diff --git a/Cargo.lock b/Cargo.lock index f0eb0e1..4a9987a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -165,13 +165,13 @@ dependencies = [ ] [[package]] -name = "ecdsa" +name = "elliptic-curve" version = "0.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "generic-array 0.12.3 (registry+https://github.com/rust-lang/crates.io-index)", - "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", - "signature 1.0.0-pre.1 (registry+https://github.com/rust-lang/crates.io-index)", + "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)", + "zeroize 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -682,14 +682,6 @@ dependencies = [ "opaque-debug 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "signature" -version = "1.0.0-pre.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "smallvec" version = "0.6.13" @@ -851,7 +843,7 @@ version = "0.0.3" dependencies = [ "der-parser 3.0.3 (registry+https://github.com/rust-lang/crates.io-index)", "des 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", - "ecdsa 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", + "elliptic-curve 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)", "env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "getrandom 0.1.13 (registry+https://github.com/rust-lang/crates.io-index)", "hmac 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", @@ -913,7 +905,7 @@ dependencies = [ "checksum der-parser 3.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "537a7d6becb8c3cae3bab31439c248a12d43267ccc0b1a0333362b7cefb61c3e" "checksum des 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "74ba5f1b5aee9772379c2670ba81306e65a93c0ee3caade7a1d22b188d88a3af" "checksum digest 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" -"checksum ecdsa 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e1dd187cba85a8c826912572f4f76045d2e613b42e08a4c2896eefe1adf3f347" +"checksum elliptic-curve 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "342ea582a079652558003752f75ed8ed7e6b57d883b4015cde9e8982db0bda39" "checksum env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "44533bbbb3bb3c1fa17d9f2e4e38bbbaf8396ba82193c4cb1b6445d711445d36" "checksum failure 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "f8273f13c977665c5db7eb2b99ae520952fe5ac831ae4cd09d80c4c7042b5ed9" "checksum failure_derive 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "0bc225b78e0391e4b8683440bf2e63c2deeeb2ce5189eab46e2b68c6d3725d08" @@ -974,7 +966,6 @@ dependencies = [ "checksum serde 1.0.103 (registry+https://github.com/rust-lang/crates.io-index)" = "1217f97ab8e8904b57dd22eb61cde455fa7446a9c1cf43966066da047c1f3702" "checksum sha-1 0.8.1 (registry+https://github.com/rust-lang/crates.io-index)" = "23962131a91661d643c98940b20fcaffe62d776a823247be80a48fcb8b6fce68" "checksum sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)" = "7b4d8bfd0e469f417657573d8451fb33d16cfe0989359b93baf3a1ffc639543d" -"checksum signature 1.0.0-pre.1 (registry+https://github.com/rust-lang/crates.io-index)" = "a0cfcdc45066661979294e965c21b60355da35eb5d638af8143e5aa83fdfce53" "checksum smallvec 0.6.13 (registry+https://github.com/rust-lang/crates.io-index)" = "f7b0758c52e15a8b5e3691eae6cc559f08eee9406e548a4477ba4e67770a82b6" "checksum spin 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" "checksum static_assertions 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "7f3eb36b47e512f8f1c9e3d10c2c1965bc992bd9cdb024fa581e2194501c83d3" diff --git a/Cargo.toml b/Cargo.toml index 149466b..4084d49 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -24,7 +24,7 @@ maintenance = { status = "experimental" } [dependencies] der-parser = "3" des = "0.3" -ecdsa = "0.1" +elliptic-curve = "0.1" getrandom = "0.1" hmac = "0.7" log = "0.4" diff --git a/src/certificate.rs b/src/certificate.rs index e11b303..d8c8f3d 100644 --- a/src/certificate.rs +++ b/src/certificate.rs @@ -39,9 +39,9 @@ use crate::{ yubikey::YubiKey, Buffer, }; -use ecdsa::{ - curve::{CompressedCurvePoint, NistP256, NistP384, UncompressedCurvePoint}, - generic_array::GenericArray, +use elliptic_curve::weierstrass::{ + curve::{NistP256, NistP384}, + PublicKey as EcPublicKey, }; use log::error; use rsa::{PublicKey, RSAPublicKey}; @@ -55,26 +55,6 @@ const OID_EC_PUBLIC_KEY: &str = "1.2.840.10045.2.1"; const OID_NIST_P256: &str = "1.2.840.10045.3.1.7"; const OID_NIST_P384: &str = "1.3.132.0.34"; -/// An encoded point on the Nist P-256 curve. -#[derive(Clone, Eq, PartialEq)] -pub enum EcP256Point { - /// Compressed encoding of a point on the curve. - Compressed(CompressedCurvePoint), - - /// Uncompressed encoding of a point on the curve. - Uncompressed(UncompressedCurvePoint), -} - -/// An encoded point on the Nist P-384 curve. -#[derive(Clone, Eq, PartialEq)] -pub enum EcP384Point { - /// Compressed encoding of a point on the curve. - Compressed(CompressedCurvePoint), - - /// Uncompressed encoding of a point on the curve. - Uncompressed(UncompressedCurvePoint), -} - /// Information about a public key within a [`Certificate`]. #[derive(Clone, Eq, PartialEq)] pub enum PublicKeyInfo { @@ -88,10 +68,10 @@ pub enum PublicKeyInfo { }, /// EC P-256 keys - EcP256(EcP256Point), + EcP256(EcPublicKey), /// EC P-384 keys - EcP384(EcP384Point), + EcP384(EcPublicKey), } impl fmt::Debug for PublicKeyInfo { @@ -118,32 +98,12 @@ impl PublicKeyInfo { OID_EC_PUBLIC_KEY => { let key_bytes = &subject_pki.subject_public_key.data; match read_pki::ec_parameters(&subject_pki.algorithm.parameters)? { - AlgorithmId::EccP256 => match key_bytes.len() { - 33 => CompressedCurvePoint::::from_bytes( - GenericArray::clone_from_slice(key_bytes), - ) - .map(EcP256Point::Compressed), - 65 => UncompressedCurvePoint::::from_bytes( - GenericArray::clone_from_slice(key_bytes), - ) - .map(EcP256Point::Uncompressed), - _ => None, - } - .map(PublicKeyInfo::EcP256) - .ok_or(Error::InvalidObject), - AlgorithmId::EccP384 => match key_bytes.len() { - 49 => CompressedCurvePoint::::from_bytes( - GenericArray::clone_from_slice(key_bytes), - ) - .map(EcP384Point::Compressed), - 97 => UncompressedCurvePoint::::from_bytes( - GenericArray::clone_from_slice(key_bytes), - ) - .map(EcP384Point::Uncompressed), - _ => None, - } - .map(PublicKeyInfo::EcP384) - .ok_or(Error::InvalidObject), + AlgorithmId::EccP256 => EcPublicKey::from_bytes(key_bytes) + .map(PublicKeyInfo::EcP256) + .ok_or(Error::InvalidObject), + AlgorithmId::EccP384 => EcPublicKey::from_bytes(key_bytes) + .map(PublicKeyInfo::EcP384) + .ok_or(Error::InvalidObject), _ => Err(Error::AlgorithmError), } }