Fix warnings, and make DSA key encoding work.

2018-01-21 11:19:05 -08:00
parent d2fb3f7c43
commit ab8bc272cf
4 changed files with 80 additions and 64 deletions
--- a/src/algident.rs
+++ b/src/algident.rs
@@ -1,6 +1,5 @@
 use error::X509ParseError;
 use num::BigUint;
-use num::bigint::ToBigInt;
 use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1};

 #[derive(Clone,Copy,Debug,PartialEq)]
@@ -270,67 +269,90 @@ mod test {
    use quickcheck::{Arbitrary,Gen};
    use super::*;

-    fn rsa1<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const RSA1: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA1,
            algo: PublicKeyInfo::RSA
-        }
-    }
+        };

-    fn rsa224<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const RSA224: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA224,
            algo: PublicKeyInfo::RSA
-        }
-    }
+        };

-    fn rsa256<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const RSA256: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA256,
            algo: PublicKeyInfo::RSA
-        }
-    }
+        };

-    fn rsa384<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const RSA384: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA384,
            algo: PublicKeyInfo::RSA
-        }
-    }
+        };

-    fn rsa512<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const RSA512: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA512,
            algo: PublicKeyInfo::RSA
-        }
-    }
+        };

-    fn dsa1<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const DSA1: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA1,
            algo: PublicKeyInfo::DSA
-        }
-    }
+        };

-    fn dsa224<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const DSA224: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA224,
            algo: PublicKeyInfo::DSA
-        }
-    }
+        };

-    fn dsa256<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
+    const DSA256: AlgorithmIdentifier =
        AlgorithmIdentifier{
            hash: HashAlgorithm::SHA256,
            algo: PublicKeyInfo::DSA
-        }
-    }
+        };
+
+    const EC1: AlgorithmIdentifier =
+        AlgorithmIdentifier{
+            hash: HashAlgorithm::SHA1,
+            algo: PublicKeyInfo::EC
+        };
+
+    const EC224: AlgorithmIdentifier =
+        AlgorithmIdentifier{
+            hash: HashAlgorithm::SHA224,
+            algo: PublicKeyInfo::EC
+        };
+
+    const EC256: AlgorithmIdentifier =
+        AlgorithmIdentifier{
+            hash: HashAlgorithm::SHA256,
+            algo: PublicKeyInfo::EC
+        };
+
+    const EC384: AlgorithmIdentifier =
+        AlgorithmIdentifier{
+            hash: HashAlgorithm::SHA384,
+            algo: PublicKeyInfo::EC
+        };
+
+    const EC512: AlgorithmIdentifier =
+        AlgorithmIdentifier{
+            hash: HashAlgorithm::SHA512,
+            algo: PublicKeyInfo::EC
+        };

    impl Arbitrary for AlgorithmIdentifier {
        fn arbitrary<G: Gen>(g: &mut G) -> AlgorithmIdentifier {
-            let opts = [rsa1,rsa224,rsa256,rsa384,rsa512,dsa1,dsa224,dsa256];
-            let f = g.choose(&opts).unwrap();
-            f(g)
+            let opts = [RSA1, RSA224, RSA256, RSA384, RSA512,
+                        DSA1, DSA224, DSA256,
+                        EC1, EC224, EC256, EC384, EC512];
+            g.choose(&opts).unwrap().clone()
        }
    }

--- a/src/lib.rs
+++ b/src/lib.rs
@@ -19,8 +19,6 @@ mod name;
 mod publickey;
 mod validity;

-use digest::{Input,FixedOutput};
-
 use algident::{AlgorithmIdentifier,HashAlgorithm,PublicKeyInfo,
               decode_algorithm_ident};
 use atv::InfoBlock;
@@ -28,7 +26,7 @@ use error::X509ParseError;
 use misc::{X509Serial,X509Version,decode_signature};
 use publickey::X509PublicKey;
 use sha1::Sha1;
-use sha2::{Sha224,Sha256,Sha384,Sha512};
+use sha2::{Sha224,Sha256};
 use simple_asn1::{ASN1Block,FromASN1,der_decode,from_der};
 use simple_rsa::{SIGNING_HASH_SHA1, SIGNING_HASH_SHA224, SIGNING_HASH_SHA256,
                 SIGNING_HASH_SHA384, SIGNING_HASH_SHA512};
@@ -80,7 +78,7 @@ fn decode_certificate(x: &ASN1Block)
            let (issuer,   b4) = InfoBlock::from_asn1(b3)?;
            let (validity, b5) = Validity::from_asn1(b4)?;
            let (subject,  b6) = InfoBlock::from_asn1(b5)?;
-            let (subkey,   b7) = X509PublicKey::from_asn1(b6)?;
+            let (subkey,   _ ) = X509PublicKey::from_asn1(b6)?;
            Ok(Certificate {
                version: version,
                serial: serial,
@@ -103,7 +101,7 @@ fn decode_certificate(x: &ASN1Block)
 *
 ******************************************************************************/

-fn parse_x509(buffer: &[u8]) -> Result<Certificate,X509ParseError> {
+pub fn parse_x509(buffer: &[u8]) -> Result<Certificate,X509ParseError> {
    let blocks = from_der(&buffer[..])?;
    match blocks.first() {
        None =>
--- a/src/publickey.rs
+++ b/src/publickey.rs
@@ -1,10 +1,8 @@
-use algident::SigAlgEncodeError;
 use error::X509ParseError;
-use num::BigUint;
-use num::bigint::ToBigInt;
+use num::{BigInt,BigUint};
 use simple_asn1::{ASN1Block,ASN1Class,ASN1EncodeErr,FromASN1,OID,ToASN1,
-                  der_decode,der_encode,from_der,to_der};
-use simple_dsa::{DSAParameterSize,DSAParameters,DSAPublicKey};
+                  der_decode,der_encode,from_der};
+use simple_dsa::{DSAParameters,DSAPublicKey};
 use simple_rsa::RSAPublicKey;

 #[derive(Clone,Debug,PartialEq)]
@@ -61,15 +59,20 @@ fn decode_public_key(block: &ASN1Block)
                    let key = decode_dsa_key(&info[1], &params)?;
                    return Ok(X509PublicKey::DSA(key));
                } else {
+                    println!("Bad malginfo: {:?}", malginfo);
+                    println!("info[0]: {:?}", info[0]);
                    return Err(X509ParseError::IllFormedKey)
                }
            }
+            println!("Bad OID: {:?}", id);
            Err(X509ParseError::IllFormedKey)
        }
-        _ =>
+        _ => {
+            println!("Bad block: {:?}", block);
            Err(X509ParseError::IllFormedKey)
        }
    }
+}

 fn strip_algident(block: &ASN1Block)
    -> Result<(OID, Option<ASN1Block>),X509ParseError>
@@ -107,8 +110,10 @@ fn encode_dsa_pubkey(c: ASN1Class, key: &DSAPublicKey)
    -> Result<ASN1Block, ASN1EncodeErr>
 {
    let objoid = ASN1Block::ObjectIdentifier(c, 0, oid!(1,2,840,10040,4,1));
+    let objparams = encode_dsa_info(c, &key.params);
    let objkey = encode_dsa_key(c, key)?;
-    Ok(ASN1Block::Sequence(c, 0, vec![objoid, objkey]))
+    let headinfo = ASN1Block::Sequence(c, 0, vec![objoid, objparams]);
+    Ok(ASN1Block::Sequence(c, 0, vec![headinfo, objkey]))
 }

 fn encode_rsa_key(c: ASN1Class, k: &RSAPublicKey)
@@ -175,20 +180,11 @@ fn decode_dsa_info(v: &ASN1Block)
    }
 }

-fn encode_dsa_info(c: ASN1Class, params: &DSAParameters)
-    -> Result<ASN1Block,SigAlgEncodeError>
-{
-    match (params.p.to_bigint(), params.q.to_bigint(), params.g.to_bigint()) {
-        (Some(pbs), Some(qbs), Some(gbs)) => {
-            let pb = ASN1Block::Integer(c, 0, pbs);
-            let qb = ASN1Block::Integer(c, 0, qbs);
-            let gb = ASN1Block::Integer(c, 0, gbs);
-            let vs = vec![pb, qb, gb];
-            Ok(ASN1Block::Sequence(c, 0, vs))
-        }
-        _ =>
-            Err(SigAlgEncodeError::InvalidDSAValue)
-    }
+fn encode_dsa_info(c: ASN1Class, params: &DSAParameters) -> ASN1Block {
+    let p = ASN1Block::Integer(c, 0, BigInt::from(params.p.clone()));
+    let q = ASN1Block::Integer(c, 0, BigInt::from(params.q.clone()));
+    let g = ASN1Block::Integer(c, 0, BigInt::from(params.g.clone()));
+    ASN1Block::Sequence(c, 0, vec![p, q, g])
 }

 fn decode_biguint(b: &ASN1Block) -> Result<BigUint,X509ParseError> {
@@ -208,13 +204,13 @@ fn decode_biguint(b: &ASN1Block) -> Result<BigUint,X509ParseError> {

 #[cfg(test)]
 mod test {
-    use simple_dsa::DSAKeyPair;
+    use simple_dsa::{DSAParameterSize,DSAKeyPair};
    use simple_rsa::RSAKeyPair;
    use super::*;

    const NUM_TESTS: usize = 1;

-    //#[test]
+    #[test]
    fn rsa_public_key_tests() {
        for _ in 0..NUM_TESTS {
            let pair = RSAKeyPair::generate(2048).unwrap();
@@ -229,7 +225,7 @@ mod test {
        }
    }

-    // #[test]
+    #[test]
    fn dsa_public_key_tests() {
        for _ in 0..NUM_TESTS {
            let params = DSAParameters::generate(DSAParameterSize::L1024N160).unwrap();
--- a/src/validity.rs
+++ b/src/validity.rs
@@ -80,12 +80,12 @@ mod test {
    fn arbitrary_date<G: Gen>(g: &mut G) -> DateTime<Utc> {
        loop {
            let y  = g.gen_range::<i32>(1900,3000);
-            let m = g.gen_range::<u32>(0,12);
+            let mo = g.gen_range::<u32>(0,12);
            let d  = g.gen_range::<u32>(0,31);
            let h  = g.gen_range::<u32>(0,24);
-            let m = g.gen_range::<u32>(0,60);
+            let mi = g.gen_range::<u32>(0,60);
            let s  = g.gen_range::<u32>(0,60);
-            match Utc.ymd_opt(y,m,d).and_hms_opt(h,m,s) {
+            match Utc.ymd_opt(y,mo,d).and_hms_opt(h,mi,s) {
                LocalResult::None =>
                    continue,
                LocalResult::Single(x) =>