Add from/to SubjectPublicKeyInfo conversion to ed25519.
And run `cargo fmt`.
Change-Id: Iff0ad50ffc8fb02454b22b82050c605620a201f8
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/76647
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/rust/bssl-crypto/src/ed25519.rs b/rust/bssl-crypto/src/ed25519.rs
index 6644aa2..73c90fb 100644
--- a/rust/bssl-crypto/src/ed25519.rs
+++ b/rust/bssl-crypto/src/ed25519.rs
@@ -34,7 +34,10 @@
//! assert!(public_key.verify(signed_message, &sig).is_ok());
//! ```
-use crate::{FfiMutSlice, FfiSlice, InvalidSignatureError};
+use crate::{
+ cbb_to_buffer, parse_with_cbs, scoped, with_output_array, Buffer, FfiMutSlice, FfiSlice,
+ InvalidSignatureError,
+};
/// The length in bytes of an Ed25519 public key.
pub const PUBLIC_KEY_LEN: usize = bssl_sys::ED25519_PUBLIC_KEY_LEN as usize;
@@ -149,6 +152,66 @@
&self.0
}
+ /// Parse a public key in SubjectPublicKeyInfo format.
+ pub fn from_der_subject_public_key_info(spki: &[u8]) -> Option<Self> {
+ let mut pkey = scoped::EvpPkey::from_ptr(parse_with_cbs(
+ spki,
+ // Safety: `pkey` is a non-null result from `EVP_parse_public_key` here.
+ |pkey| unsafe { bssl_sys::EVP_PKEY_free(pkey) },
+ // Safety: cbs is valid per `parse_with_cbs`.
+ |cbs| unsafe { bssl_sys::EVP_parse_public_key(cbs) },
+ )?);
+
+ let mut out_len = 0;
+ // When the out buffer is null, `out_len` is set to the size of the raw public key.
+ // Safety: the arguments are valid.
+ let result = unsafe {
+ bssl_sys::EVP_PKEY_get_raw_public_key(
+ pkey.as_ffi_ptr(),
+ core::ptr::null_mut(),
+ &mut out_len,
+ )
+ };
+ if result != 1 {
+ return None;
+ }
+ if out_len != PUBLIC_KEY_LEN {
+ return None;
+ }
+
+ // When the out buffer is not null, the raw public key is written into it.
+ // Safety: the arguments are valid.
+ let raw_pkey: [u8; PUBLIC_KEY_LEN] = unsafe {
+ with_output_array(|out, _| {
+ assert_eq!(
+ 1,
+ bssl_sys::EVP_PKEY_get_raw_public_key(pkey.as_ffi_ptr(), out, &mut out_len)
+ );
+ })
+ };
+ Some(PublicKey(raw_pkey))
+ }
+
+ /// Serialize this key in SubjectPublicKeyInfo format.
+ pub fn to_der_subject_public_key_info(&self) -> Buffer {
+ // Safety: this only copies from the `self.0` buffer.
+ let mut pkey = scoped::EvpPkey::from_ptr(unsafe {
+ bssl_sys::EVP_PKEY_new_raw_public_key(
+ bssl_sys::EVP_PKEY_ED25519,
+ /*unused=*/ core::ptr::null_mut(),
+ self.0.as_ffi_ptr(),
+ PUBLIC_KEY_LEN,
+ )
+ });
+ assert!(!pkey.as_ffi_ptr().is_null());
+
+ cbb_to_buffer(PUBLIC_KEY_LEN + 32, |cbb| unsafe {
+ // The arguments are valid so this will only fail if out of memory,
+ // which this crate doesn't handle.
+ assert_eq!(1, bssl_sys::EVP_marshal_public_key(cbb, pkey.as_ffi_ptr()));
+ })
+ }
+
/// Verifies that `signature` is a valid signature, by this key, of `msg`.
pub fn verify(&self, msg: &[u8], signature: &Signature) -> Result<(), InvalidSignatureError> {
let ret = unsafe {
@@ -183,6 +246,29 @@
}
#[test]
+ fn der_subject_public_key_info() {
+ let priv_key = PrivateKey::generate();
+ let msg = [0u8; 0];
+ let sig = priv_key.sign(&msg);
+
+ let pub_key = priv_key.to_public();
+ assert!(pub_key.verify(&msg, &sig).is_ok());
+
+ let pub_key_der = pub_key.to_der_subject_public_key_info();
+ let pub_key_from_der =
+ PublicKey::from_der_subject_public_key_info(pub_key_der.as_ref()).unwrap();
+ assert_eq!(pub_key.as_bytes(), pub_key_from_der.as_bytes());
+ assert!(pub_key_from_der.verify(&msg, &sig).is_ok());
+
+ assert!(PublicKey::from_der_subject_public_key_info(
+ &pub_key_from_der.as_bytes()[0..PUBLIC_KEY_LEN / 2]
+ )
+ .is_none());
+
+ assert!(PublicKey::from_der_subject_public_key_info(b"").is_none());
+ }
+
+ #[test]
fn empty_msg() {
// Test Case 1 from RFC test vectors: https://www.rfc-editor.org/rfc/rfc8032#section-7.1
let pk = test_helpers::decode_hex(
diff --git a/rust/bssl-crypto/src/hkdf.rs b/rust/bssl-crypto/src/hkdf.rs
index 24343ae..968e644 100644
--- a/rust/bssl-crypto/src/hkdf.rs
+++ b/rust/bssl-crypto/src/hkdf.rs
@@ -184,9 +184,7 @@
evp_md: *const bssl_sys::EVP_MD,
}
-#[allow(clippy::let_unit_value,
- clippy::unwrap_used,
-)]
+#[allow(clippy::let_unit_value, clippy::unwrap_used)]
impl Prk {
/// Creates a Prk from bytes.
pub fn new<MD: digest::Algorithm>(prk_bytes: &[u8]) -> Option<Self> {
@@ -210,10 +208,11 @@
/// Returns the bytes of the pseudorandom key.
pub fn as_bytes(&self) -> &[u8] {
- self.prk.get(..self.len)
- // unwrap:`self.len` must be less than the length of `self.prk` thus
- // this is always in bounds.
- .unwrap()
+ self.prk
+ .get(..self.len)
+ // unwrap:`self.len` must be less than the length of `self.prk` thus
+ // this is always in bounds.
+ .unwrap()
}
/// Derive key material for the given info parameter. Attempting
diff --git a/rust/bssl-crypto/src/hpke.rs b/rust/bssl-crypto/src/hpke.rs
index 2259140..12010ac 100644
--- a/rust/bssl-crypto/src/hpke.rs
+++ b/rust/bssl-crypto/src/hpke.rs
@@ -95,7 +95,6 @@
}
}
-
fn from_rfc_id(n: u16) -> Option<Kem> {
match n {
n if n == Kem::P256HkdfSha256 as u16 => Some(Self::P256HkdfSha256),
