Skip to content

Commit

Permalink
elliptic-curve: pkcs8 API changes
Browse files Browse the repository at this point in the history
  • Loading branch information
baloo committed Sep 5, 2024
1 parent 7fb782a commit 1b036fe
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 10 deletions.
6 changes: 2 additions & 4 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,6 @@ members = [
[patch.crates-io]
digest = { path = "./digest" }
signature = { path = "./signature" }

sec1 = { git = "https://github.com/RustCrypto/formats.git" }
pkcs8 = { git = "https://github.com/RustCrypto/formats.git" }
17 changes: 11 additions & 6 deletions elliptic-curve/src/secret_key/pkcs8.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,10 @@ use {
sec1::{FromEncodedPoint, ToEncodedPoint},
AffinePoint, CurveArithmetic,
},
pkcs8::{der, EncodePrivateKey},
pkcs8::{
der::{self, asn1::OctetStringRef},
EncodePrivateKey,
},
};

// Imports for actual PEM support
Expand All @@ -39,19 +42,19 @@ where
};
}

impl<C> TryFrom<pkcs8::PrivateKeyInfo<'_>> for SecretKey<C>
impl<C> TryFrom<pkcs8::PrivateKeyInfoRef<'_>> for SecretKey<C>
where
C: AssociatedOid + Curve + ValidatePublicKey,
FieldBytesSize<C>: ModulusSize,
{
type Error = pkcs8::Error;

fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result<Self> {
fn try_from(private_key_info: pkcs8::PrivateKeyInfoRef<'_>) -> pkcs8::Result<Self> {
private_key_info
.algorithm
.assert_oids(ALGORITHM_OID, C::OID)?;

let ec_private_key = EcPrivateKey::from_der(private_key_info.private_key)?;
let ec_private_key = EcPrivateKey::from_der(private_key_info.private_key.as_bytes())?;
Ok(Self::try_from(ec_private_key)?)
}
}
Expand All @@ -64,14 +67,16 @@ where
FieldBytesSize<C>: ModulusSize,
{
fn to_pkcs8_der(&self) -> pkcs8::Result<der::SecretDocument> {
// TODO(tarcieri): make `PrivateKeyInfo` generic around `Params`
let algorithm_identifier = pkcs8::AlgorithmIdentifierRef {
oid: ALGORITHM_OID,
parameters: Some((&C::OID).into()),
};

let ec_private_key = self.to_sec1_der()?;
let pkcs8_key = pkcs8::PrivateKeyInfo::new(algorithm_identifier, &ec_private_key);
let pkcs8_key = pkcs8::PrivateKeyInfoRef::new(
algorithm_identifier,
OctetStringRef::new(&ec_private_key)?,
);
Ok(der::SecretDocument::encode_msg(&pkcs8_key)?)
}
}
Expand Down

0 comments on commit 1b036fe

Please sign in to comment.