spki: make SubjectPublicKeyInfo own the public key

baloo · baloo · commit 1efe27af581d · 2022-11-29T11:42:28.000-08:00
diff --git a/pkcs1/src/traits.rs b/pkcs1/src/traits.rs
@@ -16,7 +16,10 @@ use {
 };
 
 #[cfg(feature = "pkcs8")]
-use crate::{ALGORITHM_ID, ALGORITHM_OID};
+use {
+    crate::{ALGORITHM_ID, ALGORITHM_OID},
+    der::asn1::BitString,
+};
 
 #[cfg(feature = "std")]
 use std::path::Path;
@@ -185,7 +188,7 @@ impl<T: pkcs8::DecodePublicKey> DecodeRsaPublicKey for T {
     fn from_pkcs1_der(public_key: &[u8]) -> Result<Self> {
         Ok(Self::try_from(pkcs8::SubjectPublicKeyInfoRef {
             algorithm: ALGORITHM_ID,
-            subject_public_key: public_key,
+            subject_public_key: BitString::from_bytes(public_key)?,
         })?)
     }
 }
@@ -208,6 +211,6 @@ impl<T: pkcs8::EncodePublicKey> EncodeRsaPublicKey for T {
         let doc = self.to_public_key_der()?;
         let spki = pkcs8::SubjectPublicKeyInfoRef::from_der(doc.as_bytes())?;
         spki.algorithm.assert_algorithm_oid(ALGORITHM_OID)?;
-        RsaPublicKey::from_der(spki.subject_public_key)?.try_into()
+        RsaPublicKey::from_der(spki.subject_public_key.raw_bytes())?.try_into()
     }
 }
diff --git a/spki/src/spki.rs b/spki/src/spki.rs
@@ -3,7 +3,7 @@
 use crate::{AlgorithmIdentifier, Error, Result};
 use core::cmp::Ordering;
 use der::{
-    asn1::{AnyRef, BitStringRef},
+    asn1::{AnyRef, BitString, BitStringRef},
     Choice, Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd,
 };
 
@@ -23,7 +23,7 @@ use {
 use der::pem::PemLabel;
 
 /// [`SubjectPublicKeyInfo`] with [`AnyRef`] algorithm parameters.
-pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<'a, AnyRef<'a>>;
+pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<AnyRef<'a>>;
 
 /// X.509 `SubjectPublicKeyInfo` (SPKI) as defined in [RFC 5280 § 4.1.2.7].
 ///
@@ -37,23 +37,23 @@ pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<'a, AnyRef<'a>>;
 /// ```
 ///
 /// [RFC 5280 § 4.1.2.7]: https://tools.ietf.org/html/rfc5280#section-4.1.2.7
-#[derive(Copy, Clone, Debug, Eq, PartialEq)]
-pub struct SubjectPublicKeyInfo<'a, Params> {
+#[derive(Clone, Debug, Eq, PartialEq)]
+pub struct SubjectPublicKeyInfo<Params> {
     /// X.509 [`AlgorithmIdentifier`] for the public key type
     pub algorithm: AlgorithmIdentifier<Params>,
 
     /// Public key data
-    pub subject_public_key: &'a [u8],
+    pub subject_public_key: BitString,
 }
 
-impl<'a, Params> SubjectPublicKeyInfo<'a, Params> {
+impl<Params> SubjectPublicKeyInfo<Params> {
     /// Get a [`BitString`] representing the `subject_public_key`
-    fn bitstring(&self) -> der::Result<BitStringRef<'a>> {
-        BitStringRef::from_bytes(self.subject_public_key)
+    fn bitstring(&self) -> BitStringRef<'_> {
+        BitStringRef::from(&self.subject_public_key)
     }
 }
 
-impl<'a, Params> SubjectPublicKeyInfo<'a, Params>
+impl<'a, Params> SubjectPublicKeyInfo<Params>
 where
     Params: Choice<'a> + Encode,
 {
@@ -84,35 +84,33 @@ where
     }
 }
 
-impl<'a, Params> DecodeValue<'a> for SubjectPublicKeyInfo<'a, Params>
+impl<'a, Params> DecodeValue<'a> for SubjectPublicKeyInfo<Params>
 where
     Params: Choice<'a> + Encode,
 {
     fn decode_value<R: Reader<'a>>(reader: &mut R, header: Header) -> der::Result<Self> {
         reader.read_nested(header.length, |reader| {
             Ok(Self {
                 algorithm: reader.decode()?,
-                subject_public_key: BitStringRef::decode(reader)?
-                    .as_bytes()
-                    .ok_or_else(|| der::Tag::BitString.value_error())?,
+                subject_public_key: BitString::decode(reader)?,
             })
         })
     }
 }
 
-impl<'a, Params> Sequence<'a> for SubjectPublicKeyInfo<'a, Params>
+impl<'a, Params> Sequence<'a> for SubjectPublicKeyInfo<Params>
 where
     Params: Choice<'a> + Encode,
 {
     fn fields<F, T>(&self, f: F) -> der::Result<T>
     where
         F: FnOnce(&[&dyn Encode]) -> der::Result<T>,
     {
-        f(&[&self.algorithm, &self.bitstring()?])
+        f(&[&self.algorithm, &self.bitstring()])
     }
 }
 
-impl<'a, Params> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a, Params>
+impl<'a, Params> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<Params>
 where
     Params: Choice<'a> + Encode,
 {
@@ -123,46 +121,46 @@ where
     }
 }
 
-impl<'a, Params> ValueOrd for SubjectPublicKeyInfo<'a, Params>
+impl<'a, Params> ValueOrd for SubjectPublicKeyInfo<Params>
 where
     Params: Choice<'a> + DerOrd + Encode,
 {
     fn value_cmp(&self, other: &Self) -> der::Result<Ordering> {
         match self.algorithm.der_cmp(&other.algorithm)? {
-            Ordering::Equal => self.bitstring()?.der_cmp(&other.bitstring()?),
+            Ordering::Equal => self.bitstring().der_cmp(&other.bitstring()),
             other => Ok(other),
         }
     }
 }
 
 #[cfg(feature = "alloc")]
 #[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]
-impl<'a, Params> TryFrom<SubjectPublicKeyInfo<'a, Params>> for Document
+impl<'a, Params> TryFrom<SubjectPublicKeyInfo<Params>> for Document
 where
     Params: Choice<'a> + Encode,
 {
     type Error = Error;
 
-    fn try_from(spki: SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {
+    fn try_from(spki: SubjectPublicKeyInfo<Params>) -> Result<Document> {
         Self::try_from(&spki)
     }
 }
 
 #[cfg(feature = "alloc")]
 #[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]
-impl<'a, Params> TryFrom<&SubjectPublicKeyInfo<'a, Params>> for Document
+impl<'a, Params> TryFrom<&SubjectPublicKeyInfo<Params>> for Document
 where
     Params: Choice<'a> + Encode,
 {
     type Error = Error;
 
-    fn try_from(spki: &SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {
+    fn try_from(spki: &SubjectPublicKeyInfo<Params>) -> Result<Document> {
         Ok(Self::encode_msg(spki)?)
     }
 }
 
 #[cfg(feature = "pem")]
 #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
-impl<Params> PemLabel for SubjectPublicKeyInfo<'_, Params> {
+impl<Params> PemLabel for SubjectPublicKeyInfo<Params> {
     const PEM_LABEL: &'static str = "PUBLIC KEY";
 }
diff --git a/x509-cert/tests/certreq.rs b/x509-cert/tests/certreq.rs
@@ -52,7 +52,7 @@ fn decode_rsa_2048_der() {
     let alg = cr.info.public_key.algorithm;
     assert_eq!(alg.oid, "1.2.840.113549.1.1.1".parse().unwrap());
     assert!(alg.parameters.unwrap().is_null());
-    assert_eq!(cr.info.public_key.subject_public_key, RSA_KEY);
+    assert_eq!(cr.info.public_key.subject_public_key.raw_bytes(), RSA_KEY);
 
     // Check the attributes (just one; contains extensions).
     assert_eq!(cr.info.attributes.len(), 1);

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@`
`3`	`3`	`use crate::{AlgorithmIdentifier, Error, Result};`
`4`	`4`	`use core::cmp::Ordering;`
`5`	`5`	`use der::{`
`6`		`- asn1::{AnyRef, BitStringRef},`
	`6`	`+ asn1::{AnyRef, BitString, BitStringRef},`
`7`	`7`	`Choice, Decode, DecodeValue, DerOrd, Encode, Header, Reader, Sequence, ValueOrd,`
`8`	`8`	`};`
`9`	`9`
`@@ -23,7 +23,7 @@ use {`
`23`	`23`	`use der::pem::PemLabel;`
`24`	`24`
`25`	`25`	/// [`SubjectPublicKeyInfo`] with [`AnyRef`] algorithm parameters.
`26`		`-pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<'a, AnyRef<'a>>;`
	`26`	`+pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<AnyRef<'a>>;`
`27`	`27`
`28`	`28`	/// X.509 `SubjectPublicKeyInfo` (SPKI) as defined in [RFC 5280 § 4.1.2.7].
`29`	`29`	`///`
`@@ -37,23 +37,23 @@ pub type SubjectPublicKeyInfoRef<'a> = SubjectPublicKeyInfo<'a, AnyRef<'a>>;`
`37`	`37`	/// ```
`38`	`38`	`///`
`39`	`39`	`/// [RFC 5280 § 4.1.2.7]: https://tools.ietf.org/html/rfc5280#section-4.1.2.7`
`40`		`-#[derive(Copy, Clone, Debug, Eq, PartialEq)]`
`41`		`-pub struct SubjectPublicKeyInfo<'a, Params> {`
	`40`	`+#[derive(Clone, Debug, Eq, PartialEq)]`
	`41`	`+pub struct SubjectPublicKeyInfo<Params> {`
`42`	`42`	/// X.509 [`AlgorithmIdentifier`] for the public key type
`43`	`43`	`pub algorithm: AlgorithmIdentifier<Params>,`
`44`	`44`
`45`	`45`	`/// Public key data`
`46`		`- pub subject_public_key: &'a [u8],`
	`46`	`+ pub subject_public_key: BitString,`
`47`	`47`	`}`
`48`	`48`
`49`		`-impl<'a, Params> SubjectPublicKeyInfo<'a, Params> {`
	`49`	`+impl<Params> SubjectPublicKeyInfo<Params> {`
`50`	`50`	/// Get a [`BitString`] representing the `subject_public_key`
`51`		`- fn bitstring(&self) -> der::Result<BitStringRef<'a>> {`
`52`		`- BitStringRef::from_bytes(self.subject_public_key)`
	`51`	`+ fn bitstring(&self) -> BitStringRef<'_> {`
	`52`	`+ BitStringRef::from(&self.subject_public_key)`
`53`	`53`	`}`
`54`	`54`	`}`
`55`	`55`
`56`		`-impl<'a, Params> SubjectPublicKeyInfo<'a, Params>`
	`56`	`+impl<'a, Params> SubjectPublicKeyInfo<Params>`
`57`	`57`	`where`
`58`	`58`	`Params: Choice<'a> + Encode,`
`59`	`59`	`{`
`@@ -84,35 +84,33 @@ where`
`84`	`84`	`}`
`85`	`85`	`}`
`86`	`86`
`87`		`-impl<'a, Params> DecodeValue<'a> for SubjectPublicKeyInfo<'a, Params>`
	`87`	`+impl<'a, Params> DecodeValue<'a> for SubjectPublicKeyInfo<Params>`
`88`	`88`	`where`
`89`	`89`	`Params: Choice<'a> + Encode,`
`90`	`90`	`{`
`91`	`91`	`fn decode_value<R: Reader<'a>>(reader: &mut R, header: Header) -> der::Result<Self> {`
`92`	`92`	`reader.read_nested(header.length, \|reader\| {`
`93`	`93`	`Ok(Self {`
`94`	`94`	`algorithm: reader.decode()?,`
`95`		`- subject_public_key: BitStringRef::decode(reader)?`
`96`		`- .as_bytes()`
`97`		`- .ok_or_else(\|\| der::Tag::BitString.value_error())?,`
	`95`	`+ subject_public_key: BitString::decode(reader)?,`
`98`	`96`	`})`
`99`	`97`	`})`
`100`	`98`	`}`
`101`	`99`	`}`
`102`	`100`
`103`		`-impl<'a, Params> Sequence<'a> for SubjectPublicKeyInfo<'a, Params>`
	`101`	`+impl<'a, Params> Sequence<'a> for SubjectPublicKeyInfo<Params>`
`104`	`102`	`where`
`105`	`103`	`Params: Choice<'a> + Encode,`
`106`	`104`	`{`
`107`	`105`	`fn fields<F, T>(&self, f: F) -> der::Result<T>`
`108`	`106`	`where`
`109`	`107`	`F: FnOnce(&[&dyn Encode]) -> der::Result<T>,`
`110`	`108`	`{`
`111`		`- f(&[&self.algorithm, &self.bitstring()?])`
	`109`	`+ f(&[&self.algorithm, &self.bitstring()])`
`112`	`110`	`}`
`113`	`111`	`}`
`114`	`112`
`115`		`-impl<'a, Params> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<'a, Params>`
	`113`	`+impl<'a, Params> TryFrom<&'a [u8]> for SubjectPublicKeyInfo<Params>`
`116`	`114`	`where`
`117`	`115`	`Params: Choice<'a> + Encode,`
`118`	`116`	`{`
`@@ -123,46 +121,46 @@ where`
`123`	`121`	`}`
`124`	`122`	`}`
`125`	`123`
`126`		`-impl<'a, Params> ValueOrd for SubjectPublicKeyInfo<'a, Params>`
	`124`	`+impl<'a, Params> ValueOrd for SubjectPublicKeyInfo<Params>`
`127`	`125`	`where`
`128`	`126`	`Params: Choice<'a> + DerOrd + Encode,`
`129`	`127`	`{`
`130`	`128`	`fn value_cmp(&self, other: &Self) -> der::Result<Ordering> {`
`131`	`129`	`match self.algorithm.der_cmp(&other.algorithm)? {`
`132`		`- Ordering::Equal => self.bitstring()?.der_cmp(&other.bitstring()?),`
	`130`	`+ Ordering::Equal => self.bitstring().der_cmp(&other.bitstring()),`
`133`	`131`	`other => Ok(other),`
`134`	`132`	`}`
`135`	`133`	`}`
`136`	`134`	`}`
`137`	`135`
`138`	`136`	`#[cfg(feature = "alloc")]`
`139`	`137`	`#[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]`
`140`		`-impl<'a, Params> TryFrom<SubjectPublicKeyInfo<'a, Params>> for Document`
	`138`	`+impl<'a, Params> TryFrom<SubjectPublicKeyInfo<Params>> for Document`
`141`	`139`	`where`
`142`	`140`	`Params: Choice<'a> + Encode,`
`143`	`141`	`{`
`144`	`142`	`type Error = Error;`
`145`	`143`
`146`		`- fn try_from(spki: SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {`
	`144`	`+ fn try_from(spki: SubjectPublicKeyInfo<Params>) -> Result<Document> {`
`147`	`145`	`Self::try_from(&spki)`
`148`	`146`	`}`
`149`	`147`	`}`
`150`	`148`
`151`	`149`	`#[cfg(feature = "alloc")]`
`152`	`150`	`#[cfg_attr(docsrs, doc(cfg(feature = "alloc")))]`
`153`		`-impl<'a, Params> TryFrom<&SubjectPublicKeyInfo<'a, Params>> for Document`
	`151`	`+impl<'a, Params> TryFrom<&SubjectPublicKeyInfo<Params>> for Document`
`154`	`152`	`where`
`155`	`153`	`Params: Choice<'a> + Encode,`
`156`	`154`	`{`
`157`	`155`	`type Error = Error;`
`158`	`156`
`159`		`- fn try_from(spki: &SubjectPublicKeyInfo<'a, Params>) -> Result<Document> {`
	`157`	`+ fn try_from(spki: &SubjectPublicKeyInfo<Params>) -> Result<Document> {`
`160`	`158`	`Ok(Self::encode_msg(spki)?)`
`161`	`159`	`}`
`162`	`160`	`}`
`163`	`161`
`164`	`162`	`#[cfg(feature = "pem")]`
`165`	`163`	`#[cfg_attr(docsrs, doc(cfg(feature = "pem")))]`
`166`		`-impl<Params> PemLabel for SubjectPublicKeyInfo<'_, Params> {`
	`164`	`+impl<Params> PemLabel for SubjectPublicKeyInfo<Params> {`
`167`	`165`	`const PEM_LABEL: &'static str = "PUBLIC KEY";`
`168`	`166`	`}`