openpgp: move HashAlgo -> OID func into hash.rs

author: Kai Michaelis <kai@sequoia-pgp.org> 2018-04-27 15:23:44 +0200
committer: Kai Michaelis <kai@sequoia-pgp.org> 2018-04-27 15:23:44 +0200
commit: b7f222e30dcca320788ac622304c543bb25ad8df (patch)
tree: ef8df52395043ab7715006634ba196b092749e53 /openpgp
parent: e42a955de9401065896dd82f99d28e892afd3c02 (diff)
2 files changed, 17 insertions, 25 deletions
diff --git a/openpgp/src/hash.rs b/openpgp/src/hash.rs
index 2af93f8d..87832a9c 100644
--- a/openpgp/src/hash.rs
+++ b/openpgp/src/hash.rs
@@ -137,6 +137,22 @@ impl HashAlgo {
                 Err(Error::UnknownHashAlgorithm(x).into()),
         }
     }
+
+    pub fn oid(self) -> Result<&'static [u8]> {
+        use nettle::rsa;
+
+        match self {
+            HashAlgo::SHA1 => Ok(rsa::ASN1_OID_SHA1),
+            HashAlgo::SHA224 => Ok(rsa::ASN1_OID_SHA224),
+            HashAlgo::SHA256 => Ok(rsa::ASN1_OID_SHA256),
+            HashAlgo::SHA384 => Ok(rsa::ASN1_OID_SHA384),
+            HashAlgo::SHA512 => Ok(rsa::ASN1_OID_SHA512),
+            HashAlgo::MD5 | HashAlgo::RipeMD =>
+                Err(Error::UnknownHashAlgorithm(self.into()).into()),
+            HashAlgo::Private(x) | HashAlgo::Unknown(x) =>
+                Err(Error::UnknownHashAlgorithm(x).into()),
+        }
+    }
 }
 
 impl Arbitrary for HashAlgo {
diff --git a/openpgp/src/signature.rs b/openpgp/src/signature.rs
index 6ac28e75..9a3ba091 100644
--- a/openpgp/src/signature.rs
+++ b/openpgp/src/signature.rs
@@ -13,11 +13,6 @@ use serialize::Serialize;
 use mpis::MPIs;
 
 use nettle::rsa;
-use nettle::rsa::ASN1_OID_SHA1;
-use nettle::rsa::ASN1_OID_SHA256;
-use nettle::rsa::ASN1_OID_SHA384;
-use nettle::rsa::ASN1_OID_SHA512;
-use nettle::rsa::ASN1_OID_SHA224;
 use nettle::rsa::verify_digest_pkcs1;
 
 #[cfg(test)]
@@ -162,26 +157,7 @@ impl Signature {
         // signature data in a PKCS1-v1.5 packet.
         //
         //   [Section 5.2.2 and 5.2.3 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-5.2.2
-        match hash_algo {
-            HashAlgo::MD5 =>
-                return Err(
-                    Error::BadSignature("MD5 is insecure".to_string())
-                        .into()),
-            HashAlgo::SHA1 =>
-                verify_digest_pkcs1(&key, hash, ASN1_OID_SHA1, sig_mpi),
-            HashAlgo::SHA256 =>
-                verify_digest_pkcs1(&key, hash, ASN1_OID_SHA256, sig_mpi),
-            HashAlgo::SHA384 =>
-                verify_digest_pkcs1(&key, hash, ASN1_OID_SHA384, sig_mpi),
-            HashAlgo::SHA512 =>
-                verify_digest_pkcs1(&key, hash, ASN1_OID_SHA512, sig_mpi),
-            HashAlgo::SHA224 =>
-                verify_digest_pkcs1(&key, hash, ASN1_OID_SHA224, sig_mpi),
-            _ =>
-                return Err(
-                    Error::UnsupportedHashAlgorithm(hash_algo.into())
-                        .into()),
-        }
+        verify_digest_pkcs1(&key, hash, hash_algo.oid()?, sig_mpi)
     }
 
     /// Returns whether `key` generated the signature.
author	Kai Michaelis <kai@sequoia-pgp.org>	2018-04-27 15:23:44 +0200
committer	Kai Michaelis <kai@sequoia-pgp.org>	2018-04-27 15:23:44 +0200
commit	b7f222e30dcca320788ac622304c543bb25ad8df (patch)
tree	ef8df52395043ab7715006634ba196b092749e53 /openpgp
parent	e42a955de9401065896dd82f99d28e892afd3c02 (diff)