Move OID constants into a separate module.

2022-05-04 15:17:35 +02:00 · 2022-05-04 15:17:35 +02:00 · 92b7043373
commit 92b7043373
parent e49d0bd19b
4 changed files with 48 additions and 27 deletions
--- a/openpgp-card/src/algorithm.rs
+++ b/openpgp-card/src/algorithm.rs
@ -11,7 +11,7 @@

 use crate::card_do::ApplicationRelatedData;
 use crate::crypto_data::EccType;
-use crate::{keys, Error, KeyType};
+use crate::{keys, oid, Error, KeyType};

 use std::convert::TryFrom;
 use std::fmt;
@ -313,17 +313,17 @@ impl Curve {
    pub fn oid(&self) -> &[u8] {
        use Curve::*;
        match self {
-            NistP256r1 => &[0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07],
-            NistP384r1 => &[0x2B, 0x81, 0x04, 0x00, 0x22],
-            NistP521r1 => &[0x2B, 0x81, 0x04, 0x00, 0x23],
-            BrainpoolP256r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07],
-            BrainpoolP384r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b],
-            BrainpoolP512r1 => &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d],
-            Secp256k1 => &[0x2B, 0x81, 0x04, 0x00, 0x0A],
-            Ed25519 => &[0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01],
-            Cv25519 => &[0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01],
-            Ed448 => &[0x2b, 0x65, 0x71],
-            X448 => &[0x2b, 0x65, 0x6f],
+            NistP256r1 => oid::NIST_P256R1,
+            NistP384r1 => oid::NIST_P384R1,
+            NistP521r1 => oid::NIST_P521R1,
+            BrainpoolP256r1 => oid::BRAINPOOL_P256R1,
+            BrainpoolP384r1 => oid::BRAINPOOL_P384R1,
+            BrainpoolP512r1 => oid::BRAINPOOL_P512R1,
+            Secp256k1 => oid::SECP256K1,
+            Ed25519 => oid::ED25519,
+            Cv25519 => oid::CV25519,
+            Ed448 => oid::ED448,
+            X448 => oid::X448,
        }
    }
 }
@ -335,21 +335,21 @@ impl TryFrom<&[u8]> for Curve {
        use Curve::*;

        let curve = match oid {
-            [0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07] => NistP256r1,
-            [0x2B, 0x81, 0x04, 0x00, 0x22] => NistP384r1,
-            [0x2B, 0x81, 0x04, 0x00, 0x23] => NistP521r1,
+            oid::NIST_P256R1 => NistP256r1,
+            oid::NIST_P384R1 => NistP384r1,
+            oid::NIST_P521R1 => NistP521r1,

-            [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07] => BrainpoolP256r1,
-            [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b] => BrainpoolP384r1,
-            [0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d] => BrainpoolP512r1,
+            oid::BRAINPOOL_P256R1 => BrainpoolP256r1,
+            oid::BRAINPOOL_P384R1 => BrainpoolP384r1,
+            oid::BRAINPOOL_P512R1 => BrainpoolP512r1,

-            [0x2B, 0x81, 0x04, 0x00, 0x0A] => Secp256k1,
+            oid::SECP256K1 => Secp256k1,

-            [0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01] => Ed25519,
-            [0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01] => Cv25519,
+            oid::ED25519 => Ed25519,
+            oid::CV25519 => Cv25519,

-            [0x2b, 0x65, 0x71] => Ed448,
-            [0x2b, 0x65, 0x6f] => X448,
+            oid::ED448 => Ed448,
+            oid::X448 => X448,

            _ => return Err(Error::ParseError(format!("Unknown curve OID {:?}", oid))),
        };
--- a/openpgp-card/src/crypto_data.rs
+++ b/openpgp-card/src/crypto_data.rs
@ -7,7 +7,7 @@

 use crate::algorithm::Algo;
 use crate::card_do::{Fingerprint, KeyGenerationTime};
-use crate::Error;
+use crate::{oid, Error};

 /// A hash value that can be signed by the card.
 #[non_exhaustive]
@ -24,9 +24,9 @@ impl Hash<'_> {
    /// digestinfo for SHA*. Other OIDs are not implemented.
    pub(crate) fn oid(&self) -> Option<&'static [u8]> {
        match self {
-            Self::SHA256(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01]),
-            Self::SHA384(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02]),
-            Self::SHA512(_) => Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03]),
+            Self::SHA256(_) => Some(oid::SHA256),
+            Self::SHA384(_) => Some(oid::SHA384),
+            Self::SHA512(_) => Some(oid::SHA512),
            Self::EdDSA(_) => panic!("OIDs for EdDSA are unimplemented"),
            Self::ECDSA(_) => panic!("OIDs for ECDSA are unimplemented"),
        }
--- a/openpgp-card/src/lib.rs
+++ b/openpgp-card/src/lib.rs
@ -33,6 +33,7 @@ pub mod card_do;
 pub mod crypto_data;
 mod errors;
 pub(crate) mod keys;
+mod oid;
 mod openpgp;
 mod tlv;

--- a/openpgp-card/src/oid.rs
+++ b/openpgp-card/src/oid.rs
@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: 2022 Heiko Schaefer <heiko@schaefer.name>
+// SPDX-License-Identifier: MIT OR Apache-2.0
+
+//! OID constants
+
+pub(crate) const NIST_P256R1: &[u8] = &[0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07];
+pub(crate) const NIST_P384R1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x22];
+pub(crate) const NIST_P521R1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x23];
+pub(crate) const BRAINPOOL_P256R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07];
+pub(crate) const BRAINPOOL_P384R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0b];
+pub(crate) const BRAINPOOL_P512R1: &[u8] = &[0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0d];
+pub(crate) const SECP256K1: &[u8] = &[0x2B, 0x81, 0x04, 0x00, 0x0A];
+pub(crate) const ED25519: &[u8] = &[0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01];
+pub(crate) const CV25519: &[u8] = &[0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01];
+pub(crate) const ED448: &[u8] = &[0x2b, 0x65, 0x71];
+pub(crate) const X448: &[u8] = &[0x2b, 0x65, 0x6f];
+
+pub(crate) const SHA256: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01];
+pub(crate) const SHA384: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02];
+pub(crate) const SHA512: &[u8] = &[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03];