pkcs1v15: implement SignatureAlgorithmIdentifier for PKCS1v15 structs

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>

Author: lumag

Cargo.toml

@@ -24,11 +24,14 @@ subtle = { version = "2.1.1", default-features = false }
 digest = { version = "0.10.5", default-features = false, features = ["alloc", "oid"] }
 pkcs1 = { version = "0.7.1", default-features = false, features = ["alloc", "pkcs8"] }
 pkcs8 = { version = "0.10", default-features = false, features = ["alloc"] }
-serde = { version = "1.0.103", optional = true, default-features = false, features = ["derive"] }
-sha2 = { version = "0.10.6", optional = true, default-features = false, features = ["oid"] }
 signature = { version = "2", default-features = false , features = ["digest", "rand_core"] }
 zeroize = { version = "1", features = ["alloc"] }
 
+# optional dependencies
+serde = { version = "1.0.103", optional = true, default-features = false, features = ["derive"] }
+sha1 = { version = "0.10.5", optional = true, default-features = false, features = ["oid"] }
+sha2 = { version = "0.10.6", optional = true, default-features = false, features = ["oid"] }
+
 [dev-dependencies]
 base64ct = { version = "1", features = ["alloc"] }
 hex-literal = "0.3.3"

src/pkcs1v15.rs

@@ -12,7 +12,10 @@ use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex};
 use core::marker::PhantomData;
 use digest::Digest;
 use pkcs8::{
-    spki::{der::AnyRef, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier},
+    spki::{
+        der::AnyRef, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier,
+        SignatureAlgorithmIdentifier,
+    },
     AssociatedOid, Document, EncodePrivateKey, EncodePublicKey, SecretDocument,
 };
 use rand_core::CryptoRngCore;
@@ -448,6 +451,19 @@ where
     const ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> = pkcs1::ALGORITHM_ID;
 }
 
+impl<D> SignatureAlgorithmIdentifier for SigningKey<D>
+where
+    D: Digest + oid::RsaSignatureAssociatedOid,
+{
+    type Params = AnyRef<'static>;
+
+    const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> =
+        AlgorithmIdentifierRef {
+            oid: D::OID,
+            parameters: Some(AnyRef::NULL),
+        };
+}
+
 impl<D> From<RsaPrivateKey> for SigningKey<D>
 where
     D: Digest,
@@ -627,6 +643,19 @@ where
     const ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> = pkcs1::ALGORITHM_ID;
 }
 
+impl<D> SignatureAlgorithmIdentifier for VerifyingKey<D>
+where
+    D: Digest + oid::RsaSignatureAssociatedOid,
+{
+    type Params = AnyRef<'static>;
+
+    const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> =
+        AlgorithmIdentifierRef {
+            oid: D::OID,
+            parameters: Some(AnyRef::NULL),
+        };
+}
+
 impl<D> From<RsaPublicKey> for VerifyingKey<D>
 where
     D: Digest,
@@ -795,6 +824,46 @@ impl EncryptingKeypair for DecryptingKey {
     }
 }
 
+mod oid {
+    use const_oid::ObjectIdentifier;
+
+    /// A trait which associates an RSA-specific OID with a type.
+    pub(crate) trait RsaSignatureAssociatedOid {
+        /// The OID associated with this type.
+        const OID: ObjectIdentifier;
+    }
+
+    #[cfg(feature = "sha1")]
+    impl RsaSignatureAssociatedOid for sha1::Sha1 {
+        const OID: ObjectIdentifier =
+            const_oid::ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.5");
+    }
+
+    #[cfg(feature = "sha2")]
+    impl RsaSignatureAssociatedOid for sha2::Sha224 {
+        const OID: ObjectIdentifier =
+            const_oid::ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.14");
+    }
+
+    #[cfg(feature = "sha2")]
+    impl RsaSignatureAssociatedOid for sha2::Sha256 {
+        const OID: ObjectIdentifier =
+            const_oid::ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.11");
+    }
+
+    #[cfg(feature = "sha2")]
+    impl RsaSignatureAssociatedOid for sha2::Sha384 {
+        const OID: ObjectIdentifier =
+            const_oid::ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.12");
+    }
+
+    #[cfg(feature = "sha2")]
+    impl RsaSignatureAssociatedOid for sha2::Sha512 {
+        const OID: ObjectIdentifier =
+            const_oid::ObjectIdentifier::new_unwrap("1.2.840.113549.1.1.13");
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;