From 6cff6fe07b4fa4ae82962cfd6f0a3a09af73fdc1 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Mon, 27 Feb 2023 17:39:08 -0700 Subject: [PATCH] sec1: encode `ECPrivateKey` version Regression where the version number was lost from the encoder as part of the changes in #828. It wasn't caught due to a lack of an encoding test, which has been added in this PR. --- sec1/Cargo.toml | 4 +++- sec1/src/lib.rs | 2 +- sec1/src/private_key.rs | 6 ++++-- sec1/tests/private_key.rs | 11 +++++++++++ sec1/tests/traits.rs | 2 +- 5 files changed, 20 insertions(+), 5 deletions(-) diff --git a/sec1/Cargo.toml b/sec1/Cargo.toml index b61879a98..a744bac40 100644 --- a/sec1/Cargo.toml +++ b/sec1/Cargo.toml @@ -30,12 +30,14 @@ tempfile = "3" [features] default = ["der", "point"] -alloc = ["der/alloc", "pkcs8/alloc", "zeroize/alloc"] +alloc = ["der?/alloc", "pkcs8?/alloc", "zeroize?/alloc"] std = ["alloc", "der?/std"] +der = ["dep:der", "zeroize"] pem = ["alloc", "der/pem", "pkcs8/pem"] point = ["dep:base16ct", "dep:generic-array"] serde = ["dep:serdect"] +zeroize = ["dep:zeroize", "der?/zeroize"] [package.metadata.docs.rs] all-features = true diff --git a/sec1/src/lib.rs b/sec1/src/lib.rs index 498026878..f6b419081 100644 --- a/sec1/src/lib.rs +++ b/sec1/src/lib.rs @@ -54,7 +54,7 @@ pub use generic_array::typenum::consts; #[cfg(feature = "der")] pub use crate::{parameters::EcParameters, private_key::EcPrivateKey, traits::DecodeEcPrivateKey}; -#[cfg(feature = "alloc")] +#[cfg(all(feature = "alloc", feature = "der"))] pub use crate::traits::EncodeEcPrivateKey; #[cfg(feature = "pem")] diff --git a/sec1/src/private_key.rs b/sec1/src/private_key.rs index a5f4962cf..531579936 100644 --- a/sec1/src/private_key.rs +++ b/sec1/src/private_key.rs @@ -13,7 +13,7 @@ use der::{ TagNumber, Writer, }; -#[cfg(feature = "alloc")] +#[cfg(all(feature = "alloc", feature = "zeroize"))] use der::SecretDocument; #[cfg(feature = "pem")] @@ -119,12 +119,14 @@ impl<'a> DecodeValue<'a> for EcPrivateKey<'a> { impl EncodeValue for EcPrivateKey<'_> { fn value_len(&self) -> der::Result { - OctetStringRef::new(self.private_key)?.encoded_len()? + VERSION.encoded_len()? + + OctetStringRef::new(self.private_key)?.encoded_len()? + self.context_specific_parameters().encoded_len()? + self.context_specific_public_key()?.encoded_len()? } fn encode_value(&self, writer: &mut impl Writer) -> der::Result<()> { + VERSION.encode(writer)?; OctetStringRef::new(self.private_key)?.encode(writer)?; self.context_specific_parameters().encode(writer)?; self.context_specific_public_key()?.encode(writer)?; diff --git a/sec1/tests/private_key.rs b/sec1/tests/private_key.rs index 5b985da84..224a947e7 100644 --- a/sec1/tests/private_key.rs +++ b/sec1/tests/private_key.rs @@ -6,6 +6,9 @@ use der::asn1::ObjectIdentifier; use hex_literal::hex; use sec1::{EcParameters, EcPrivateKey}; +#[cfg(feature = "alloc")] +use der::Encode; + /// NIST P-256 SEC1 private key encoded as ASN.1 DER. /// /// Note: this key is extracted from the corresponding `p256-priv.der` @@ -30,3 +33,11 @@ fn decode_p256_der() { ); assert_eq!(key.public_key, Some(hex!("041CACFFB55F2F2CEFD89D89EB374B2681152452802DEEA09916068137D839CF7FC481A44492304D7EF66AC117BEFE83A8D08F155F2B52F9F618DD447029048E0F").as_ref())); } + +#[cfg(feature = "alloc")] +#[test] +fn encode_p256_der() { + let key = EcPrivateKey::try_from(P256_DER_EXAMPLE).unwrap(); + let key_encoded = key.to_der().unwrap(); + assert_eq!(P256_DER_EXAMPLE, key_encoded); +} diff --git a/sec1/tests/traits.rs b/sec1/tests/traits.rs index 4bcd679b9..ab6e09a20 100644 --- a/sec1/tests/traits.rs +++ b/sec1/tests/traits.rs @@ -1,6 +1,6 @@ //! Tests for SEC1 encoding/decoding traits. -#![cfg(any(feature = "pem", feature = "std"))] +#![cfg(any(feature = "pem", all(feature = "der", feature = "std")))] use der::SecretDocument; use sec1::{DecodeEcPrivateKey, EncodeEcPrivateKey, Result};