acw/simple_x509
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix warnings, and make DSA key encoding work.

Browse Source
This commit is contained in:
Adam Wick
2018-01-21 11:19:05 -08:00
parent d2fb3f7c43
commit ab8bc272cf
4 changed files with 80 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
src/algident.rs
View File

@@ -1,6 +1,5 @@
use error::X509ParseError; use error::X509ParseError;
use num::BigUint; use num::BigUint;
use num::bigint::ToBigInt;
use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1}; use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1};
#[derive(Clone,Copy,Debug,PartialEq)] #[derive(Clone,Copy,Debug,PartialEq)]
@@ -270,67 +269,90 @@ mod test {
use quickcheck::{Arbitrary,Gen}; use quickcheck::{Arbitrary,Gen};
use super::*; use super::*;
fn rsa1<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const RSA1: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA1, hash: HashAlgorithm::SHA1,
algo: PublicKeyInfo::RSA algo: PublicKeyInfo::RSA
} };
}
fn rsa224<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const RSA224: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA224, hash: HashAlgorithm::SHA224,
algo: PublicKeyInfo::RSA algo: PublicKeyInfo::RSA
} };
}
fn rsa256<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const RSA256: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA256, hash: HashAlgorithm::SHA256,
algo: PublicKeyInfo::RSA algo: PublicKeyInfo::RSA
} };
}
fn rsa384<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const RSA384: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA384, hash: HashAlgorithm::SHA384,
algo: PublicKeyInfo::RSA algo: PublicKeyInfo::RSA
} };
}
fn rsa512<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const RSA512: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA512, hash: HashAlgorithm::SHA512,
algo: PublicKeyInfo::RSA algo: PublicKeyInfo::RSA
} };
}
fn dsa1<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const DSA1: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA1, hash: HashAlgorithm::SHA1,
algo: PublicKeyInfo::DSA algo: PublicKeyInfo::DSA
} };
}
fn dsa224<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const DSA224: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA224, hash: HashAlgorithm::SHA224,
algo: PublicKeyInfo::DSA algo: PublicKeyInfo::DSA
} };
}
fn dsa256<G: Gen>(g: &mut G) -> AlgorithmIdentifier { const DSA256: AlgorithmIdentifier =
AlgorithmIdentifier{ AlgorithmIdentifier{
hash: HashAlgorithm::SHA256, hash: HashAlgorithm::SHA256,
algo: PublicKeyInfo::DSA algo: PublicKeyInfo::DSA
} };
}
const EC1: AlgorithmIdentifier =
AlgorithmIdentifier{
hash: HashAlgorithm::SHA1,
algo: PublicKeyInfo::EC
};
const EC224: AlgorithmIdentifier =
AlgorithmIdentifier{
hash: HashAlgorithm::SHA224,
algo: PublicKeyInfo::EC
};
const EC256: AlgorithmIdentifier =
AlgorithmIdentifier{
hash: HashAlgorithm::SHA256,
algo: PublicKeyInfo::EC
};
const EC384: AlgorithmIdentifier =
AlgorithmIdentifier{
hash: HashAlgorithm::SHA384,
algo: PublicKeyInfo::EC
};
const EC512: AlgorithmIdentifier =
AlgorithmIdentifier{
hash: HashAlgorithm::SHA512,
algo: PublicKeyInfo::EC
};
impl Arbitrary for AlgorithmIdentifier { impl Arbitrary for AlgorithmIdentifier {
fn arbitrary<G: Gen>(g: &mut G) -> AlgorithmIdentifier { fn arbitrary<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
let opts = [rsa1,rsa224,rsa256,rsa384,rsa512,dsa1,dsa224,dsa256]; let opts = [RSA1, RSA224, RSA256, RSA384, RSA512,
let f = g.choose(&opts).unwrap(); DSA1, DSA224, DSA256,
f(g) EC1, EC224, EC256, EC384, EC512];
g.choose(&opts).unwrap().clone()
} }
} }

8
src/lib.rs
View File

@@ -19,8 +19,6 @@ mod name;
mod publickey; mod publickey;
mod validity; mod validity;
use digest::{Input,FixedOutput};
use algident::{AlgorithmIdentifier,HashAlgorithm,PublicKeyInfo, use algident::{AlgorithmIdentifier,HashAlgorithm,PublicKeyInfo,
decode_algorithm_ident}; decode_algorithm_ident};
use atv::InfoBlock; use atv::InfoBlock;
@@ -28,7 +26,7 @@ use error::X509ParseError;
use misc::{X509Serial,X509Version,decode_signature}; use misc::{X509Serial,X509Version,decode_signature};
use publickey::X509PublicKey; use publickey::X509PublicKey;
use sha1::Sha1; use sha1::Sha1;
use sha2::{Sha224,Sha256,Sha384,Sha512}; use sha2::{Sha224,Sha256};
use simple_asn1::{ASN1Block,FromASN1,der_decode,from_der}; use simple_asn1::{ASN1Block,FromASN1,der_decode,from_der};
use simple_rsa::{SIGNING_HASH_SHA1, SIGNING_HASH_SHA224, SIGNING_HASH_SHA256, use simple_rsa::{SIGNING_HASH_SHA1, SIGNING_HASH_SHA224, SIGNING_HASH_SHA256,
SIGNING_HASH_SHA384, SIGNING_HASH_SHA512}; SIGNING_HASH_SHA384, SIGNING_HASH_SHA512};
@@ -80,7 +78,7 @@ fn decode_certificate(x: &ASN1Block)
let (issuer, b4) = InfoBlock::from_asn1(b3)?; let (issuer, b4) = InfoBlock::from_asn1(b3)?;
let (validity, b5) = Validity::from_asn1(b4)?; let (validity, b5) = Validity::from_asn1(b4)?;
let (subject, b6) = InfoBlock::from_asn1(b5)?; let (subject, b6) = InfoBlock::from_asn1(b5)?;
let (subkey, b7) = X509PublicKey::from_asn1(b6)?; let (subkey, _ ) = X509PublicKey::from_asn1(b6)?;
Ok(Certificate { Ok(Certificate {
version: version, version: version,
serial: serial, serial: serial,
@@ -103,7 +101,7 @@ fn decode_certificate(x: &ASN1Block)
* *
******************************************************************************/ ******************************************************************************/
fn parse_x509(buffer: &[u8]) -> Result<Certificate,X509ParseError> { pub fn parse_x509(buffer: &[u8]) -> Result<Certificate,X509ParseError> {
let blocks = from_der(&buffer[..])?; let blocks = from_der(&buffer[..])?;
match blocks.first() { match blocks.first() {
None => None =>

44
src/publickey.rs
View File

@@ -1,10 +1,8 @@
use algident::SigAlgEncodeError;
use error::X509ParseError; use error::X509ParseError;
use num::BigUint; use num::{BigInt,BigUint};
use num::bigint::ToBigInt;
use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1, use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1,
der_decode,der_encode,from_der,to_der}; der_decode,der_encode,from_der};
use simple_dsa::{DSAParameterSize,DSAParameters,DSAPublicKey}; use simple_dsa::{DSAParameters,DSAPublicKey};
use simple_rsa::RSAPublicKey; use simple_rsa::RSAPublicKey;
#[derive(Clone,Debug,PartialEq)] #[derive(Clone,Debug,PartialEq)]
@@ -61,13 +59,18 @@ fn decode_public_key(block: &ASN1Block)
let key = decode_dsa_key(&info[1], &params)?; let key = decode_dsa_key(&info[1], &params)?;
return Ok(X509PublicKey::DSA(key)); return Ok(X509PublicKey::DSA(key));
} else { } else {
println!("Bad malginfo: {:?}", malginfo);
println!("info[0]: {:?}", info[0]);
return Err(X509ParseError::IllFormedKey) return Err(X509ParseError::IllFormedKey)
} }
} }
println!("Bad OID: {:?}", id);
Err(X509ParseError::IllFormedKey) Err(X509ParseError::IllFormedKey)
} }
_ => _ => {
println!("Bad block: {:?}", block);
Err(X509ParseError::IllFormedKey) Err(X509ParseError::IllFormedKey)
}
} }
} }
@@ -107,8 +110,10 @@ fn encode_dsa_pubkey(c: ASN1Class, key: &DSAPublicKey)
-> Result<ASN1Block, ASN1EncodeErr> -> Result<ASN1Block, ASN1EncodeErr>
{ {
let objoid = ASN1Block::ObjectIdentifier(c, 0, oid!(1,2,840,10040,4,1)); let objoid = ASN1Block::ObjectIdentifier(c, 0, oid!(1,2,840,10040,4,1));
let objparams = encode_dsa_info(c, &key.params);
let objkey = encode_dsa_key(c, key)?; let objkey = encode_dsa_key(c, key)?;
Ok(ASN1Block::Sequence(c, 0, vec![objoid, objkey])) let headinfo = ASN1Block::Sequence(c, 0, vec![objoid, objparams]);
Ok(ASN1Block::Sequence(c, 0, vec![headinfo, objkey]))
} }
fn encode_rsa_key(c: ASN1Class, k: &RSAPublicKey) fn encode_rsa_key(c: ASN1Class, k: &RSAPublicKey)
@@ -175,20 +180,11 @@ fn decode_dsa_info(v: &ASN1Block)
} }
} }
fn encode_dsa_info(c: ASN1Class, params: &DSAParameters) fn encode_dsa_info(c: ASN1Class, params: &DSAParameters) -> ASN1Block {
-> Result<ASN1Block,SigAlgEncodeError> let p = ASN1Block::Integer(c, 0, BigInt::from(params.p.clone()));
{ let q = ASN1Block::Integer(c, 0, BigInt::from(params.q.clone()));
match (params.p.to_bigint(), params.q.to_bigint(), params.g.to_bigint()) { let g = ASN1Block::Integer(c, 0, BigInt::from(params.g.clone()));
(Some(pbs), Some(qbs), Some(gbs)) => { ASN1Block::Sequence(c, 0, vec![p, q, g])
let pb = ASN1Block::Integer(c, 0, pbs);
let qb = ASN1Block::Integer(c, 0, qbs);
let gb = ASN1Block::Integer(c, 0, gbs);
let vs = vec![pb, qb, gb];
Ok(ASN1Block::Sequence(c, 0, vs))
}
_ =>
Err(SigAlgEncodeError::InvalidDSAValue)
}
} }
fn decode_biguint(b: &ASN1Block) -> Result<BigUint,X509ParseError> { fn decode_biguint(b: &ASN1Block) -> Result<BigUint,X509ParseError> {
@@ -208,13 +204,13 @@ fn decode_biguint(b: &ASN1Block) -> Result<BigUint,X509ParseError> {
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use simple_dsa::DSAKeyPair; use simple_dsa::{DSAParameterSize,DSAKeyPair};
use simple_rsa::RSAKeyPair; use simple_rsa::RSAKeyPair;
use super::*; use super::*;
const NUM_TESTS: usize = 1; const NUM_TESTS: usize = 1;
//#[test] #[test]
fn rsa_public_key_tests() { fn rsa_public_key_tests() {
for _ in 0..NUM_TESTS { for _ in 0..NUM_TESTS {
let pair = RSAKeyPair::generate(2048).unwrap(); let pair = RSAKeyPair::generate(2048).unwrap();
@@ -229,7 +225,7 @@ mod test {
} }
} }
// #[test] #[test]
fn dsa_public_key_tests() { fn dsa_public_key_tests() {
for _ in 0..NUM_TESTS { for _ in 0..NUM_TESTS {
let params = DSAParameters::generate(DSAParameterSize::L1024N160).unwrap(); let params = DSAParameters::generate(DSAParameterSize::L1024N160).unwrap();

14
src/validity.rs
View File

@@ -79,13 +79,13 @@ mod test {
fn arbitrary_date<G: Gen>(g: &mut G) -> DateTime<Utc> { fn arbitrary_date<G: Gen>(g: &mut G) -> DateTime<Utc> {
loop { loop {
let y = g.gen_range::<i32>(1900,3000); let y = g.gen_range::<i32>(1900,3000);
let m = g.gen_range::<u32>(0,12); let mo = g.gen_range::<u32>(0,12);
let d = g.gen_range::<u32>(0,31); let d = g.gen_range::<u32>(0,31);
let h = g.gen_range::<u32>(0,24); let h = g.gen_range::<u32>(0,24);
let m = g.gen_range::<u32>(0,60); let mi = g.gen_range::<u32>(0,60);
let s = g.gen_range::<u32>(0,60); let s = g.gen_range::<u32>(0,60);
match Utc.ymd_opt(y,m,d).and_hms_opt(h,m,s) { match Utc.ymd_opt(y,mo,d).and_hms_opt(h,mi,s) {
LocalResult::None => LocalResult::None =>
continue, continue,
LocalResult::Single(x) => LocalResult::Single(x) =>