c2pa_raw_crypto 0.1.1

// Copyright 2024 Adobe. All rights reserved.
// This file is licensed to you under the Apache License,
// Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
// or the MIT license (http://opensource.org/licenses/MIT),
// at your option.

// Unless required by applicable law or agreed to in writing,
// this software is distributed on an "AS IS" BASIS, WITHOUT
// WARRANTIES OR REPRESENTATIONS OF ANY KIND, either express or
// implied. See the LICENSE-MIT and LICENSE-APACHE files for the
// specific language governing permissions and limitations under
// each license.

//! This module binds OpenSSL logic for validating raw signatures to this
//! crate's [`RawSignatureValidator`] trait.

use crate::{RawSignatureValidator, SigningAlg, oids::*};

mod ecdsa_validator;
pub(crate) use ecdsa_validator::EcdsaValidator;

mod ed25519_validator;
pub(crate) use ed25519_validator::Ed25519Validator;

mod rsa_legacy_validator;
pub(crate) use rsa_legacy_validator::RsaLegacyValidator;

mod rsa_validator;
pub(crate) use rsa_validator::RsaValidator;

/// Returns a validator for the given signing algorithm.
pub(crate) fn validator_for_signing_alg(alg: SigningAlg) -> Option<Box<dyn RawSignatureValidator>> {
    match alg {
        SigningAlg::Es256 => Some(Box::new(EcdsaValidator::Es256)),
        SigningAlg::Es384 => Some(Box::new(EcdsaValidator::Es384)),
        SigningAlg::Es512 => Some(Box::new(EcdsaValidator::Es512)),
        SigningAlg::Ed25519 => Some(Box::new(Ed25519Validator {})),
        SigningAlg::Ps256 => Some(Box::new(RsaValidator::Ps256)),
        SigningAlg::Ps384 => Some(Box::new(RsaValidator::Ps384)),
        SigningAlg::Ps512 => Some(Box::new(RsaValidator::Ps512)),
    }
}

/// `sig_alg` and `hash_alg` are the DER content octets of the respective OIDs.
pub(crate) fn validator_for_sig_and_hash_algs(
    sig_alg: &[u8],
    hash_alg: &[u8],
) -> Option<Box<dyn RawSignatureValidator>> {
    // Try signature algorithms first.
    if sig_alg == ECDSA_WITH_SHA256_OID.as_bytes() {
        return Some(Box::new(EcdsaValidator::Es256));
    }
    if sig_alg == ECDSA_WITH_SHA384_OID.as_bytes() {
        return Some(Box::new(EcdsaValidator::Es384));
    }
    if sig_alg == ECDSA_WITH_SHA512_OID.as_bytes() {
        return Some(Box::new(EcdsaValidator::Es512));
    }
    if sig_alg == SHA256_WITH_RSAENCRYPTION_OID.as_bytes() {
        return Some(Box::new(RsaLegacyValidator::Rsa256));
    }
    if sig_alg == SHA384_WITH_RSAENCRYPTION_OID.as_bytes() {
        return Some(Box::new(RsaLegacyValidator::Rsa384));
    }
    if sig_alg == SHA512_WITH_RSAENCRYPTION_OID.as_bytes() {
        return Some(Box::new(RsaLegacyValidator::Rsa512));
    }
    if sig_alg == ED25519_OID.as_bytes() {
        return Some(Box::new(Ed25519Validator {}));
    }

    // Test for public key algorithms next.
    if sig_alg == RSA_OID.as_bytes() {
        if hash_alg == SHA1_OID.as_bytes() {
            return Some(Box::new(RsaLegacyValidator::Sha1));
        } else if hash_alg == SHA256_OID.as_bytes() {
            return Some(Box::new(RsaLegacyValidator::Rsa256));
        } else if hash_alg == SHA384_OID.as_bytes() {
            return Some(Box::new(RsaLegacyValidator::Rsa384));
        } else if hash_alg == SHA512_OID.as_bytes() {
            return Some(Box::new(RsaLegacyValidator::Rsa512));
        }
    }

    // Handle RSS-PSS.
    if sig_alg == RSA_PSS_OID.as_bytes() {
        if hash_alg == SHA256_OID.as_bytes() {
            return Some(Box::new(RsaValidator::Ps256));
        } else if hash_alg == SHA384_OID.as_bytes() {
            return Some(Box::new(RsaValidator::Ps384));
        } else if hash_alg == SHA512_OID.as_bytes() {
            return Some(Box::new(RsaValidator::Ps512));
        }
    }

    // Handle elliptical curve and hash combinations.
    if sig_alg == EC_PUBLICKEY_OID.as_bytes() {
        if hash_alg == SHA256_OID.as_bytes() {
            return Some(Box::new(EcdsaValidator::Es256));
        } else if hash_alg == SHA384_OID.as_bytes() {
            return Some(Box::new(EcdsaValidator::Es384));
        } else if hash_alg == SHA512_OID.as_bytes() {
            return Some(Box::new(EcdsaValidator::Es512));
        }
    }

    None
}

#[cfg(test)]
mod tests {
    use crate::oids::*;

    #[test]
    fn validator_by_signature_alg_oid() {
        // These OIDs identify the signature algorithm directly, so a validator
        // resolves regardless of the (here empty) hash-algorithm OID.
        let resolves = |sig_oid: &crate::Oid| {
            super::validator_for_sig_and_hash_algs(sig_oid.as_bytes(), &[]).is_some()
        };

        assert!(resolves(&ECDSA_WITH_SHA256_OID));
        assert!(resolves(&ECDSA_WITH_SHA384_OID));
        assert!(resolves(&ECDSA_WITH_SHA512_OID));
        assert!(resolves(&SHA256_WITH_RSAENCRYPTION_OID));
        assert!(resolves(&SHA384_WITH_RSAENCRYPTION_OID));
        assert!(resolves(&SHA512_WITH_RSAENCRYPTION_OID));
        assert!(resolves(&ED25519_OID));

        // An unrecognized signature/hash OID pair resolves to nothing.
        assert!(super::validator_for_sig_and_hash_algs(&[0, 0, 0, 0], &[0, 0]).is_none());
    }
}