smime-tree 0.2.0

S/MIME sign/verify/encrypt/decrypt via key traits
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

//! Shared signature-verification helpers used by both `cert` (issuer-sig chain
//! validation) and `verify` (CMS SignerInfo signature verification).
//!
//! Each function accepts an error-constructor closure so the caller can map
//! failures to the appropriate `SmimeError` variant (`CertChain` or `Other`).

use const_oid::AssociatedOid;
use der::Encode;
use p256::ecdsa::{DerSignature as P256DerSig, VerifyingKey as P256VerifyingKey};
use p384::ecdsa::{DerSignature as P384DerSig, VerifyingKey as P384VerifyingKey};
use rsa::{pkcs1v15, pkcs8::DecodePublicKey, RsaPublicKey};
use sha2::digest::Digest;
use x509_cert::Certificate;

use crate::SmimeError;

/// Verify an RSA PKCS#1 v1.5 signature.
///
/// `D` must be a digest with an associated OID so that `VerifyingKey::new` can
/// embed the DigestInfo prefix.  `err` maps a human-readable string to the
/// appropriate `SmimeError` variant at the call site.
pub(crate) fn verify_rsa_pkcs1<D>(
    cert: &Certificate,
    tbs_bytes: &[u8],
    sig_bytes: &[u8],
    err: impl Fn(String) -> SmimeError,
) -> Result<(), SmimeError>
where
    D: Digest + AssociatedOid,
{
    let spki_der = cert
        .tbs_certificate()
        .subject_public_key_info()
        .to_der()
        .map_err(|e| err(format!("SPKI DER encode: {e}")))?;
    let rsa_pub = RsaPublicKey::from_public_key_der(&spki_der).map_err(|e| err(e.to_string()))?;
    let verifying_key = pkcs1v15::VerifyingKey::<D>::new(rsa_pub);
    let signature = pkcs1v15::Signature::try_from(sig_bytes).map_err(|e| err(e.to_string()))?;
    rsa::signature::Verifier::verify(&verifying_key, tbs_bytes, &signature)
        .map_err(|e| err(format!("RSA sig verify: {e}")))
}

/// Verify an ECDSA-P256-SHA256 signature.
///
/// `err` maps a human-readable string to the appropriate `SmimeError` variant
/// at the call site.
pub(crate) fn verify_ecdsa_p256(
    cert: &Certificate,
    tbs_bytes: &[u8],
    sig_bytes: &[u8],
    err: impl Fn(String) -> SmimeError,
) -> Result<(), SmimeError> {
    let pub_bytes = cert
        .tbs_certificate()
        .subject_public_key_info()
        .subject_public_key
        .raw_bytes();
    let verifying_key =
        P256VerifyingKey::from_sec1_bytes(pub_bytes).map_err(|e| err(e.to_string()))?;
    let sig = P256DerSig::try_from(sig_bytes).map_err(|e| err(e.to_string()))?;
    rsa::signature::Verifier::verify(&verifying_key, tbs_bytes, &sig)
        .map_err(|e| err(format!("ECDSA P-256 sig verify: {e}")))
}

/// Verify an ECDSA-P384-SHA384 signature.
///
/// `err` maps a human-readable string to the appropriate `SmimeError` variant
/// at the call site.
pub(crate) fn verify_ecdsa_p384(
    cert: &Certificate,
    tbs_bytes: &[u8],
    sig_bytes: &[u8],
    err: impl Fn(String) -> SmimeError,
) -> Result<(), SmimeError> {
    let pub_bytes = cert
        .tbs_certificate()
        .subject_public_key_info()
        .subject_public_key
        .raw_bytes();
    let verifying_key =
        P384VerifyingKey::from_sec1_bytes(pub_bytes).map_err(|e| err(e.to_string()))?;
    let sig = P384DerSig::try_from(sig_bytes).map_err(|e| err(e.to_string()))?;
    rsa::signature::Verifier::verify(&verifying_key, tbs_bytes, &sig)
        .map_err(|e| err(format!("ECDSA P-384 sig verify: {e}")))
}