diff --git a/pkcs1/src/params.rs b/pkcs1/src/params.rs index b2080893f..237c6fe5d 100644 --- a/pkcs1/src/params.rs +++ b/pkcs1/src/params.rs @@ -6,15 +6,12 @@ use der::{ asn1::ContextSpecificRef, Decode, DecodeValue, Encode, EncodeValue, FixedTag, Reader, Sequence, Tag, TagMode, TagNumber, Writer, }; -use spki::AlgorithmIdentifierRef; +use spki::{AlgorithmIdentifier, AlgorithmIdentifierRef}; const OID_SHA_1: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.14.3.2.26"); const OID_MGF_1: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.8"); const OID_PSPECIFIED: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.9"); -// TODO(tarcieri): make `AlgorithmIdentifier` generic around params; use `OID_SHA_1` -const SEQ_OID_SHA_1_DER: &[u8] = &[0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a]; - const SHA_1_AI: AlgorithmIdentifierRef<'_> = AlgorithmIdentifierRef { oid: OID_SHA_1, parameters: None, @@ -84,7 +81,7 @@ pub struct RsaPssParams<'a> { pub hash: AlgorithmIdentifierRef<'a>, /// Mask Generation Function (MGF) - pub mask_gen: AlgorithmIdentifierRef<'a>, + pub mask_gen: AlgorithmIdentifier>, /// Salt length pub salt_len: u8, @@ -180,13 +177,10 @@ impl<'a> TryFrom<&'a [u8]> for RsaPssParams<'a> { } /// Default Mask Generation Function (MGF): SHA-1. -fn default_mgf1_sha1<'a>() -> AlgorithmIdentifierRef<'a> { - AlgorithmIdentifierRef { +fn default_mgf1_sha1<'a>() -> AlgorithmIdentifier> { + AlgorithmIdentifier::> { oid: OID_MGF_1, - parameters: Some( - AnyRef::new(Tag::Sequence, SEQ_OID_SHA_1_DER) - .expect("error creating default MGF1 params"), - ), + parameters: Some(SHA_1_AI), } } @@ -211,7 +205,7 @@ pub struct RsaOaepParams<'a> { pub hash: AlgorithmIdentifierRef<'a>, /// Mask Generation Function (MGF) - pub mask_gen: AlgorithmIdentifierRef<'a>, + pub mask_gen: AlgorithmIdentifier>, /// The source (and possibly the value) of the label L pub p_source: AlgorithmIdentifierRef<'a>, diff --git a/pkcs1/tests/params.rs b/pkcs1/tests/params.rs index 6954934a8..597e263f0 100644 --- a/pkcs1/tests/params.rs +++ b/pkcs1/tests/params.rs @@ -1,10 +1,7 @@ //! PKCS#1 algorithm params tests use const_oid::db; -use der::{ - asn1::{ObjectIdentifier, OctetStringRef}, - Decode, Encode, -}; +use der::{asn1::OctetStringRef, Encode}; use hex_literal::hex; use pkcs1::{RsaOaepParams, RsaPssParams, TrailerField}; @@ -31,15 +28,12 @@ fn decode_pss_param() { .mask_gen .assert_algorithm_oid(db::rfc5912::ID_MGF_1) .is_ok()); - assert_eq!( - param - .mask_gen - .parameters_any() - .unwrap() - .sequence(|reader| Ok(ObjectIdentifier::decode(reader)?)) - .unwrap(), - db::rfc5912::ID_SHA_256 - ); + assert!(param + .mask_gen + .parameters + .unwrap() + .assert_algorithm_oid(db::rfc5912::ID_SHA_256) + .is_ok()); assert_eq!(param.salt_len, 32); assert_eq!(param.trailer_field, TrailerField::BC); } @@ -67,15 +61,12 @@ fn decode_pss_param_default() { .mask_gen .assert_algorithm_oid(db::rfc5912::ID_MGF_1) .is_ok()); - assert_eq!( - param - .mask_gen - .parameters_any() - .unwrap() - .sequence(|reader| Ok(ObjectIdentifier::decode(reader)?)) - .unwrap(), - db::rfc5912::ID_SHA_1 - ); + assert!(param + .mask_gen + .parameters + .unwrap() + .assert_algorithm_oid(db::rfc5912::ID_SHA_1) + .is_ok()); assert_eq!(param.salt_len, 20); assert_eq!(param.trailer_field, TrailerField::BC); assert_eq!(param, Default::default()) @@ -103,15 +94,12 @@ fn decode_oaep_param() { .mask_gen .assert_algorithm_oid(db::rfc5912::ID_MGF_1) .is_ok()); - assert_eq!( - param - .mask_gen - .parameters_any() - .unwrap() - .sequence(|reader| Ok(ObjectIdentifier::decode(reader)?)) - .unwrap(), - db::rfc5912::ID_SHA_256 - ); + assert!(param + .mask_gen + .parameters + .unwrap() + .assert_algorithm_oid(db::rfc5912::ID_SHA_256) + .is_ok()); assert!(param .p_source .assert_algorithm_oid(db::rfc5912::ID_P_SPECIFIED) @@ -145,15 +133,12 @@ fn decode_oaep_param_default() { .mask_gen .assert_algorithm_oid(db::rfc5912::ID_MGF_1) .is_ok()); - assert_eq!( - param - .mask_gen - .parameters_any() - .unwrap() - .sequence(|reader| Ok(ObjectIdentifier::decode(reader)?)) - .unwrap(), - db::rfc5912::ID_SHA_1 - ); + assert!(param + .mask_gen + .parameters + .unwrap() + .assert_algorithm_oid(db::rfc5912::ID_SHA_1) + .is_ok()); assert!(param .p_source .assert_algorithm_oid(db::rfc5912::ID_P_SPECIFIED) diff --git a/spki/src/algorithm.rs b/spki/src/algorithm.rs index 6f76d6d35..5107ca58c 100644 --- a/spki/src/algorithm.rs +++ b/spki/src/algorithm.rs @@ -78,7 +78,7 @@ where /// `AlgorithmIdentifier` reference which has `AnyRef` parameters. pub type AlgorithmIdentifierRef<'a> = AlgorithmIdentifier>; -impl<'a> AlgorithmIdentifierRef<'a> { +impl AlgorithmIdentifier { /// Assert the `algorithm` OID is an expected value. pub fn assert_algorithm_oid(&self, expected_oid: ObjectIdentifier) -> Result { if self.oid == expected_oid { @@ -87,7 +87,9 @@ impl<'a> AlgorithmIdentifierRef<'a> { Err(Error::OidUnknown { oid: expected_oid }) } } +} +impl<'a> AlgorithmIdentifierRef<'a> { /// Assert `parameters` is an OID and has the expected value. pub fn assert_parameters_oid( &self,