RustCrypto · tarcieri · Nov 16, 2021 · Nov 16, 2021
diff --git a/pkcs1/src/lib.rs b/pkcs1/src/lib.rs
@@ -20,11 +20,10 @@ mod public_key;
 mod traits;
 mod version;
 
-#[cfg(feature = "pkcs8")]
-#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
-pub mod pkcs8;
-
-pub use der::{self, asn1::UIntBytes};
+pub use der::{
+    self,
+    asn1::{ObjectIdentifier, UIntBytes},
+};
 
 pub use self::{
     error::{Error, Result},
@@ -46,3 +45,16 @@ pub use crate::{
 #[cfg(feature = "pem")]
 #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
 pub use der::pem::{self, LineEnding};
+
+/// `rsaEncryption` Object Identifier (OID)
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+pub const ALGORITHM_OID: ObjectIdentifier = ObjectIdentifier::new("1.2.840.113549.1.1.1");
+
+/// `AlgorithmIdentifier` for RSA.
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+pub const ALGORITHM_ID: pkcs8::AlgorithmIdentifier<'static> = pkcs8::AlgorithmIdentifier {
+    oid: ALGORITHM_OID,
+    parameters: Some(der::asn1::Any::NULL),
+};
diff --git a/pkcs1/src/pkcs8.rs b/pkcs1/src/pkcs8.rs
diff --git a/pkcs1/src/traits.rs b/pkcs1/src/traits.rs
@@ -8,11 +8,17 @@ use crate::{RsaPrivateKeyDocument, RsaPublicKeyDocument};
 #[cfg(feature = "pem")]
 use {crate::LineEnding, alloc::string::String};
 
+#[cfg(feature = "pkcs8")]
+use crate::{ALGORITHM_ID, ALGORITHM_OID};
+
 #[cfg(feature = "std")]
 use std::path::Path;
 
+#[cfg(all(feature = "alloc", feature = "pkcs8"))]
+use der::Document;
+
 #[cfg(any(feature = "pem", feature = "std"))]
-use {der::Document, zeroize::Zeroizing};
+use zeroize::Zeroizing;
 
 /// Parse an [`RsaPrivateKey`] from a PKCS#1-encoded document.
 pub trait DecodeRsaPrivateKey: Sized {
@@ -147,3 +153,51 @@ pub trait EncodeRsaPublicKey {
         self.to_pkcs1_der()?.write_pkcs1_pem_file(path, line_ending)
     }
 }
+
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+impl<T: pkcs8::DecodePrivateKey> DecodeRsaPrivateKey for T {
+    fn from_pkcs1_der(private_key: &[u8]) -> Result<Self> {
+        let algorithm = pkcs8::AlgorithmIdentifier {
+            oid: ALGORITHM_OID,
+            parameters: Some(der::asn1::Null.into()),
+        };
+
+        Ok(Self::try_from(pkcs8::PrivateKeyInfo {
+            algorithm,
+            private_key,
+            public_key: None,
+        })?)
+    }
+}
+
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+impl<T: pkcs8::DecodePublicKey> DecodeRsaPublicKey for T {
+    fn from_pkcs1_der(public_key: &[u8]) -> Result<Self> {
+        Ok(Self::try_from(pkcs8::SubjectPublicKeyInfo {
+            algorithm: ALGORITHM_ID,
+            subject_public_key: public_key,
+        })?)
+    }
+}
+
+#[cfg(all(feature = "alloc", feature = "pkcs8"))]
+#[cfg_attr(docsrs, doc(all(feature = "alloc", feature = "pkcs8")))]
+impl<T: pkcs8::EncodePrivateKey> EncodeRsaPrivateKey for T {
+    fn to_pkcs1_der(&self) -> Result<RsaPrivateKeyDocument> {
+        let doc = self.to_pkcs8_der()?;
+        Ok(RsaPrivateKeyDocument::from_der(doc.decode().private_key)?)
+    }
+}
+
+#[cfg(all(feature = "alloc", feature = "pkcs8"))]
+#[cfg_attr(docsrs, doc(all(feature = "alloc", feature = "pkcs8")))]
+impl<T: pkcs8::EncodePublicKey> EncodeRsaPublicKey for T {
+    fn to_pkcs1_der(&self) -> Result<RsaPublicKeyDocument> {
+        let doc = self.to_public_key_der()?;
+        Ok(RsaPublicKeyDocument::from_der(
+            doc.decode().subject_public_key,
+        )?)
+    }
+}
diff --git a/sec1/src/lib.rs b/sec1/src/lib.rs
@@ -21,10 +21,6 @@ mod parameters;
 mod private_key;
 mod traits;
 
-#[cfg(feature = "pkcs8")]
-#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
-pub mod pkcs8;
-
 pub use der;
 
 pub use self::{
@@ -43,3 +39,16 @@ pub use crate::{private_key::document::EcPrivateKeyDocument, traits::EncodeEcPri
 #[cfg(feature = "pem")]
 #[cfg_attr(docsrs, doc(cfg(feature = "pem")))]
 pub use der::pem::{self, LineEnding};
+
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+pub use pkcs8;
+
+/// Algorithm [`ObjectIdentifier`] for elliptic curve public key cryptography
+/// (`id-ecPublicKey`).
+///
+/// <http://oid-info.com/get/1.2.840.10045.2.1>
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+pub const ALGORITHM_OID: pkcs8::ObjectIdentifier =
+    pkcs8::ObjectIdentifier::new("1.2.840.10045.2.1");
diff --git a/sec1/src/pkcs8.rs b/sec1/src/pkcs8.rs
diff --git a/sec1/src/traits.rs b/sec1/src/traits.rs
@@ -8,11 +8,20 @@ use crate::EcPrivateKeyDocument;
 #[cfg(feature = "pem")]
 use {crate::LineEnding, alloc::string::String};
 
+#[cfg(feature = "pkcs8")]
+use {
+    crate::{EcPrivateKey, ALGORITHM_OID},
+    der::Decodable,
+};
+
+#[cfg(all(feature = "alloc", feature = "pkcs8"))]
+use der::Document;
+
 #[cfg(feature = "std")]
 use std::path::Path;
 
 #[cfg(any(feature = "pem", feature = "std"))]
-use {der::Document, zeroize::Zeroizing};
+use zeroize::Zeroizing;
 
 /// Parse an [`EcPrivateKey`] from a SEC1-encoded document.
 pub trait DecodeEcPrivateKey: Sized {
@@ -83,3 +92,36 @@ pub trait EncodeEcPrivateKey {
         self.to_sec1_der()?.write_sec1_pem_file(path, line_ending)
     }
 }
+
+#[cfg(feature = "pkcs8")]
+#[cfg_attr(docsrs, doc(cfg(feature = "pkcs8")))]
+impl<T: pkcs8::DecodePrivateKey> DecodeEcPrivateKey for T {
+    fn from_sec1_der(private_key: &[u8]) -> Result<Self> {
+        let params_oid = EcPrivateKey::from_der(private_key)?
+            .parameters
+            .and_then(|params| params.named_curve());
+
+        let algorithm = pkcs8::AlgorithmIdentifier {
+            oid: ALGORITHM_OID,
+            parameters: params_oid.as_ref().map(Into::into),
+        };
+
+        Ok(Self::try_from(pkcs8::PrivateKeyInfo {
+            algorithm,
+            private_key,
+            public_key: None,
+        })?)
+    }
+}
+
+#[cfg(all(feature = "alloc", feature = "pkcs8"))]
+#[cfg_attr(docsrs, doc(all(feature = "alloc", feature = "pkcs8")))]
+impl<T: pkcs8::EncodePrivateKey> EncodeEcPrivateKey for T {
+    fn to_sec1_der(&self) -> Result<EcPrivateKeyDocument> {
+        let doc = self.to_pkcs8_der()?;
+        let pkcs8_key = pkcs8::PrivateKeyInfo::from_der(doc.as_der())?;
+        let mut pkcs1_key = EcPrivateKey::from_der(pkcs8_key.private_key)?;
+        pkcs1_key.parameters = Some(pkcs8_key.algorithm.parameters_oid()?.into());
+        pkcs1_key.try_into()
+    }
+}