diff --git a/.github/workflows/const-oid.yml b/.github/workflows/const-oid.yml index 82083a2a7..a43ae868f 100644 --- a/.github/workflows/const-oid.yml +++ b/.github/workflows/const-oid.yml @@ -23,7 +23,7 @@ jobs: strategy: matrix: rust: - - 1.60.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -47,7 +47,7 @@ jobs: strategy: matrix: rust: - - 1.60.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/der.yml b/.github/workflows/der.yml index 694fb4c73..b04321a15 100644 --- a/.github/workflows/der.yml +++ b/.github/workflows/der.yml @@ -24,7 +24,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -51,7 +51,7 @@ jobs: # 32-bit Linux - targets: i686-unknown-linux-gnu platform: ubuntu-latest - rust: 1.65.0 # MSRV + rust: 1.71.0 # MSRV deps: sudo apt update && sudo apt install gcc-multilib - targets: i686-unknown-linux-gnu platform: ubuntu-latest @@ -61,7 +61,7 @@ jobs: # 64-bit Linux - targets: x86_64-unknown-linux-gnu platform: ubuntu-latest - rust: 1.65.0 # MSRV + rust: 1.71.0 # MSRV - targets: x86_64-unknown-linux-gnu platform: ubuntu-latest rust: stable @@ -70,7 +70,7 @@ jobs: # 64-bit Windows #- targets: x86_64-pc-windows-msvc # platform: windows-latest - # rust: 1.65.0 # MSRV + # rust: 1.71.0 # MSRV #- targets: x86_64-pc-windows-msvc # platform: windows-latest # rust: stable @@ -90,7 +90,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/pkcs1.yml b/.github/workflows/pkcs1.yml index 77ea98f9c..179bcf21e 100644 --- a/.github/workflows/pkcs1.yml +++ b/.github/workflows/pkcs1.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -52,7 +52,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/pkcs5.yml b/.github/workflows/pkcs5.yml index a7eed4d73..80dfef981 100644 --- a/.github/workflows/pkcs5.yml +++ b/.github/workflows/pkcs5.yml @@ -26,7 +26,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -51,7 +51,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/pkcs8.yml b/.github/workflows/pkcs8.yml index 875c0e4a0..f8f6c62ce 100644 --- a/.github/workflows/pkcs8.yml +++ b/.github/workflows/pkcs8.yml @@ -28,7 +28,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -53,7 +53,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/sec1.yml b/.github/workflows/sec1.yml index c868b9f90..45eaf385d 100644 --- a/.github/workflows/sec1.yml +++ b/.github/workflows/sec1.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: rust: - - 1.70.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -52,7 +52,7 @@ jobs: strategy: matrix: rust: - - 1.70.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/spki.yml b/.github/workflows/spki.yml index eaf51e899..c8a9c609b 100644 --- a/.github/workflows/spki.yml +++ b/.github/workflows/spki.yml @@ -26,7 +26,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable target: - thumbv7em-none-eabi @@ -51,7 +51,7 @@ jobs: strategy: matrix: rust: - - 1.65.0 # MSRV + - 1.71.0 # MSRV - stable steps: - uses: actions/checkout@v4 diff --git a/const-oid/Cargo.toml b/const-oid/Cargo.toml index 8ec7451cd..368bb6586 100644 --- a/const-oid/Cargo.toml +++ b/const-oid/Cargo.toml @@ -14,7 +14,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i keywords = ["iso", "iec", "itu", "oid"] readme = "README.md" edition = "2021" -rust-version = "1.60" +rust-version = "1.71" [dependencies] arbitrary = { version = "1.2", optional = true, features = ["derive"] } diff --git a/const-oid/README.md b/const-oid/README.md index cf7e5ffac..bd6ca28fe 100644 --- a/const-oid/README.md +++ b/const-oid/README.md @@ -57,7 +57,7 @@ well as a runtime OID library. ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -84,7 +84,7 @@ dual licensed as above, without any additional terms or conditions. [docs-image]: https://docs.rs/const-oid/badge.svg [docs-link]: https://docs.rs/const-oid/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [build-image]: https://github.com/RustCrypto/formats/workflows/const-oid/badge.svg?branch=master&event=push diff --git a/const-oid/src/buffer.rs b/const-oid/src/buffer.rs index 2eba637b5..10ee64327 100644 --- a/const-oid/src/buffer.rs +++ b/const-oid/src/buffer.rs @@ -12,8 +12,8 @@ pub struct Buffer { impl Buffer { /// Borrow the inner byte slice. - pub fn as_bytes(&self) -> &[u8] { - &self.bytes[..self.length as usize] + pub const fn as_bytes(&self) -> &[u8] { + self.bytes.split_at(self.length as usize).0 } /// Get the length of the BER message. diff --git a/const-oid/src/encoder.rs b/const-oid/src/encoder.rs index d7395c083..049e60ab2 100644 --- a/const-oid/src/encoder.rs +++ b/const-oid/src/encoder.rs @@ -7,12 +7,12 @@ use crate::{ /// BER/DER encoder #[derive(Debug)] -pub(crate) struct Encoder { +pub(crate) struct Encoder { /// Current state state: State, /// Bytes of the OID being encoded in-progress - bytes: [u8; ObjectIdentifier::MAX_SIZE], + bytes: [u8; MAX_SIZE], /// Current position within the byte buffer cursor: usize, @@ -31,18 +31,18 @@ enum State { Body, } -impl Encoder { +impl Encoder { /// Create a new encoder initialized to an empty default state. pub(crate) const fn new() -> Self { Self { state: State::Initial, - bytes: [0u8; ObjectIdentifier::MAX_SIZE], + bytes: [0u8; MAX_SIZE], cursor: 0, } } /// Extend an existing OID. - pub(crate) const fn extend(oid: ObjectIdentifier) -> Self { + pub(crate) const fn extend(oid: ObjectIdentifier) -> Self { Self { state: State::Body, bytes: oid.buffer.bytes, @@ -99,7 +99,7 @@ impl Encoder { } /// Finish encoding an OID. - pub(crate) const fn finish(self) -> Result { + pub(crate) const fn finish(self) -> Result> { if self.cursor >= 2 { let bytes = Buffer { bytes: self.bytes, @@ -156,7 +156,7 @@ mod tests { #[test] fn encode() { - let encoder = Encoder::new(); + let encoder = Encoder::<7>::new(); let encoder = encoder.arc(1).unwrap(); let encoder = encoder.arc(2).unwrap(); let encoder = encoder.arc(840).unwrap(); diff --git a/const-oid/src/lib.rs b/const-oid/src/lib.rs index b966f2703..d85d60165 100644 --- a/const-oid/src/lib.rs +++ b/const-oid/src/lib.rs @@ -146,50 +146,15 @@ impl ObjectIdentifier { Ok(oid) } - - /// Get the parent OID of this one (if applicable). - pub fn parent(&self) -> Option { - let num_arcs = self.len().checked_sub(1)?; - Self::from_arcs(self.arcs().take(num_arcs)).ok() - } - - /// Push an additional arc onto this OID, returning the child OID. - pub const fn push_arc(self, arc: Arc) -> Result { - // TODO(tarcieri): use `?` when stable in `const fn` - match Encoder::extend(self).arc(arc) { - Ok(encoder) => encoder.finish(), - Err(err) => Err(err), - } - } - - /// Does this OID start with the other OID? - pub fn starts_with(&self, other: ObjectIdentifier) -> bool { - let mut self_arcs = self.arcs(); - - for other_arc in other.arcs() { - match self_arcs.next() { - Some(arc) => { - if arc != other_arc { - return false; - } - } - None => { - return false; - } - } - } - - true - } } impl ObjectIdentifier { /// Get the BER/DER serialization of this OID as bytes. /// - /// Note that this encoding omits the tag/length, and only contains the - /// value portion of the encoded OID. - pub fn as_bytes(&self) -> &[u8] { - self.buffer.as_ref() + /// Note that this encoding omits the tag/length, and only contains the value portion of the + /// encoded OID. + pub const fn as_bytes(&self) -> &[u8] { + self.buffer.as_bytes() } /// Return the arc with the given index, if it exists. @@ -208,11 +173,55 @@ impl ObjectIdentifier { pub fn len(&self) -> usize { self.arcs().count() } + + /// Get the parent OID of this one (if applicable). + pub fn parent(&self) -> Option { + let num_arcs = self.len().checked_sub(1)?; + let mut encoder = Encoder::new(); + + for arc in self.arcs().take(num_arcs) { + encoder = encoder.arc(arc).ok()?; + } + + encoder.finish().ok() + } + + /// Push an additional arc onto this OID, returning the child OID. + pub const fn push_arc(self, arc: Arc) -> Result { + // TODO(tarcieri): use `?` when stable in `const fn` + match Encoder::extend(self).arc(arc) { + Ok(encoder) => encoder.finish(), + Err(err) => Err(err), + } + } + + /// Does this OID start with the other OID? + pub const fn starts_with(&self, other: ObjectIdentifier) -> bool { + let len = other.as_bytes().len(); + + if self.as_bytes().len() < len { + return false; + } + + let mut i = 0; + while i < len { + if self.as_bytes()[i] != other.as_bytes()[i] { + return false; + } + + match i.checked_add(1) { + Some(succ) => i = succ, + None => return false, + } + } + + true + } } impl AsRef<[u8]> for ObjectIdentifier { fn as_ref(&self) -> &[u8] { - self.as_bytes() + self.buffer.as_bytes() } } diff --git a/const-oid/src/parser.rs b/const-oid/src/parser.rs index b0649e127..41020f037 100644 --- a/const-oid/src/parser.rs +++ b/const-oid/src/parser.rs @@ -11,7 +11,7 @@ pub(crate) struct Parser { current_arc: Arc, /// BER/DER encoder - encoder: Encoder, + encoder: Encoder<{ ObjectIdentifier::MAX_SIZE }>, } impl Parser { diff --git a/der/Cargo.toml b/der/Cargo.toml index 3667bdbd2..72f79d39b 100644 --- a/der/Cargo.toml +++ b/der/Cargo.toml @@ -13,7 +13,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i keywords = ["asn1", "crypto", "itu", "pkcs"] readme = "README.md" edition = "2021" -rust-version = "1.65" +rust-version = "1.71" [dependencies] arbitrary = { version = "1.3", features = ["derive"], optional = true } diff --git a/der/README.md b/der/README.md index f13053ffe..d47891d9a 100644 --- a/der/README.md +++ b/der/README.md @@ -18,15 +18,15 @@ This crate provides a `no_std`-friendly implementation of a subset of ASN.1 DER necessary for decoding/encoding the following cryptography-related formats implemented as crates maintained by the [RustCrypto] project: +- [`cms`]: Cryptographic Message Syntax - [`pkcs1`]: RSA Cryptography Specifications - [`pkcs5`]: Password-Based Cryptography Specification -- [`pkcs7`]: Cryptographic Message Syntax - [`pkcs8`]: Private-Key Information Syntax Specification -- [`pkcs10`]: Certification Request Syntax Specification +- [`pkcs12`]: Personal Information Exchange Syntax - [`sec1`]: Elliptic Curve Cryptography - [`spki`]: X.509 Subject Public Key Info -- [`x501`]: Directory Services Types -- [`x509`]: Public Key Infrastructure Certificate +- [`x509-cert`]: Public Key Infrastructure Certificate +- [`x509-ocsp`]: Online Certificate Status Protocol The core implementation avoids any heap usage (with convenience methods that allocate gated under the off-by-default `alloc` feature). @@ -49,7 +49,7 @@ encountered. There is currently no way to disable these checks. ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -78,19 +78,19 @@ dual licensed as above, without any additional terms or conditions. [build-image]: https://github.com/RustCrypto/formats/actions/workflows/der.yml/badge.svg [build-link]: https://github.com/RustCrypto/formats/actions/workflows/der.yml [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [//]: # (links) [RustCrypto]: https://github.com/rustcrypto +[`cms`]: https://github.com/RustCrypto/formats/tree/master/cms [`pkcs1`]: https://github.com/RustCrypto/formats/tree/master/pkcs1 [`pkcs5`]: https://github.com/RustCrypto/formats/tree/master/pkcs5 -[`pkcs7`]: https://github.com/RustCrypto/formats/tree/master/pkcs7 [`pkcs8`]: https://github.com/RustCrypto/formats/tree/master/pkcs8 -[`pkcs10`]: https://github.com/RustCrypto/formats/tree/master/pkcs10 +[`pkcs12`]: https://github.com/RustCrypto/formats/tree/master/pkcs12 [`sec1`]: https://github.com/RustCrypto/formats/tree/master/sec1 [`spki`]: https://github.com/RustCrypto/formats/tree/master/spki -[`x501`]: https://github.com/RustCrypto/formats/tree/master/x501 -[`x509`]: https://github.com/RustCrypto/formats/tree/master/x509 +[`x509-cert`]: https://github.com/RustCrypto/formats/tree/master/x509-cert +[`x509-ocsp`]: https://github.com/RustCrypto/formats/tree/master/x509-ocsp diff --git a/pkcs1/Cargo.toml b/pkcs1/Cargo.toml index 083d9a593..0731a7fc9 100644 --- a/pkcs1/Cargo.toml +++ b/pkcs1/Cargo.toml @@ -12,7 +12,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i keywords = ["crypto", "key", "pem", "pkcs", "rsa"] readme = "README.md" edition = "2021" -rust-version = "1.60" +rust-version = "1.71" [dependencies] der = { version = "=0.8.0-pre", features = ["oid"] } diff --git a/pkcs1/README.md b/pkcs1/README.md index 597a1b20a..297783f92 100644 --- a/pkcs1/README.md +++ b/pkcs1/README.md @@ -31,7 +31,7 @@ PEM encoded RSA public keys begin with: ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -58,7 +58,7 @@ dual licensed as above, without any additional terms or conditions. [docs-image]: https://docs.rs/pkcs1/badge.svg [docs-link]: https://docs.rs/pkcs1/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [build-image]: https://github.com/RustCrypto/formats/workflows/pkcs1/badge.svg?branch=master&event=push diff --git a/pkcs5/Cargo.toml b/pkcs5/Cargo.toml index 9f31fabf2..23bc2dac5 100644 --- a/pkcs5/Cargo.toml +++ b/pkcs5/Cargo.toml @@ -12,7 +12,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std"] keywords = ["crypto", "key", "pkcs", "password"] readme = "README.md" edition = "2021" -rust-version = "1.65" +rust-version = "1.71" [dependencies] der = { version = "=0.8.0-pre", features = ["oid"] } diff --git a/pkcs5/README.md b/pkcs5/README.md index 68bbbb44b..964f6ddd2 100644 --- a/pkcs5/README.md +++ b/pkcs5/README.md @@ -14,7 +14,7 @@ Password-Based Cryptography Specification Version 2.1 ([RFC 8018]). ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -43,7 +43,7 @@ dual licensed as above, without any additional terms or conditions. [build-image]: https://github.com/RustCrypto/formats/actions/workflows/pkcs5.yml/badge.svg [build-link]: https://github.com/RustCrypto/formats/actions/workflows/pkcs5.yml [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats diff --git a/pkcs8/Cargo.toml b/pkcs8/Cargo.toml index 4ee026bea..e8a85343f 100644 --- a/pkcs8/Cargo.toml +++ b/pkcs8/Cargo.toml @@ -13,7 +13,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i keywords = ["crypto", "key", "pkcs", "private"] readme = "README.md" edition = "2021" -rust-version = "1.65" +rust-version = "1.71" [dependencies] der = { version = "=0.8.0-pre", features = ["oid"] } diff --git a/pkcs8/README.md b/pkcs8/README.md index c1585439a..85d5bc09f 100644 --- a/pkcs8/README.md +++ b/pkcs8/README.md @@ -54,7 +54,7 @@ algorithm, including the ones listed above or other algorithms. ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -81,7 +81,7 @@ dual licensed as above, without any additional terms or conditions. [docs-image]: https://docs.rs/pkcs8/badge.svg [docs-link]: https://docs.rs/pkcs8/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [build-image]: https://github.com/RustCrypto/formats/workflows/pkcs8/badge.svg?branch=master&event=push diff --git a/sec1/Cargo.toml b/sec1/Cargo.toml index 9725cbfb1..3997d1537 100644 --- a/sec1/Cargo.toml +++ b/sec1/Cargo.toml @@ -13,7 +13,7 @@ categories = ["cryptography", "data-structures", "encoding", "no-std", "parser-i keywords = ["crypto", "key", "elliptic-curve", "secg"] readme = "README.md" edition = "2021" -rust-version = "1.70" +rust-version = "1.71" [dependencies] base16ct = { version = "0.2", optional = true, default-features = false } diff --git a/sec1/README.md b/sec1/README.md index 610b39ae9..5b666d608 100644 --- a/sec1/README.md +++ b/sec1/README.md @@ -18,7 +18,7 @@ formats including ASN.1 DER-serialized private keys (also described in ## Minimum Supported Rust Version -This crate requires **Rust 1.70** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -45,7 +45,7 @@ dual licensed as above, without any additional terms or conditions. [docs-image]: https://docs.rs/sec1/badge.svg [docs-link]: https://docs.rs/sec1/ [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.70+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats [build-image]: https://github.com/RustCrypto/formats/workflows/sec1/badge.svg?branch=master&event=push diff --git a/spki/README.md b/spki/README.md index 4ac8554bf..b9be0c7b2 100644 --- a/spki/README.md +++ b/spki/README.md @@ -16,7 +16,7 @@ Specified in [RFC 5280 ยง 4.1]. ## Minimum Supported Rust Version -This crate requires **Rust 1.65** at a minimum. +This crate requires **Rust 1.71** at a minimum. We may change the MSRV in the future, but it will be accompanied by a minor version bump. @@ -45,7 +45,7 @@ dual licensed as above, without any additional terms or conditions. [build-image]: https://github.com/RustCrypto/formats/actions/workflows/spki.yml/badge.svg [build-link]: https://github.com/RustCrypto/formats/actions/workflows/spki.yml [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg -[rustc-image]: https://img.shields.io/badge/rustc-1.65+-blue.svg +[rustc-image]: https://img.shields.io/badge/rustc-1.71+-blue.svg [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/300570-formats