From ab8bc272cf521bec2584988690313d60e17b2e76 Mon Sep 17 00:00:00 2001 From: Adam Wick Date: Sun, 21 Jan 2018 11:19:05 -0800 Subject: [PATCH] Fix warnings, and make DSA key encoding work. --- src/algident.rs | 78 +++++++++++++++++++++++++++++++----------------- src/lib.rs | 8 ++--- src/publickey.rs | 44 +++++++++++++-------------- src/validity.rs | 14 ++++----- 4 files changed, 80 insertions(+), 64 deletions(-) diff --git a/src/algident.rs b/src/algident.rs index 59e3ffd..f64dc41 100644 --- a/src/algident.rs +++ b/src/algident.rs @@ -1,6 +1,5 @@ use error::X509ParseError; use num::BigUint; -use num::bigint::ToBigInt; use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1}; #[derive(Clone,Copy,Debug,PartialEq)] @@ -270,67 +269,90 @@ mod test { use quickcheck::{Arbitrary,Gen}; use super::*; - fn rsa1(g: &mut G) -> AlgorithmIdentifier { + const RSA1: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA1, algo: PublicKeyInfo::RSA - } - } + }; - fn rsa224(g: &mut G) -> AlgorithmIdentifier { + const RSA224: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA224, algo: PublicKeyInfo::RSA - } - } + }; - fn rsa256(g: &mut G) -> AlgorithmIdentifier { + const RSA256: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA256, algo: PublicKeyInfo::RSA - } - } + }; - fn rsa384(g: &mut G) -> AlgorithmIdentifier { + const RSA384: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA384, algo: PublicKeyInfo::RSA - } - } + }; - fn rsa512(g: &mut G) -> AlgorithmIdentifier { + const RSA512: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA512, algo: PublicKeyInfo::RSA - } - } + }; - fn dsa1(g: &mut G) -> AlgorithmIdentifier { + const DSA1: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA1, algo: PublicKeyInfo::DSA - } - } + }; - fn dsa224(g: &mut G) -> AlgorithmIdentifier { + const DSA224: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA224, algo: PublicKeyInfo::DSA - } - } + }; - fn dsa256(g: &mut G) -> AlgorithmIdentifier { + const DSA256: AlgorithmIdentifier = AlgorithmIdentifier{ hash: HashAlgorithm::SHA256, algo: PublicKeyInfo::DSA - } - } + }; + + const EC1: AlgorithmIdentifier = + AlgorithmIdentifier{ + hash: HashAlgorithm::SHA1, + algo: PublicKeyInfo::EC + }; + + const EC224: AlgorithmIdentifier = + AlgorithmIdentifier{ + hash: HashAlgorithm::SHA224, + algo: PublicKeyInfo::EC + }; + + const EC256: AlgorithmIdentifier = + AlgorithmIdentifier{ + hash: HashAlgorithm::SHA256, + algo: PublicKeyInfo::EC + }; + + const EC384: AlgorithmIdentifier = + AlgorithmIdentifier{ + hash: HashAlgorithm::SHA384, + algo: PublicKeyInfo::EC + }; + + const EC512: AlgorithmIdentifier = + AlgorithmIdentifier{ + hash: HashAlgorithm::SHA512, + algo: PublicKeyInfo::EC + }; impl Arbitrary for AlgorithmIdentifier { fn arbitrary(g: &mut G) -> AlgorithmIdentifier { - let opts = [rsa1,rsa224,rsa256,rsa384,rsa512,dsa1,dsa224,dsa256]; - let f = g.choose(&opts).unwrap(); - f(g) + let opts = [RSA1, RSA224, RSA256, RSA384, RSA512, + DSA1, DSA224, DSA256, + EC1, EC224, EC256, EC384, EC512]; + g.choose(&opts).unwrap().clone() } } diff --git a/src/lib.rs b/src/lib.rs index ae399f2..2a2dde1 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -19,8 +19,6 @@ mod name; mod publickey; mod validity; -use digest::{Input,FixedOutput}; - use algident::{AlgorithmIdentifier,HashAlgorithm,PublicKeyInfo, decode_algorithm_ident}; use atv::InfoBlock; @@ -28,7 +26,7 @@ use error::X509ParseError; use misc::{X509Serial,X509Version,decode_signature}; use publickey::X509PublicKey; use sha1::Sha1; -use sha2::{Sha224,Sha256,Sha384,Sha512}; +use sha2::{Sha224,Sha256}; use simple_asn1::{ASN1Block,FromASN1,der_decode,from_der}; use simple_rsa::{SIGNING_HASH_SHA1, SIGNING_HASH_SHA224, SIGNING_HASH_SHA256, SIGNING_HASH_SHA384, SIGNING_HASH_SHA512}; @@ -80,7 +78,7 @@ fn decode_certificate(x: &ASN1Block) let (issuer, b4) = InfoBlock::from_asn1(b3)?; let (validity, b5) = Validity::from_asn1(b4)?; let (subject, b6) = InfoBlock::from_asn1(b5)?; - let (subkey, b7) = X509PublicKey::from_asn1(b6)?; + let (subkey, _ ) = X509PublicKey::from_asn1(b6)?; Ok(Certificate { version: version, serial: serial, @@ -103,7 +101,7 @@ fn decode_certificate(x: &ASN1Block) * ******************************************************************************/ -fn parse_x509(buffer: &[u8]) -> Result { +pub fn parse_x509(buffer: &[u8]) -> Result { let blocks = from_der(&buffer[..])?; match blocks.first() { None => diff --git a/src/publickey.rs b/src/publickey.rs index 6e824eb..541370d 100644 --- a/src/publickey.rs +++ b/src/publickey.rs @@ -1,10 +1,8 @@ -use algident::SigAlgEncodeError; use error::X509ParseError; -use num::BigUint; -use num::bigint::ToBigInt; +use num::{BigInt,BigUint}; use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1, - der_decode,der_encode,from_der,to_der}; -use simple_dsa::{DSAParameterSize,DSAParameters,DSAPublicKey}; + der_decode,der_encode,from_der}; +use simple_dsa::{DSAParameters,DSAPublicKey}; use simple_rsa::RSAPublicKey; #[derive(Clone,Debug,PartialEq)] @@ -61,13 +59,18 @@ fn decode_public_key(block: &ASN1Block) let key = decode_dsa_key(&info[1], ¶ms)?; return Ok(X509PublicKey::DSA(key)); } else { + println!("Bad malginfo: {:?}", malginfo); + println!("info[0]: {:?}", info[0]); return Err(X509ParseError::IllFormedKey) } } + println!("Bad OID: {:?}", id); Err(X509ParseError::IllFormedKey) } - _ => + _ => { + println!("Bad block: {:?}", block); Err(X509ParseError::IllFormedKey) + } } } @@ -107,8 +110,10 @@ fn encode_dsa_pubkey(c: ASN1Class, key: &DSAPublicKey) -> Result { let objoid = ASN1Block::ObjectIdentifier(c, 0, oid!(1,2,840,10040,4,1)); + let objparams = encode_dsa_info(c, &key.params); let objkey = encode_dsa_key(c, key)?; - Ok(ASN1Block::Sequence(c, 0, vec![objoid, objkey])) + let headinfo = ASN1Block::Sequence(c, 0, vec![objoid, objparams]); + Ok(ASN1Block::Sequence(c, 0, vec![headinfo, objkey])) } fn encode_rsa_key(c: ASN1Class, k: &RSAPublicKey) @@ -175,20 +180,11 @@ fn decode_dsa_info(v: &ASN1Block) } } -fn encode_dsa_info(c: ASN1Class, params: &DSAParameters) - -> Result -{ - match (params.p.to_bigint(), params.q.to_bigint(), params.g.to_bigint()) { - (Some(pbs), Some(qbs), Some(gbs)) => { - let pb = ASN1Block::Integer(c, 0, pbs); - let qb = ASN1Block::Integer(c, 0, qbs); - let gb = ASN1Block::Integer(c, 0, gbs); - let vs = vec![pb, qb, gb]; - Ok(ASN1Block::Sequence(c, 0, vs)) - } - _ => - Err(SigAlgEncodeError::InvalidDSAValue) - } +fn encode_dsa_info(c: ASN1Class, params: &DSAParameters) -> ASN1Block { + let p = ASN1Block::Integer(c, 0, BigInt::from(params.p.clone())); + let q = ASN1Block::Integer(c, 0, BigInt::from(params.q.clone())); + let g = ASN1Block::Integer(c, 0, BigInt::from(params.g.clone())); + ASN1Block::Sequence(c, 0, vec![p, q, g]) } fn decode_biguint(b: &ASN1Block) -> Result { @@ -208,13 +204,13 @@ fn decode_biguint(b: &ASN1Block) -> Result { #[cfg(test)] mod test { - use simple_dsa::DSAKeyPair; + use simple_dsa::{DSAParameterSize,DSAKeyPair}; use simple_rsa::RSAKeyPair; use super::*; const NUM_TESTS: usize = 1; - //#[test] + #[test] fn rsa_public_key_tests() { for _ in 0..NUM_TESTS { let pair = RSAKeyPair::generate(2048).unwrap(); @@ -229,7 +225,7 @@ mod test { } } - // #[test] + #[test] fn dsa_public_key_tests() { for _ in 0..NUM_TESTS { let params = DSAParameters::generate(DSAParameterSize::L1024N160).unwrap(); diff --git a/src/validity.rs b/src/validity.rs index ca4d8b2..13f95e5 100644 --- a/src/validity.rs +++ b/src/validity.rs @@ -79,13 +79,13 @@ mod test { fn arbitrary_date(g: &mut G) -> DateTime { loop { - let y = g.gen_range::(1900,3000); - let m = g.gen_range::(0,12); - let d = g.gen_range::(0,31); - let h = g.gen_range::(0,24); - let m = g.gen_range::(0,60); - let s = g.gen_range::(0,60); - match Utc.ymd_opt(y,m,d).and_hms_opt(h,m,s) { + let y = g.gen_range::(1900,3000); + let mo = g.gen_range::(0,12); + let d = g.gen_range::(0,31); + let h = g.gen_range::(0,24); + let mi = g.gen_range::(0,60); + let s = g.gen_range::(0,60); + match Utc.ymd_opt(y,mo,d).and_hms_opt(h,mi,s) { LocalResult::None => continue, LocalResult::Single(x) =>