pkcs12 0.1.0

Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #12: Personal Information Exchange Syntax v1.1 (RFC7292)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

//! pkcs-12PbeParams implementation

use der::{asn1::OctetString, Sequence, ValueOrd};
use spki::AlgorithmIdentifierOwned;

/// The `pkcs-12PbeParams` type is defined in [RFC 7292 Appendix C].
///
///```text
///    pkcs-12PbeParams ::= SEQUENCE {
//        salt        OCTET STRING,
//        iterations  INTEGER
//    }
///```
///
/// [RFC 7292 Appendix C]: https://www.rfc-editor.org/rfc/rfc7292#appendix-C
#[derive(Clone, Debug, Eq, PartialEq, Sequence, ValueOrd)]
pub struct Pkcs12PbeParams {
    /// the MAC digest info
    pub salt: OctetString,

    /// the number of iterations
    pub iterations: i32,
}

/// Password-Based Key Derivation Scheme 2 parameters as defined in
/// [RFC 8018 Appendix A.2].
///
/// ```text
/// PBKDF2-params ::= SEQUENCE {
///     salt CHOICE {
///         specified OCTET STRING,
///         otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
///     },
///     iterationCount INTEGER (1..MAX),
///     keyLength INTEGER (1..MAX) OPTIONAL,
///     prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT
///     algid-hmacWithSHA1 }
/// ```
///
/// [RFC 8018 Appendix A.2]: https://tools.ietf.org/html/rfc8018#appendix-A.2
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
pub struct Pbkdf2Params {
    /// PBKDF2 salt
    // TODO(tarcieri): support `CHOICE` with `otherSource`
    pub salt: OctetString,

    /// PBKDF2 iteration count
    pub iteration_count: u32,

    /// PBKDF2 output length
    pub key_length: Option<u16>,

    /// Pseudo-random function to use with PBKDF2
    pub prf: AlgorithmIdentifierOwned,
}

/// EncryptedPrivateKeyInfo ::= SEQUENCE {
///   encryptionAlgorithm  EncryptionAlgorithmIdentifier,
///   encryptedData        EncryptedData }
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct EncryptedPrivateKeyInfo {
    pub encryption_algorithm: AlgorithmIdentifierOwned,
    pub encrypted_data: OctetString,
}

///```text
/// PBES2-params ::= SEQUENCE {
///      keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}},
///      encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} }
///```
#[derive(Clone, Debug, Eq, PartialEq, Sequence)]
#[allow(missing_docs)]
pub struct Pbes2Params {
    pub kdf: AlgorithmIdentifierOwned,
    pub encryption: AlgorithmIdentifierOwned,
}