EncodeValue, FixedTag, Header, Length, Reader, + Sequence, ValueOrd, Writer, }; #[cfg(feature = "alloc")] -use der::Document; +use der::{ + asn1::{Any, BitString}, + Document, +}; #[cfg(feature = "fingerprint")] use crate::{fingerprint, FingerprintBytes}; -#[cfg(all(feature = "alloc", feature = "fingerprint"))] -use { - alloc::string::String, - base64ct::{Base64, Encoding}, -}; - #[cfg(feature = "pem")] use der::pem::PemLabel; +/// [`SubjectPublicKeyInfo`] with [`AnyRef`] algorithm parameters, and [`BitStringRef`] params. +pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo, BitStringRef<'a>>; + +/// [`SubjectPublicKeyInfo`] with [`Any`] algorithm parameters, and [`BitString`] params. +#[cfg(feature = "alloc")] +pub type SubjectPublicKeyInfoOwned = SubjectPublicKeyInfo; + /// X.509 `SubjectPublicKeyInfo` (SPKI) as defined in [RFC 5280 § 4.1.2.7]. /// /// ASN.1 structure containing an [`AlgorithmIdentifier`] and public key @@ -33,25 +39,32 @@ use der::pem::PemLabel; /// ``` /// /// [RFC 5280 § 4.1.2.7]: https://tools.ietf.org/html/rfc5280#section-4.1.2.7 -#[derive(Copy, Clone, Debug, Eq, PartialEq)] -pub struct SubjectPublicKeyInfo<'a> { +#[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))] +#[derive(Clone, Debug, Eq, PartialEq)] +pub struct SubjectPublicKeyInfo { /// X.509 [`AlgorithmIdentifier`] for the public key type - pub algorithm: AlgorithmIdentifier<'a>, + pub algorithm: AlgorithmIdentifier, /// Public key data - pub subject_public_key: &'a [u8], + pub subject_public_key: Key, } -impl<'a> SubjectPublicKeyInfo<'a> { +impl<'a, Params, Key> SubjectPublicKeyInfo +where + Params: Choice<'a> + Encode, + // TODO: replace FixedTag with FixedTag once + // https://github.com/rust-lang/rust/issues/92827 is fixed + Key: Decode<'a> + Encode + FixedTag, +{ /// Calculate the SHA-256 fingerprint of this [`SubjectPublicKeyInfo`] and /// encode it as a Base64 string. /// /// See [RFC7469 § 2.1.1] for more information. /// /// [RFC7469 § 2.1.1]: https://datatracker.ietf.org/doc/html/rfc7469#section-2.1.1 - #[cfg(all(feature = "fingerprint", feature = "alloc"))] - #[cfg_attr(docsrs, doc(cfg(all(feature = "fingerprint", feature = "alloc"))))] - pub fn fingerprint_base64(&self) -> Result { + #[cfg(all(feature = "fingerprint", feature = "alloc", feature = "base64"))] + pub fn fingerprint_base64(&self) -> Result { + use base64ct::{Base64, Encoding}; Ok(Base64::encode_string(&self.fingerprint_bytes()?)) } @@ -62,42 +75,56 @@ impl<'a> SubjectPublicKeyInfo<'a> { /// /// [RFC7469 § 2.1.1]: https://datatracker.ietf.org/doc/html/rfc7469#section-2.1.1 #[cfg(feature = "fingerprint")] - #[cfg_attr(docsrs, doc(cfg(feature = "fingerprint")))] pub fn fingerprint_bytes(&self) -> Result { let mut builder = fingerprint::Builder::new(); self.encode(&mut builder)?; Ok(builder.finish()) } - - /// Get a [`BitString`] representing the `subject_public_key` - fn bitstring(&self) -> der::Result> { - BitStringRef::from_bytes(self.subject_public_key) - } } -impl<'a> DecodeValue<'a> for SubjectPublicKeyInfo<'a> { +impl<'a: 'k, 'k, Params, Key: 'k> DecodeValue<'a> for SubjectPublicKeyInfo +where + Params: Choice<'a> + Encode, + Key: Decode<'a>, +{ fn decode_value>(reader: &mut R, header: Header) -> der::Result { reader.read_nested(header.length, |reader| { Ok(Self { algorithm: reader.decode()?, - subject_public_key: BitStringRef::decode(reader)? - .as_bytes() - .ok_or_else(|| der::Tag::BitString.value_error())?, + subject_public_key: Key::decode(reader)?, }) }) } } -impl<'a> Sequence<'a> for SubjectPublicKeyInfo<'a> { - fn fields(&self, f: F) -> der::Result - where - F: FnOnce(&[&dyn Encode]) -> der::Result, - { - f(&[&self.algorithm, &self.bitstring()?]) +impl<'a, Params, Key> EncodeValue for SubjectPublicKeyInfo +where + Params: Choice<'a> + Encode, + Key: Encode, +{ + fn value_len(&self) -> der::Result { + self.algorithm.encoded_len()? + self.subject_public_key.encoded_len()? + } + + fn encode_value(&self, writer: &mut impl Writer) -> der::Result<()> { + self.algorithm.encode(writer)?; + self.subject_public_key.encode(writer)?; + Ok(()) } } -impl<'a> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a> { +impl<'a, Params, Key> Sequence<'a> for SubjectPublicKeyInfo +where + Params: Choice<'a> + Encode, + Key: Decode<'a> + Encode + FixedTag, +{ +} + +impl<'a, Params, Key> TryFrom<&'a [u8]> for SubjectPublicKeyInfo +where + Params: Choice<'a> + Encode, + Key: Decode<'a> + Encode + FixedTag, +{ type Error = Error; fn try_from(bytes: &'a [u8]) -> Result { @@ -105,37 +132,74 @@ impl<'a> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a> { } } -impl ValueOrd for SubjectPublicKeyInfo<'_> { +impl<'a, Params, Key> ValueOrd for SubjectPublicKeyInfo +where + Params: Choice<'a> + DerOrd + Encode, + Key: ValueOrd, +{ fn value_cmp(&self, other: &Self) -> der::Result { match self.algorithm.der_cmp(&other.algorithm)? { - Ordering::Equal => self.bitstring()?.der_cmp(&other.bitstring()?), + Ordering::Equal => self.subject_public_key.value_cmp(&other.subject_public_key), other => Ok(other), } } } #[cfg(feature = "alloc")] -#[cfg_attr(docsrs, doc(cfg(feature = "alloc")))] -impl TryFrom> for Document { +impl<'a: 'k, 'k, Params, Key: 'k> TryFrom> for Document +where + Params: Choice<'a> + Encode, + Key: Decode<'a> + Encode + FixedTag, + BitStringRef<'a>: From<&'k Key>, +{ type Error = Error; - fn try_from(spki: SubjectPublicKeyInfo<'_>) -> Result { + fn try_from(spki: SubjectPublicKeyInfo) -> Result { Self::try_from(&spki) } } #[cfg(feature = "alloc")] -#[cfg_attr(docsrs, doc(cfg(feature = "alloc")))] -impl TryFrom<&SubjectPublicKeyInfo<'_>> for Document { +impl<'a: 'k, 'k, Params, Key: 'k> TryFrom<&SubjectPublicKeyInfo> for Document +where + Params: Choice<'a> + Encode, + Key: Decode<'a> + Encode + FixedTag, + BitStringRef<'a>: From<&'k Key>, +{ type Error = Error; - fn try_from(spki: &SubjectPublicKeyInfo<'_>) -> Result { + fn try_from(spki: &SubjectPublicKeyInfo) -> Result { Ok(Self::encode_msg(spki)?) } } #[cfg(feature = "pem")] -#[cfg_attr(docsrs, doc(cfg(feature = "pem")))] -impl PemLabel for SubjectPublicKeyInfo<'_> { +impl PemLabel for SubjectPublicKeyInfo { const PEM_LABEL: &'static str = "PUBLIC KEY"; } + +#[cfg(feature = "alloc")] +mod allocating { + use super::*; + use der::referenced::*; + + impl<'a> RefToOwned<'a> for SubjectPublicKeyInfoRef<'a> { + type Owned = SubjectPublicKeyInfoOwned; + fn ref_to_owned(&self) -> Self::Owned { + SubjectPublicKeyInfo { + algorithm: self.algorithm.ref_to_owned(), + subject_public_key: self.subject_public_key.ref_to_owned(), + } + } + } + + impl OwnedToRef for SubjectPublicKeyInfoOwned { + type Borrowed<'a> = SubjectPublicKeyInfoRef<'a>; + fn owned_to_ref(&self) -> Self::Borrowed<'_> { + SubjectPublicKeyInfo { + algorithm: self.algorithm.owned_to_ref(), + subject_public_key: self.subject_public_key.owned_to_ref(), + } + } + } +} diff --git a/vendor/spki/src/traits.rs b/vendor/spki/src/traits.rs index c16e3974d..1126c7c40 100644 --- a/vendor/spki/src/traits.rs +++ b/vendor/spki/src/traits.rs @@ -1,9 +1,13 @@ //! Traits for encoding/decoding SPKI public keys. -use crate::{Error, Result, SubjectPublicKeyInfo}; +use crate::{AlgorithmIdentifier, Error, Result, SubjectPublicKeyInfoRef}; +use der::{EncodeValue, Tagged}; #[cfg(feature = "alloc")] -use der::Document; +use { + crate::AlgorithmIdentifierOwned, + der::{Any, Document}, +}; #[cfg(feature = "pem")] use { @@ -14,15 +18,14 @@ use { #[cfg(feature = "std")] use std::path::Path; +#[cfg(doc)] +use crate::SubjectPublicKeyInfo; + /// Parse a public key object from an encoded SPKI document. -pub trait DecodePublicKey: - for<'a> TryFrom, Error = Error> + Sized -{ +pub trait DecodePublicKey: Sized { /// Deserialize object from ASN.1 DER-encoded [`SubjectPublicKeyInfo`] /// (binary format). - fn from_public_key_der(bytes: &[u8]) -> Result { - Self::try_from(SubjectPublicKeyInfo::try_from(bytes)?) - } + fn from_public_key_der(bytes: &[u8]) -> Result; /// Deserialize PEM-encoded [`SubjectPublicKeyInfo`]. /// @@ -32,17 +35,15 @@ pub trait DecodePublicKey: /// -----BEGIN PUBLIC KEY----- /// ``` #[cfg(feature = "pem")] - #[cfg_attr(docsrs, doc(cfg(feature = "pem")))] fn from_public_key_pem(s: &str) -> Result { let (label, doc) = Document::from_pem(s)?; - SubjectPublicKeyInfo::validate_pem_label(label)?; + SubjectPublicKeyInfoRef::validate_pem_label(label)?; Self::from_public_key_der(doc.as_bytes()) } /// Load public key object from an ASN.1 DER-encoded file on the local /// filesystem (binary format). #[cfg(feature = "std")] - #[cfg_attr(docsrs, doc(cfg(feature = "std")))] fn read_public_key_der_file(path: impl AsRef) -> Result { let doc = Document::read_der_file(path)?; Self::from_public_key_der(doc.as_bytes()) @@ -50,45 +51,125 @@ pub trait DecodePublicKey: /// Load public key object from a PEM-encoded file on the local filesystem. #[cfg(all(feature = "pem", feature = "std"))] - #[cfg_attr(docsrs, doc(cfg(all(feature = "pem", feature = "std"))))] fn read_public_key_pem_file(path: impl AsRef) -> Result { let (label, doc) = Document::read_pem_file(path)?; - SubjectPublicKeyInfo::validate_pem_label(&label)?; + SubjectPublicKeyInfoRef::validate_pem_label(&label)?; Self::from_public_key_der(doc.as_bytes()) } } +impl DecodePublicKey for T +where + T: for<'a> TryFrom, Error = Error>, +{ + fn from_public_key_der(bytes: &[u8]) -> Result { + Self::try_from(SubjectPublicKeyInfoRef::try_from(bytes)?) + } +} + /// Serialize a public key object to a SPKI-encoded document. #[cfg(feature = "alloc")] -#[cfg_attr(docsrs, doc(cfg(feature = "alloc")))] pub trait EncodePublicKey { /// Serialize a [`Document`] containing a SPKI-encoded public key. fn to_public_key_der(&self) -> Result; /// Serialize this public key as PEM-encoded SPKI with the given [`LineEnding`]. #[cfg(feature = "pem")] - #[cfg_attr(docsrs, doc(cfg(feature = "pem")))] fn to_public_key_pem(&self, line_ending: LineEnding) -> Result { let doc = self.to_public_key_der()?; - Ok(doc.to_pem(SubjectPublicKeyInfo::PEM_LABEL, line_ending)?) + Ok(doc.to_pem(SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?) } /// Write ASN.1 DER-encoded public key to the given path #[cfg(feature = "std")] - #[cfg_attr(docsrs, doc(cfg(feature = "std")))] fn write_public_key_der_file(&self, path: impl AsRef) -> Result<()> { Ok(self.to_public_key_der()?.write_der_file(path)?) } /// Write ASN.1 DER-encoded public key to the given path #[cfg(all(feature = "pem", feature = "std"))] - #[cfg_attr(docsrs, doc(cfg(all(feature = "pem", feature = "std"))))] fn write_public_key_pem_file( &self, path: impl AsRef, line_ending: LineEnding, ) -> Result<()> { let doc = self.to_public_key_der()?; - Ok(doc.write_pem_file(path, SubjectPublicKeyInfo::PEM_LABEL, line_ending)?) + Ok(doc.write_pem_file(path, SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?) + } +} + +/// Returns `AlgorithmIdentifier` associated with the structure. +/// +/// This is useful for e.g. keys for digital signature algorithms. +pub trait AssociatedAlgorithmIdentifier { + /// Algorithm parameters. + type Params: Tagged + EncodeValue; + + /// `AlgorithmIdentifier` for this structure. + const ALGORITHM_IDENTIFIER: AlgorithmIdentifier; +} + +/// Returns `AlgorithmIdentifier` associated with the structure. +/// +/// This is useful for e.g. keys for digital signature algorithms. +#[cfg(feature = "alloc")] +pub trait DynAssociatedAlgorithmIdentifier { + /// `AlgorithmIdentifier` for this structure. + fn algorithm_identifier(&self) -> Result; +} + +#[cfg(feature = "alloc")] +impl DynAssociatedAlgorithmIdentifier for T +where + T: AssociatedAlgorithmIdentifier, +{ + fn algorithm_identifier(&self) -> Result { + Ok(AlgorithmIdentifierOwned { + oid: T::ALGORITHM_IDENTIFIER.oid, + parameters: T::ALGORITHM_IDENTIFIER + .parameters + .as_ref() + .map(Any::encode_from) + .transpose()?, + }) + } +} + +/// Returns `AlgorithmIdentifier` associated with the signature system. +/// +/// Unlike AssociatedAlgorithmIdentifier this is intended to be implemented for public and/or +/// private keys. +pub trait SignatureAlgorithmIdentifier { + /// Algorithm parameters. + type Params: Tagged + EncodeValue; + + /// `AlgorithmIdentifier` for the corresponding singature system. + const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifier; +} + +/// Returns `AlgorithmIdentifier` associated with the signature system. +/// +/// Unlike AssociatedAlgorithmIdentifier this is intended to be implemented for public and/or +/// private keys. +#[cfg(feature = "alloc")] +pub trait DynSignatureAlgorithmIdentifier { + /// `AlgorithmIdentifier` for the corresponding singature system. + fn signature_algorithm_identifier(&self) -> Result; +} + +#[cfg(feature = "alloc")] +impl DynSignatureAlgorithmIdentifier for T +where + T: SignatureAlgorithmIdentifier, +{ + fn signature_algorithm_identifier(&self) -> Result { + Ok(AlgorithmIdentifierOwned { + oid: T::SIGNATURE_ALGORITHM_IDENTIFIER.oid, + parameters: T::SIGNATURE_ALGORITHM_IDENTIFIER + .parameters + .as_ref() + .map(Any::encode_from) + .transpose()?, + }) } } -- cgit v1.2.3