diff options
author | Kai Michaelis <kai@sequoia-pgp.org> | 2018-04-27 15:23:44 +0200 |
---|---|---|
committer | Kai Michaelis <kai@sequoia-pgp.org> | 2018-04-27 15:23:44 +0200 |
commit | b7f222e30dcca320788ac622304c543bb25ad8df (patch) | |
tree | ef8df52395043ab7715006634ba196b092749e53 /openpgp | |
parent | e42a955de9401065896dd82f99d28e892afd3c02 (diff) |
openpgp: move HashAlgo -> OID func into hash.rs
Diffstat (limited to 'openpgp')
-rw-r--r-- | openpgp/src/hash.rs | 16 | ||||
-rw-r--r-- | openpgp/src/signature.rs | 26 |
2 files changed, 17 insertions, 25 deletions
diff --git a/openpgp/src/hash.rs b/openpgp/src/hash.rs index 2af93f8d..87832a9c 100644 --- a/openpgp/src/hash.rs +++ b/openpgp/src/hash.rs @@ -137,6 +137,22 @@ impl HashAlgo { Err(Error::UnknownHashAlgorithm(x).into()), } } + + pub fn oid(self) -> Result<&'static [u8]> { + use nettle::rsa; + + match self { + HashAlgo::SHA1 => Ok(rsa::ASN1_OID_SHA1), + HashAlgo::SHA224 => Ok(rsa::ASN1_OID_SHA224), + HashAlgo::SHA256 => Ok(rsa::ASN1_OID_SHA256), + HashAlgo::SHA384 => Ok(rsa::ASN1_OID_SHA384), + HashAlgo::SHA512 => Ok(rsa::ASN1_OID_SHA512), + HashAlgo::MD5 | HashAlgo::RipeMD => + Err(Error::UnknownHashAlgorithm(self.into()).into()), + HashAlgo::Private(x) | HashAlgo::Unknown(x) => + Err(Error::UnknownHashAlgorithm(x).into()), + } + } } impl Arbitrary for HashAlgo { diff --git a/openpgp/src/signature.rs b/openpgp/src/signature.rs index 6ac28e75..9a3ba091 100644 --- a/openpgp/src/signature.rs +++ b/openpgp/src/signature.rs @@ -13,11 +13,6 @@ use serialize::Serialize; use mpis::MPIs; use nettle::rsa; -use nettle::rsa::ASN1_OID_SHA1; -use nettle::rsa::ASN1_OID_SHA256; -use nettle::rsa::ASN1_OID_SHA384; -use nettle::rsa::ASN1_OID_SHA512; -use nettle::rsa::ASN1_OID_SHA224; use nettle::rsa::verify_digest_pkcs1; #[cfg(test)] @@ -162,26 +157,7 @@ impl Signature { // signature data in a PKCS1-v1.5 packet. // // [Section 5.2.2 and 5.2.3 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.2 - match hash_algo { - HashAlgo::MD5 => - return Err( - Error::BadSignature("MD5 is insecure".to_string()) - .into()), - HashAlgo::SHA1 => - verify_digest_pkcs1(&key, hash, ASN1_OID_SHA1, sig_mpi), - HashAlgo::SHA256 => - verify_digest_pkcs1(&key, hash, ASN1_OID_SHA256, sig_mpi), - HashAlgo::SHA384 => - verify_digest_pkcs1(&key, hash, ASN1_OID_SHA384, sig_mpi), - HashAlgo::SHA512 => - verify_digest_pkcs1(&key, hash, ASN1_OID_SHA512, sig_mpi), - HashAlgo::SHA224 => - verify_digest_pkcs1(&key, hash, ASN1_OID_SHA224, sig_mpi), - _ => - return Err( - Error::UnsupportedHashAlgorithm(hash_algo.into()) - .into()), - } + verify_digest_pkcs1(&key, hash, hash_algo.oid()?, sig_mpi) } /// Returns whether `key` generated the signature. |