From 92b7043373a952573574b19465654b3da55987be Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Wed, 4 May 2022 15:17:35 +0200 Subject: [PATCH] Move OID constants into a separate module. --- openpgp-card/src/algorithm.rs | 46 ++++++++++++++++----------------- openpgp-card/src/crypto_data.rs | 8 +++--- openpgp-card/src/lib.rs | 1 + openpgp-card/src/oid.rs | 20 ++++++++++++++ 4 files changed, 48 insertions(+), 27 deletions(-) create mode 100644 openpgp-card/src/oid.rs diff --git a/openpgp-card/src/algorithm.rs b/openpgp-card/src/algorithm.rs index 73ba6fb..e37a515 100644 --- a/openpgp-card/src/algorithm.rs +++ b/openpgp-card/src/algorithm.rs @@ -11,7 +11,7 @@ use crate::card_do::ApplicationRelatedData; use crate::crypto_data::EccType; -use crate::{keys, Error, KeyType}; +use crate::{keys, oid, Error, KeyType}; use std::convert::TryFrom; use std::fmt; @@ -313,17 +313,17 @@ impl Curve { pub fn oid(&self) -> &[u8] { use Curve::*; match self { - NistP256r1 => &[0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07], - NistP384r1 => &[0x2B, 0x81, 0x04, 0x00, 0x22], - NistP521r1 => &[0x2B, 0x81, 0x04, 0x00, 0x23], - BrainpoolP256r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07], - BrainpoolP384r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b], - BrainpoolP512r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d], - Secp256k1 => &[0x2B, 0x81, 0x04, 0x00, 0x0A], - Ed25519 => &[0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01], - Cv25519 => &[0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01], - Ed448 => &[0x2b, 0x65, 0x71], - X448 => &[0x2b, 0x65, 0x6f], + NistP256r1 => oid::NIST_P256R1, + NistP384r1 => oid::NIST_P384R1, + NistP521r1 => oid::NIST_P521R1, + BrainpoolP256r1 => oid::BRAINPOOL_P256R1, + BrainpoolP384r1 => oid::BRAINPOOL_P384R1, + BrainpoolP512r1 => oid::BRAINPOOL_P512R1, + Secp256k1 => oid::SECP256K1, + Ed25519 => oid::ED25519, + Cv25519 => oid::CV25519, + Ed448 => oid::ED448, + X448 => oid::X448, } } } @@ -335,21 +335,21 @@ impl TryFrom<&[u8]> for Curve { use Curve::*; let curve = match oid { - [0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07] => NistP256r1, - [0x2B, 0x81, 0x04, 0x00, 0x22] => NistP384r1, - [0x2B, 0x81, 0x04, 0x00, 0x23] => NistP521r1, + oid::NIST_P256R1 => NistP256r1, + oid::NIST_P384R1 => NistP384r1, + oid::NIST_P521R1 => NistP521r1, - [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07] => BrainpoolP256r1, - [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b] => BrainpoolP384r1, - [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d] => BrainpoolP512r1, + oid::BRAINPOOL_P256R1 => BrainpoolP256r1, + oid::BRAINPOOL_P384R1 => BrainpoolP384r1, + oid::BRAINPOOL_P512R1 => BrainpoolP512r1, - [0x2B, 0x81, 0x04, 0x00, 0x0A] => Secp256k1, + oid::SECP256K1 => Secp256k1, - [0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01] => Ed25519, - [0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01] => Cv25519, + oid::ED25519 => Ed25519, + oid::CV25519 => Cv25519, - [0x2b, 0x65, 0x71] => Ed448, - [0x2b, 0x65, 0x6f] => X448, + oid::ED448 => Ed448, + oid::X448 => X448, _ => return Err(Error::ParseError(format!("Unknown curve OID {:?}", oid))), }; diff --git a/openpgp-card/src/crypto_data.rs b/openpgp-card/src/crypto_data.rs index 0ecb984..1867617 100644 --- a/openpgp-card/src/crypto_data.rs +++ b/openpgp-card/src/crypto_data.rs @@ -7,7 +7,7 @@ use crate::algorithm::Algo; use crate::card_do::{Fingerprint, KeyGenerationTime}; -use crate::Error; +use crate::{oid, Error}; /// A hash value that can be signed by the card. #[non_exhaustive] @@ -24,9 +24,9 @@ impl Hash<'_> { /// digestinfo for SHA*. Other OIDs are not implemented. pub(crate) fn oid(&self) -> Option<&'static [u8]> { match self { - Self::SHA256(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01]), - Self::SHA384(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02]), - Self::SHA512(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03]), + Self::SHA256(_) => Some(oid::SHA256), + Self::SHA384(_) => Some(oid::SHA384), + Self::SHA512(_) => Some(oid::SHA512), Self::EdDSA(_) => panic!("OIDs for EdDSA are unimplemented"), Self::ECDSA(_) => panic!("OIDs for ECDSA are unimplemented"), } diff --git a/openpgp-card/src/lib.rs b/openpgp-card/src/lib.rs index 6dc574e..545c834 100644 --- a/openpgp-card/src/lib.rs +++ b/openpgp-card/src/lib.rs @@ -33,6 +33,7 @@ pub mod card_do; pub mod crypto_data; mod errors; pub(crate) mod keys; +mod oid; mod openpgp; mod tlv; diff --git a/openpgp-card/src/oid.rs b/openpgp-card/src/oid.rs new file mode 100644 index 0000000..18f3c2e --- /dev/null +++ b/openpgp-card/src/oid.rs @@ -0,0 +1,20 @@ +// SPDX-FileCopyrightText: 2022 Heiko Schaefer +// SPDX-License-Identifier: MIT OR Apache-2.0 + +//! OID constants + +pub(crate) const NIST_P256R1: &[u8] = &[0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07]; +pub(crate) const NIST_P384R1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x22]; +pub(crate) const NIST_P521R1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x23]; +pub(crate) const BRAINPOOL_P256R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07]; +pub(crate) const BRAINPOOL_P384R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b]; +pub(crate) const BRAINPOOL_P512R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d]; +pub(crate) const SECP256K1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x0A]; +pub(crate) const ED25519: &[u8] = &[0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01]; +pub(crate) const CV25519: &[u8] = &[0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01]; +pub(crate) const ED448: &[u8] = &[0x2b, 0x65, 0x71]; +pub(crate) const X448: &[u8] = &[0x2b, 0x65, 0x6f]; + +pub(crate) const SHA256: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01]; +pub(crate) const SHA384: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02]; +pub(crate) const SHA512: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03];