From aeedb5adf5297892fcb9e11f7c0f6c0157005c58 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Thu, 5 Sep 2024 16:34:06 -0700 Subject: [PATCH] pkcs8 API changes (#446) see https://github.com/RustCrypto/formats/pull/1483 --- Cargo.lock | 6 ++---- Cargo.toml | 4 ++++ src/encoding.rs | 13 +++++++++---- src/pkcs1v15/signing_key.rs | 4 ++-- src/pss/blinded_signing_key.rs | 4 ++-- src/pss/signing_key.rs | 4 ++-- 6 files changed, 21 insertions(+), 14 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 6e7678fb..14f4f51d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -371,8 +371,7 @@ dependencies = [ [[package]] name = "pkcs1" version = "0.8.0-rc.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d2f4c73d459a85331915baebd5082dce5ee8ef16fd9a1ca75559ac91e66a9ee" +source = "git+https://github.com/RustCrypto/formats.git#3fb883b2f445e74f38f51fef63a347ecfe69f623" dependencies = [ "der", "pkcs8", @@ -399,8 +398,7 @@ dependencies = [ [[package]] name = "pkcs8" version = "0.11.0-rc.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66180445f1dce533620a7743467ef85fe1c5e80cdaf7c7053609d7a2fbcdae20" +source = "git+https://github.com/RustCrypto/formats.git#3fb883b2f445e74f38f51fef63a347ecfe69f623" dependencies = [ "der", "pkcs5", diff --git a/Cargo.toml b/Cargo.toml index dbb5a1b1..dd466e24 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -65,3 +65,7 @@ rustdoc-args = ["--cfg", "docsrs"] [profile.dev] opt-level = 2 + +[patch.crates-io] +pkcs1 = { git = "https://github.com/RustCrypto/formats.git" } +pkcs8 = { git = "https://github.com/RustCrypto/formats.git" } diff --git a/src/encoding.rs b/src/encoding.rs index 51d5032d..d487de39 100644 --- a/src/encoding.rs +++ b/src/encoding.rs @@ -9,7 +9,8 @@ use crate::{ }; use core::convert::{TryFrom, TryInto}; use pkcs8::{ - der::Encode, Document, EncodePrivateKey, EncodePublicKey, ObjectIdentifier, SecretDocument, + der::{asn1::OctetStringRef, Encode}, + Document, EncodePrivateKey, EncodePublicKey, ObjectIdentifier, SecretDocument, }; use zeroize::Zeroizing; @@ -37,10 +38,10 @@ pub(crate) fn verify_algorithm_id( Ok(()) } -impl TryFrom> for RsaPrivateKey { +impl TryFrom> for RsaPrivateKey { type Error = pkcs8::Error; - fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + fn try_from(private_key_info: pkcs8::PrivateKeyInfoRef<'_>) -> pkcs8::Result { verify_algorithm_id(&private_key_info.algorithm)?; let pkcs1_key = pkcs1::RsaPrivateKey::try_from(private_key_info.private_key)?; @@ -110,7 +111,11 @@ impl EncodePrivateKey for RsaPrivateKey { } .to_der()?; - pkcs8::PrivateKeyInfo::new(pkcs1::ALGORITHM_ID, private_key.as_ref()).try_into() + pkcs8::PrivateKeyInfoRef::new( + pkcs1::ALGORITHM_ID, + OctetStringRef::new(private_key.as_ref())?, + ) + .try_into() } } diff --git a/src/pkcs1v15/signing_key.rs b/src/pkcs1v15/signing_key.rs index 8914479d..b0da5293 100644 --- a/src/pkcs1v15/signing_key.rs +++ b/src/pkcs1v15/signing_key.rs @@ -247,13 +247,13 @@ where }; } -impl TryFrom> for SigningKey +impl TryFrom> for SigningKey where D: Digest + AssociatedOid, { type Error = pkcs8::Error; - fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + fn try_from(private_key_info: pkcs8::PrivateKeyInfoRef<'_>) -> pkcs8::Result { private_key_info .algorithm .assert_algorithm_oid(pkcs1::ALGORITHM_OID)?; diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs index 9f990125..c96c4330 100644 --- a/src/pss/blinded_signing_key.rs +++ b/src/pss/blinded_signing_key.rs @@ -201,13 +201,13 @@ where } } -impl TryFrom> for BlindedSigningKey +impl TryFrom> for BlindedSigningKey where D: Digest + AssociatedOid, { type Error = pkcs8::Error; - fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + fn try_from(private_key_info: pkcs8::PrivateKeyInfoRef<'_>) -> pkcs8::Result { RsaPrivateKey::try_from(private_key_info).map(Self::new) } } diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs index 0ed526bd..16a8f0fa 100644 --- a/src/pss/signing_key.rs +++ b/src/pss/signing_key.rs @@ -225,13 +225,13 @@ where } } -impl TryFrom> for SigningKey +impl TryFrom> for SigningKey where D: Digest + AssociatedOid, { type Error = pkcs8::Error; - fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + fn try_from(private_key_info: pkcs8::PrivateKeyInfoRef<'_>) -> pkcs8::Result { verify_algorithm_id(&private_key_info.algorithm)?; RsaPrivateKey::try_from(private_key_info).map(Self::new) }