rasn_cms/
algorithms.rs

1//! # Algorithms used with CMS.
2//! Algorithms OIDs and parameter data types.
3
4use rasn::prelude::*;
5
6use rasn_pkix::AlgorithmIdentifier;
7
8pub const SHA1: &Oid = Oid::ISO_IDENTIFIED_ORGANISATION_OIW_SECSIG_ALGORITHM_SHA1;
9pub const MD5: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_DIGEST_ALGORITHM_MD5;
10pub const DSA: &Oid = Oid::ISO_MEMBER_BODY_US_X957_X9CM_DSA;
11pub const DSA_WITH_SHA1: &Oid = Oid::ISO_MEMBER_BODY_US_X957_X9CM_DSA_SHA1;
12pub const RSA: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS1_RSA;
13pub const MD5_WITH_RSA: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS1_MD5_RSA;
14pub const SHA1_WITH_RSA: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS1_SHA1_RSA;
15pub const PUBLIC_NUMBER: &Oid = Oid::ISO_MEMBER_BODY_US_ANSI_X942_NUMBER_TYPE_PUBLIC;
16
17pub const ESDH: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS9_SMIME_ALGORITHM_ESDH;
18pub const SSDH: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS9_SMIME_ALGORITHM_SSDH;
19pub const CMS3DESWRAP: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS9_SMIME_ALGORITHM_CMS3DESWRAP;
20pub const CMS3RC2WRAP: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS9_SMIME_ALGORITHM_CMS3RC2WRAP;
21
22pub const DES_EDE3_CBC: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_ENCRYPTION_ALGORITHM_DES_EDE3_CBC;
23pub const RC2_CBC: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_ENCRYPTION_ALGORITHM_RC2_CBC;
24
25pub const HMAC_SHA1: &Oid =
26    Oid::ISO_IDENTIFIED_ORGANISATION_DOD_INTERNET_SECURITY_MECHANISMS_HMAC_SHA1;
27pub const PBKDF2: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS5_PBKDF2;
28pub const PBMAC1: &Oid = Oid::ISO_MEMBER_BODY_US_RSADSI_PKCS5_PBMAC1;
29
30pub const AES: &Oid = Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES;
31pub const AES128_CBC: &Oid =
32    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES128_CBC;
33pub const AES128_WRAP: &Oid =
34    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES128_WRAP;
35pub const AES192_CBC: &Oid =
36    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES192_CBC;
37pub const AES192_WRAP: &Oid =
38    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES192_WRAP;
39pub const AES256_CBC: &Oid =
40    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES256_CBC;
41pub const AES256_WRAP: &Oid =
42    Oid::JOINT_ISO_ITU_T_COUNTRY_US_ORGANIZATION_GOV_CSOR_NIST_ALGORITHMS_AES256_WRAP;
43
44pub type DssPubKey = Integer;
45pub type AesIv = OctetString;
46
47#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
48pub struct RsaPublicKey {
49    pub modulus: Integer,
50    pub public_exponent: Integer,
51}
52
53pub type DhPublicKey = Integer;
54
55#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
56pub struct DssSigValue {
57    pub r: Integer,
58    pub s: Integer,
59}
60
61#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
62pub struct DssParameters {
63    pub p: Integer,
64    pub q: Integer,
65    pub g: Integer,
66}
67
68#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
69pub struct DhDomainParameters {
70    pub prime: Integer,
71    pub generator: Integer,
72    pub factor: Integer,
73    pub subgroup_factor: Option<Integer>,
74    pub validation_parameters: Option<ValidationParameters>,
75}
76
77#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
78pub struct ValidationParameters {
79    pub seed: BitString,
80    pub pgen_counter: Integer,
81}
82
83pub type KeyWrapAlgorithm = AlgorithmIdentifier;
84pub type Rc2wrapParameter = Rc2ParameterVersion;
85pub type Rc2ParameterVersion = Integer;
86pub type CbcParameter = Iv;
87pub type Iv = OctetString;
88
89#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
90pub struct Rc2CbcParameter {
91    pub rc2_parameter_version: Integer,
92    pub iv: OctetString,
93}
94
95#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
96pub struct Pbkdf2Parameters {
97    pub salt: Pbkdf2Salt,
98    pub iteration_count: Integer,
99    pub key_length: Option<Integer>,
100    #[rasn(default = "default_pbkdf2_algorithm")]
101    pub prf: AlgorithmIdentifier,
102}
103
104pub fn default_pbkdf2_algorithm() -> AlgorithmIdentifier {
105    AlgorithmIdentifier {
106        algorithm: HMAC_SHA1.into(),
107        parameters: None,
108    }
109}
110
111#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
112#[rasn(choice)]
113pub enum Pbkdf2Salt {
114    Specified(OctetString),
115    OtherSource(AlgorithmIdentifier),
116}
117
118/// Password-Based Message Authentication Code 1 (PBMAC1) parameters defined in
119/// [RFC 8018 A.5](https://www.rfc-editor.org/rfc/rfc8018#appendix-A.5)
120#[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, PartialOrd, Eq, Ord, Hash)]
121pub struct Pbmac1Parameter {
122    pub key_derivation_func: AlgorithmIdentifier,
123    pub message_auth_scheme: AlgorithmIdentifier,
124}