Make PSS/OAEP params use generic AlgorithmIdentifier #799
Conversation
The assert_algorithm_oid() method doesn't depend on the actual AlgorithmIdentifier's Params type and thus can be a part of the generic AlgorithmIdentifier<Params> implementation rather than being specific to AlgorithmIdentifierRef only. Signed-off-by: Dmitry Baryshkov <[email protected]>
The AlgorithmIdentifier for the MGF uses another AlgorithmIdentifier as params field. Implement this in the code rater than using the generic AlgorithmIdentifierRef. Signed-off-by: Dmitry Baryshkov <[email protected]>
| @@ -84,7 +81,7 @@ pub struct RsaPssParams<'a> { | |||
| pub hash: AlgorithmIdentifierRef<'a>, | |||
|
|
|||
| /// Mask Generation Function (MGF) | |||
| pub mask_gen: AlgorithmIdentifierRef<'a>, | |||
| pub mask_gen: AlgorithmIdentifier<AlgorithmIdentifierRef<'a>>, | |||
There was a problem hiding this comment.
Context: I've just submitted #1415 that rewrites the AlgorithmIdentifier to make sure the parameter is either Any or AnyRef.
I'm confused about this change. This doesn't seem to line up with https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.1.2 (spki::AlgorithmIdentifier)
AlgorithmIdentifier ::= SEQUENCE {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL }
Which, from my understand, ask that the parameters are encoded as an Any.
This change moves the implementation to remove the type prefix that Any would provide.
That said, this AlgorithmIdentifier would be defined by https://datatracker.ietf.org/doc/html/rfc8017#page-70:
-- ================
-- Useful types
-- ================
ALGORITHM-IDENTIFIER ::= CLASS {
&id OBJECT IDENTIFIER UNIQUE,
&Type OPTIONAL
}
WITH SYNTAX { OID &id [PARAMETERS &Type] }
Which one is right here?
Could it be we need another definition of AlgorithmIdentifier altogether?
I think I would otherwise revert that change and get back the SEQ_OID_SHA_1_DER that was removed.
No description provided.