Make SubjectPublicKeyInfo generic around Params

Author: tarcieri

pkcs1/src/traits.rs

@@ -183,7 +183,7 @@ impl<T: pkcs8::DecodePrivateKey> DecodeRsaPrivateKey for T {
 #[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
 impl<T: pkcs8::DecodePublicKey> DecodeRsaPublicKey for T {
     fn from_pkcs1_der(public_key: &[u8]) -> Result<Self> {
-        Ok(Self::try_from(pkcs8::SubjectPublicKeyInfo {
+        Ok(Self::try_from(pkcs8::SubjectPublicKeyInfoRef {
             algorithm: ALGORITHM_ID,
             subject_public_key: public_key,
         })?)
@@ -206,7 +206,7 @@ impl<T: pkcs8::EncodePrivateKey> EncodeRsaPrivateKey for T {
 impl<T: pkcs8::EncodePublicKey> EncodeRsaPublicKey for T {
     fn to_pkcs1_der(&self) -> Result<Document> {
         let doc = self.to_public_key_der()?;
-        let spki = pkcs8::SubjectPublicKeyInfo::from_der(doc.as_bytes())?;
+        let spki = pkcs8::SubjectPublicKeyInfoRef::from_der(doc.as_bytes())?;
         spki.algorithm.assert_algorithm_oid(ALGORITHM_OID)?;
         RsaPublicKey::from_der(spki.subject_public_key)?.try_into()
     }

pkcs8/src/lib.rs

@@ -83,7 +83,9 @@ pub use crate::{
     version::Version,
 };
 pub use der::{self, asn1::ObjectIdentifier, oid::AssociatedOid};
-pub use spki::{self, AlgorithmIdentifierRef, DecodePublicKey, SubjectPublicKeyInfo};
+pub use spki::{
+    self, AlgorithmIdentifierRef, DecodePublicKey, SubjectPublicKeyInfo, SubjectPublicKeyInfoRef,
+};
 
 #[cfg(feature = "alloc")]
 #[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]

spki/src/lib.rs

@@ -43,7 +43,7 @@ mod fingerprint;
 pub use crate::{
     algorithm::{AlgorithmIdentifier, AlgorithmIdentifierRef},
     error::{Error, Result},
-    spki::SubjectPublicKeyInfo,
+    spki::{SubjectPublicKeyInfo, SubjectPublicKeyInfoRef},
     traits::DecodePublicKey,
 };
 pub use der::{self, asn1::ObjectIdentifier};

spki/src/spki.rs

@@ -1,9 +1,10 @@
 //! X.509 `SubjectPublicKeyInfo`
 
-use crate::{AlgorithmIdentifierRef, Error, Result};
+use crate::{AlgorithmIdentifier, Error, Result};
 use core::cmp::Ordering;
 use der::{
-    asn1::BitStringRef, Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd,
+    asn1::{AnyRef, BitStringRef},
+    Choice, Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd,
 };
 
 #[cfg(feature = "alloc")]
@@ -21,8 +22,8 @@ use {
 #[cfg(feature = "pem")]
 use der::pem::PemLabel;
 
-#[cfg(doc)]
-use crate::AlgorithmIdentifier;
+/// [`SubjectPublicKeyInfo`] with [`AnyRef`] algorithm parameters.
+pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<'a, AnyRef<'a>>;
 
 /// X.509 `SubjectPublicKeyInfo` (SPKI) as defined in [RFC 5280 § 4.1.2.7].
 ///
@@ -37,15 +38,25 @@ use crate::AlgorithmIdentifier;
 ///
 /// [RFC 5280 § 4.1.2.7]: https://tools.ietf.org/html/rfc5280#section-4.1.2.7
 #[derive(Copy, Clone, Debug, Eq, PartialEq)]
-pub struct SubjectPublicKeyInfo<'a> {
+pub struct SubjectPublicKeyInfo<'a, Params> {
     /// X.509 [`AlgorithmIdentifier`] for the public key type
-    pub algorithm: AlgorithmIdentifierRef<'a>,
+    pub algorithm: AlgorithmIdentifier<Params>,
 
     /// Public key data
     pub subject_public_key: &'a [u8],
 }
 
-impl<'a> SubjectPublicKeyInfo<'a> {
+impl<'a, Params> SubjectPublicKeyInfo<'a, Params> {
+    /// Get a [`BitString`] representing the `subject_public_key`
+    fn bitstring(&self) -> der::Result<BitStringRef<'a>> {
+        BitStringRef::from_bytes(self.subject_public_key)
+    }
+}
+
+impl<'a, Params> SubjectPublicKeyInfo<'a, Params>
+where
+    Params: Choice<'a> + Encode,
+{
     /// Calculate the SHA-256 fingerprint of this [`SubjectPublicKeyInfo`] and
     /// encode it as a Base64 string.
     ///
@@ -71,14 +82,12 @@ impl<'a> SubjectPublicKeyInfo<'a> {
         self.encode(&mut builder)?;
         Ok(builder.finish())
     }
-
-    /// Get a [`BitString`] representing the `subject_public_key`
-    fn bitstring(&self) -> der::Result<BitStringRef<'a>> {
-        BitStringRef::from_bytes(self.subject_public_key)
-    }
 }
 
-impl<'a> DecodeValue<'a> for SubjectPublicKeyInfo<'a> {
+impl<'a, Params> DecodeValue<'a> for SubjectPublicKeyInfo<'a, Params>
+where
+    Params: Choice<'a> + Encode,
+{
     fn decode_value<R: Reader<'a>>(reader: &mut R, header: Header) -> der::Result<Self> {
         reader.read_nested(header.length, |reader| {
             Ok(Self {
@@ -91,7 +100,10 @@ impl<'a> DecodeValue<'a> for SubjectPublicKeyInfo<'a> {
     }
 }
 
-impl<'a> Sequence<'a> for SubjectPublicKeyInfo<'a> {
+impl<'a, Params> Sequence<'a> for SubjectPublicKeyInfo<'a, Params>
+where
+    Params: Choice<'a> + Encode,
+{
     fn fields<F, T>(&self, f: F) -> der::Result<T>
     where
         F: FnOnce(&[&dyn Encode]) -> der::Result<T>,
@@ -100,15 +112,21 @@ impl<'a> Sequence<'a> for SubjectPublicKeyInfo<'a> {
     }
 }
 
-impl<'a> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a> {
+impl<'a, Params> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a, Params>
+where
+    Params: Choice<'a> + Encode,
+{
     type Error = Error;
 
     fn try_from(bytes: &'a [u8]) -> Result<Self> {
         Ok(Self::from_der(bytes)?)
     }
 }
 
-impl ValueOrd for SubjectPublicKeyInfo<'_> {
+impl<'a, Params> ValueOrd for SubjectPublicKeyInfo<'a, Params>
+where
+    Params: Choice<'a> + DerOrd + Encode,
+{
     fn value_cmp(&self, other: &Self) -> der::Result<Ordering> {
         match self.algorithm.der_cmp(&other.algorithm)? {
             Ordering::Equal => self.bitstring()?.der_cmp(&other.bitstring()?),
@@ -119,26 +137,32 @@ impl ValueOrd for SubjectPublicKeyInfo<'_> {
 
 #[cfg(feature = "alloc")]
 #[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]
-impl TryFrom<SubjectPublicKeyInfo<'_>> for Document {
+impl<'a, Params> TryFrom<SubjectPublicKeyInfo<'a, Params>> for Document
+where
+    Params: Choice<'a> + Encode,
+{
     type Error = Error;
 
-    fn try_from(spki: SubjectPublicKeyInfo<'_>) -> Result<Document> {
+    fn try_from(spki: SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {
         Self::try_from(&spki)
     }
 }
 
 #[cfg(feature = "alloc")]
 #[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]
-impl TryFrom<&SubjectPublicKeyInfo<'_>> for Document {
+impl<'a, Params> TryFrom<&SubjectPublicKeyInfo<'a, Params>> for Document
+where
+    Params: Choice<'a> + Encode,
+{
     type Error = Error;
 
-    fn try_from(spki: &SubjectPublicKeyInfo<'_>) -> Result<Document> {
+    fn try_from(spki: &SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {
         Ok(Self::encode_msg(spki)?)
     }
 }
 
 #[cfg(feature = "pem")]
 #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
-impl PemLabel for SubjectPublicKeyInfo<'_> {
+impl<Params> PemLabel for SubjectPublicKeyInfo<'_, Params> {
     const PEM_LABEL: &'static str = "PUBLIC KEY";
 }

spki/src/traits.rs

@@ -1,6 +1,6 @@
 //! Traits for encoding/decoding SPKI public keys.
 
-use crate::{Error, Result, SubjectPublicKeyInfo};
+use crate::{Error, Result, SubjectPublicKeyInfoRef};
 
 #[cfg(feature = "alloc")]
 use der::Document;
@@ -16,15 +16,15 @@ use std::path::Path;
 
 /// Parse a public key object from an encoded SPKI document.
 pub trait DecodePublicKey:
-    for<'a> TryFrom<SubjectPublicKeyInfo<'a>, Error = Error> + Sized
+    for<'a> TryFrom<SubjectPublicKeyInfoRef<'a>, Error = Error> + Sized
 {
-    /// Deserialize object from ASN.1 DER-encoded [`SubjectPublicKeyInfo`]
+    /// Deserialize object from ASN.1 DER-encoded `SubjectPublicKeyInfo`
     /// (binary format).
     fn from_public_key_der(bytes: &[u8]) -> Result<Self> {
-        Self::try_from(SubjectPublicKeyInfo::try_from(bytes)?)
+        Self::try_from(SubjectPublicKeyInfoRef::try_from(bytes)?)
     }
 
-    /// Deserialize PEM-encoded [`SubjectPublicKeyInfo`].
+    /// Deserialize PEM-encoded `SubjectPublicKeyInfo`.
     ///
     /// Keys in this format begin with the following delimiter:
     ///
@@ -35,7 +35,7 @@ pub trait DecodePublicKey:
     #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
     fn from_public_key_pem(s: &str) -> Result<Self> {
         let (label, doc) = Document::from_pem(s)?;
-        SubjectPublicKeyInfo::validate_pem_label(label)?;
+        SubjectPublicKeyInfoRef::validate_pem_label(label)?;
         Self::from_public_key_der(doc.as_bytes())
     }
 
@@ -53,7 +53,7 @@ pub trait DecodePublicKey:
     #[cfg_attr(docsrs, doc(cfg(all(feature = "pem", feature = "std"))))]
     fn read_public_key_pem_file(path: impl AsRef<Path>) -> Result<Self> {
         let (label, doc) = Document::read_pem_file(path)?;
-        SubjectPublicKeyInfo::validate_pem_label(&label)?;
+        SubjectPublicKeyInfoRef::validate_pem_label(&label)?;
         Self::from_public_key_der(doc.as_bytes())
     }
 }
@@ -70,7 +70,7 @@ pub trait EncodePublicKey {
     #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
     fn to_public_key_pem(&self, line_ending: LineEnding) -> Result<String> {
         let doc = self.to_public_key_der()?;
-        Ok(doc.to_pem(SubjectPublicKeyInfo::PEM_LABEL, line_ending)?)
+        Ok(doc.to_pem(SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?)
     }
 
     /// Write ASN.1 DER-encoded public key to the given path
@@ -89,6 +89,6 @@ pub trait EncodePublicKey {
         line_ending: LineEnding,
     ) -> Result<()> {
         let doc = self.to_public_key_der()?;
-        Ok(doc.write_pem_file(path, SubjectPublicKeyInfo::PEM_LABEL, line_ending)?)
+        Ok(doc.write_pem_file(path, SubjectPublicKeyInfoRef::PEM_LABEL, line_ending)?)
     }
 }

spki/tests/spki.rs

@@ -1,7 +1,7 @@
 //! `SubjectPublicKeyInfo` tests.
 
 use hex_literal::hex;
-use spki::SubjectPublicKeyInfo;
+use spki::SubjectPublicKeyInfoRef;
 
 #[cfg(feature = "alloc")]
 use der::Encode;
@@ -46,7 +46,7 @@ const ED25519_SPKI_FINGERPRINT: &[u8] =
 
 #[test]
 fn decode_ec_p256_der() {
-    let spki = SubjectPublicKeyInfo::try_from(EC_P256_DER_EXAMPLE).unwrap();
+    let spki = SubjectPublicKeyInfoRef::try_from(EC_P256_DER_EXAMPLE).unwrap();
 
     assert_eq!(spki.algorithm.oid, "1.2.840.10045.2.1".parse().unwrap());
 
@@ -62,7 +62,7 @@ fn decode_ec_p256_der() {
 #[cfg(feature = "fingerprint")]
 fn decode_ed25519_and_fingerprint_spki() {
     // Repeat the decode test from the pkcs8 crate
-    let spki = SubjectPublicKeyInfo::try_from(ED25519_DER_EXAMPLE).unwrap();
+    let spki = SubjectPublicKeyInfoRef::try_from(ED25519_DER_EXAMPLE).unwrap();
 
     assert_eq!(spki.algorithm.oid, "1.3.101.112".parse().unwrap());
     assert_eq!(spki.algorithm.parameters, None);
@@ -82,7 +82,7 @@ fn decode_ed25519_and_fingerprint_spki() {
 #[cfg(all(feature = "fingerprint", feature = "alloc"))]
 fn decode_ed25519_and_fingerprint_base64() {
     // Repeat the decode test from the pkcs8 crate
-    let spki = SubjectPublicKeyInfo::try_from(ED25519_DER_EXAMPLE).unwrap();
+    let spki = SubjectPublicKeyInfoRef::try_from(ED25519_DER_EXAMPLE).unwrap();
 
     assert_eq!(spki.algorithm.oid, "1.3.101.112".parse().unwrap());
     assert_eq!(spki.algorithm.parameters, None);
@@ -100,7 +100,7 @@ fn decode_ed25519_and_fingerprint_base64() {
 
 #[test]
 fn decode_rsa_2048_der() {
-    let spki = SubjectPublicKeyInfo::try_from(RSA_2048_DER_EXAMPLE).unwrap();
+    let spki = SubjectPublicKeyInfoRef::try_from(RSA_2048_DER_EXAMPLE).unwrap();
 
     assert_eq!(spki.algorithm.oid, "1.2.840.113549.1.1.1".parse().unwrap());
     assert!(spki.algorithm.parameters.unwrap().is_null());
@@ -110,47 +110,47 @@ fn decode_rsa_2048_der() {
 #[test]
 #[cfg(feature = "alloc")]
 fn encode_ec_p256_der() {
-    let pk = SubjectPublicKeyInfo::try_from(EC_P256_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(EC_P256_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_vec().unwrap();
     assert_eq!(EC_P256_DER_EXAMPLE, pk_encoded.as_slice());
 }
 
 #[test]
 #[cfg(feature = "alloc")]
 fn encode_ed25519_der() {
-    let pk = SubjectPublicKeyInfo::try_from(ED25519_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(ED25519_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_vec().unwrap();
     assert_eq!(ED25519_DER_EXAMPLE, pk_encoded.as_slice());
 }
 
 #[test]
 #[cfg(feature = "alloc")]
 fn encode_rsa_2048_der() {
-    let pk = SubjectPublicKeyInfo::try_from(RSA_2048_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(RSA_2048_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_vec().unwrap();
     assert_eq!(RSA_2048_DER_EXAMPLE, pk_encoded.as_slice());
 }
 
 #[test]
 #[cfg(feature = "pem")]
 fn encode_ec_p256_pem() {
-    let pk = SubjectPublicKeyInfo::try_from(EC_P256_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(EC_P256_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_pem(LineEnding::LF).unwrap();
     assert_eq!(EC_P256_PEM_EXAMPLE, pk_encoded);
 }
 
 #[test]
 #[cfg(feature = "pem")]
 fn encode_ed25519_pem() {
-    let pk = SubjectPublicKeyInfo::try_from(ED25519_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(ED25519_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_pem(LineEnding::LF).unwrap();
     assert_eq!(ED25519_PEM_EXAMPLE, pk_encoded);
 }
 
 #[test]
 #[cfg(feature = "pem")]
 fn encode_rsa_2048_pem() {
-    let pk = SubjectPublicKeyInfo::try_from(RSA_2048_DER_EXAMPLE).unwrap();
+    let pk = SubjectPublicKeyInfoRef::try_from(RSA_2048_DER_EXAMPLE).unwrap();
     let pk_encoded = pk.to_pem(LineEnding::LF).unwrap();
     assert_eq!(RSA_2048_PEM_EXAMPLE, pk_encoded);
 }

spki/tests/traits.rs

@@ -3,7 +3,7 @@
 #![cfg(any(feature = "pem", feature = "std"))]
 
 use der::{Decode, Encode};
-use spki::{DecodePublicKey, Document, EncodePublicKey, Error, Result, SubjectPublicKeyInfo};
+use spki::{DecodePublicKey, Document, EncodePublicKey, Error, Result, SubjectPublicKeyInfoRef};
 
 #[cfg(feature = "pem")]
 use spki::der::pem::LineEnding;
@@ -42,10 +42,10 @@ impl EncodePublicKey for MockKey {
     }
 }
 
-impl TryFrom<SubjectPublicKeyInfo<'_>> for MockKey {
+impl TryFrom<SubjectPublicKeyInfoRef<'_>> for MockKey {
     type Error = Error;
 
-    fn try_from(spki: SubjectPublicKeyInfo<'_>) -> Result<MockKey> {
+    fn try_from(spki: SubjectPublicKeyInfoRef<'_>) -> Result<MockKey> {
         Ok(MockKey(spki.to_vec()?))
     }
 }

x509-cert/src/anchor.rs

@@ -7,7 +7,7 @@ use crate::{Certificate, TbsCertificate};
 use der::asn1::{OctetStringRef, Utf8StringRef};
 use der::{Choice, Enumerated, Sequence};
 use flagset::{flags, FlagSet};
-use spki::SubjectPublicKeyInfo;
+use spki::SubjectPublicKeyInfoRef;
 
 /// Version identifier for TrustAnchorInfo
 #[derive(Clone, Debug, Copy, PartialEq, Eq, Enumerated)]
@@ -45,7 +45,7 @@ pub struct TrustAnchorInfo<'a> {
     #[asn1(default = "Default::default")]
     pub version: Version,
 
-    pub pub_key: SubjectPublicKeyInfo<'a>,
+    pub pub_key: SubjectPublicKeyInfoRef<'a>,
 
     pub key_id: OctetStringRef<'a>,