Skip to content

Commit

Permalink
ed25519: pkcs8 API changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@baloo
baloo committed Sep 5, 2024
1 parent c758481 commit f9ef2eb
Showing 1 changed file with 16 additions and 8 deletions.
24 changes: 16 additions & 8 deletions ed25519/src/pkcs8.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,17 @@
//! breaking changes when using this module.

pub use pkcs8::{
spki, DecodePrivateKey, DecodePublicKey, Error, ObjectIdentifier, PrivateKeyInfo, Result,
spki, DecodePrivateKey, DecodePublicKey, Error, ObjectIdentifier, PrivateKeyInfoRef, Result,
};

#[cfg(feature = "alloc")]
pub use pkcs8::{spki::EncodePublicKey, EncodePrivateKey};

#[cfg(feature = "alloc")]
pub use pkcs8::der::{asn1::BitStringRef, Document, SecretDocument};
pub use pkcs8::der::{
asn1::{BitStringRef, OctetStringRef},
Document, SecretDocument,
};

use core::fmt;

Expand Down Expand Up @@ -128,10 +131,14 @@ impl EncodePrivateKey for KeypairBytes {
private_key[1] = 0x20;
private_key[2..].copy_from_slice(&self.secret_key);

let private_key_info = PrivateKeyInfo {
let private_key_info = PrivateKeyInfoRef {
algorithm: ALGORITHM_ID,
private_key: &private_key,
public_key: self.public_key.as_ref().map(|pk| pk.0.as_slice()),
private_key: OctetStringRef::new(&private_key)?,
public_key: self
.public_key
.as_ref()
.map(|pk| BitStringRef::new(0, &pk.0))
.transpose()?,
};

let result = SecretDocument::encode_msg(&private_key_info)?;
Expand All @@ -143,10 +150,10 @@ impl EncodePrivateKey for KeypairBytes {
}
}

impl TryFrom<PrivateKeyInfo<'_>> for KeypairBytes {
impl TryFrom<PrivateKeyInfoRef<'_>> for KeypairBytes {
type Error = Error;

fn try_from(private_key: PrivateKeyInfo<'_>) -> Result<Self> {
fn try_from(private_key: PrivateKeyInfoRef<'_>) -> Result<Self> {
private_key.algorithm.assert_algorithm_oid(ALGORITHM_OID)?;

if private_key.algorithm.parameters.is_some() {
Expand All @@ -161,13 +168,14 @@ impl TryFrom<PrivateKeyInfo<'_>> for KeypairBytes {
//
// - 0x04: OCTET STRING tag
// - 0x20: 32-byte length
let secret_key = match private_key.private_key {
let secret_key = match private_key.private_key.as_bytes() {
[0x04, 0x20, rest @ ..] => rest.try_into().map_err(|_| Error::KeyMalformed),
_ => Err(Error::KeyMalformed),
}?;

let public_key = private_key
.public_key
.and_then(|bs| bs.as_bytes())
.map(|bytes| bytes.try_into().map_err(|_| Error::KeyMalformed))
.transpose()?
.map(PublicKeyBytes);
Expand Down

0 comments on commit f9ef2eb

Please sign in to comment.