Skip to content

Commit

Permalink
Add support for parsing signature parameters and value (closes #94)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chifflier
chifflier committed Jun 23, 2022
1 parent 15cb5d7 commit 558a212
Show file tree
Hide file tree
Showing 7 changed files with 416 additions and 13 deletions.
2 changes: 1 addition & 1 deletion Cargo.toml
View file
Expand Up @@ -45,7 +45,7 @@ base64 = "0.13"
data-encoding = "2.2.1"
lazy_static = "1.4"
nom = "7.0"
oid-registry = { version="0.6", features=["crypto", "x509"] }
oid-registry = { version="0.6", features=["crypto", "x509", "x962"] }
rusticata-macros = "4.0"
ring = { version="0.16.11", optional=true }
der-parser = { version = "8.1.0", features=["bigint"] }
Expand Down
71 changes: 68 additions & 3 deletions examples/print-cert.rs
View file
Expand Up @@ -8,6 +8,7 @@ use std::io;
use std::net::{Ipv4Addr, Ipv6Addr};
use x509_parser::prelude::*;
use x509_parser::public_key::PublicKey;
use x509_parser::signature_algorithm::SignatureAlgorithm;

const PARSE_ERRORS_FATAL: bool = false;
#[cfg(feature = "validate")]
Expand Down Expand Up @@ -167,9 +168,10 @@ fn print_x509_info(x509: &X509Certificate) -> io::Result<()> {
println!(" is_valid: {}", x509.validity().is_valid());
println!(" Subject Public Key Info:");
print_x509_ski(x509.public_key());
println!(" Signature Algorithm:");
print_x509_digest_algorithm(&x509.signature_algorithm, 4);
for l in format_number_to_hex_with_colon(x509.signature_value.data, 16) {
print_x509_signature_algorithm(&x509.signature_algorithm, 4);

println!(" Signature Value:");
for l in format_number_to_hex_with_colon(&x509.signature_value.data, 16) {
println!(" {}", l);
}
println!(" Extensions:");
Expand Down Expand Up @@ -224,6 +226,69 @@ fn print_x509_info(x509: &X509Certificate) -> io::Result<()> {
Ok(())
}

fn print_x509_signature_algorithm(signature_algorithm: &AlgorithmIdentifier, indent: usize) {
match SignatureAlgorithm::try_from(signature_algorithm) {
Ok(sig_alg) => {
print!(" Signature Algorithm: ");
match sig_alg {
SignatureAlgorithm::DSA => println!("DSA"),
SignatureAlgorithm::ECDSA => println!("ECDSA"),
SignatureAlgorithm::ED25519 => println!("ED25519"),
SignatureAlgorithm::RSA => println!("RSA"),
SignatureAlgorithm::RSASSA_PSS(params) => {
println!("RSASSA-PSS");
let indent_s = format!("{:indent$}", "", indent = indent + 2);
println!(
"{}Hash Algorithm: {}",
indent_s,
format_oid(params.hash_algorithm_oid()),
);
print!("{}Mask Generation Function: ", indent_s);
if let Ok(mask_gen) = params.mask_gen_algorithm() {
println!(
"{}/{}",
format_oid(&mask_gen.mgf),
format_oid(&mask_gen.hash),
);
} else {
println!("INVALID");
}
println!("{}Salt Length: {}", indent_s, params.salt_length());
}
SignatureAlgorithm::RSAAES_OAEP(params) => {
println!("RSAAES-OAEP");
let indent_s = format!("{:indent$}", "", indent = indent + 2);
println!(
"{}Hash Algorithm: {}",
indent_s,
format_oid(params.hash_algorithm_oid()),
);
print!("{}Mask Generation Function: ", indent_s);
if let Ok(mask_gen) = params.mask_gen_algorithm() {
println!(
"{}/{}",
format_oid(&mask_gen.mgf),
format_oid(&mask_gen.hash),
);
} else {
println!("INVALID");
}
println!(
"{}pSourceFunc: {}",
indent_s,
format_oid(&params.p_source_alg().algorithm),
);
}
}
}
Err(e) => {
eprintln!("Could not parse signature algorithm: {}", e);
println!(" Signature Algorithm:");
print_x509_digest_algorithm(signature_algorithm, indent);
}
}
}

fn print_x509_ski(public_key: &SubjectPublicKeyInfo) {
println!(" Public Key Algorithm:");
print_x509_digest_algorithm(&public_key.algorithm, 6);
Expand Down
11 changes: 4 additions & 7 deletions src/extensions/generalname.rs
View file
Expand Up @@ -2,13 +2,10 @@ use super::UnparsedObject;
use crate::error::{X509Error, X509Result};
use crate::prelude::format_serial;
use crate::x509::X509Name;
use asn1_rs::FromDer;
use der_parser::der::*;
use der_parser::error::BerError;
use der_parser::oid::Oid;
use nom::bytes::streaming::take;
use nom::combinator::{all_consuming, verify};
use nom::{Err, IResult, Needed};
use asn1_rs::{Any, CheckDerConstraints, Class, Error, FromDer, Oid, Sequence};
use core::convert::TryFrom;
use nom::combinator::all_consuming;
use nom::{Err, IResult};
use std::fmt;

#[derive(Clone, Debug, PartialEq)]
Expand Down
2 changes: 2 additions & 0 deletions src/lib.rs
View file
Expand Up @@ -141,6 +141,8 @@ pub mod pem;
pub mod prelude;
pub mod public_key;
pub mod revocation_list;
pub mod signature_algorithm;
pub mod signature_value;
pub mod time;
pub mod utils;
#[cfg(feature = "validate")]
Expand Down
6 changes: 4 additions & 2 deletions src/objects.rs
View file
Expand Up @@ -19,15 +19,17 @@
//! ```

use crate::error::NidError;
use der_parser::oid::Oid;
use asn1_rs::{oid, Oid};
use lazy_static::lazy_static;
use oid_registry::*;
use std::collections::HashMap;

lazy_static! {
static ref OID_REGISTRY: OidRegistry<'static> = {
let reg = OidRegistry::default().with_all_crypto().with_x509();
let mut reg = OidRegistry::default().with_all_crypto().with_x509();
// OIDs not in the default registry can be added here
let entry = OidEntry::new("id-mgf1", "Mask Generator Function 1 (MGF1)");
reg.insert(oid! {1.2.840.113549.1.1.8}, entry);
reg
};
static ref ABBREV_MAP: HashMap<Oid<'static>, &'static str> = {
Expand Down

0 comments on commit 558a212

Please sign in to comment.