Add aws-lc-rs as optional dependency

Export SignatureVerificationAlgorithms backed by it in webpki::aws_lc_rs

Author: ctz

Cargo.toml

@@ -29,6 +29,7 @@ include = [
     "/LICENSE",
     "README.md",
 
+    "src/aws_lc_rs_algs.rs",
     "src/calendar.rs",
     "src/cert.rs",
     "src/crl/mod.rs",
@@ -66,11 +67,13 @@ name = "webpki"
 
 [features]
 default = ["std", "ring"]
-ring = ["dep:ring"]
+aws_lc_rs = ["dep:aws-lc-rs"]
 alloc = ["ring?/alloc", "pki-types/alloc"]
+ring = ["dep:ring"]
 std = ["alloc"]
 
 [dependencies]
+aws-lc-rs = { version = "1.0.0", optional = true }
 pki-types = { package = "rustls-pki-types", version = "0.2.1", default-features = false }
 ring = { version = "0.16.19", default-features = false, optional = true }
 untrusted = "0.7.1"

src/alg_tests.rs

@@ -12,6 +12,8 @@
 // ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 // OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
+#![allow(clippy::duplicate_mod)]
+
 use base64::{engine::general_purpose, Engine as _};
 
 use crate::error::{DerTypeId, Error};

src/aws_lc_rs_algs.rs

@@ -0,0 +1,164 @@
+use aws_lc_rs::signature;
+use pki_types::{AlgorithmIdentifier, InvalidSignature, SignatureVerificationAlgorithm};
+
+use crate::signed_data::alg_id;
+
+// nb. aws-lc-rs has an API that is broadly compatible with *ring*,
+// so this is very similar to ring_algs.rs.
+
+/// A `SignatureVerificationAlgorithm` implemented using aws-lc-rs.
+struct AwsLcRsAlgorithm {
+    public_key_alg_id: AlgorithmIdentifier,
+    signature_alg_id: AlgorithmIdentifier,
+    verification_alg: &'static dyn signature::VerificationAlgorithm,
+}
+
+impl SignatureVerificationAlgorithm for AwsLcRsAlgorithm {
+    fn public_key_alg_id(&self) -> AlgorithmIdentifier {
+        self.public_key_alg_id
+    }
+
+    fn signature_alg_id(&self) -> AlgorithmIdentifier {
+        self.signature_alg_id
+    }
+
+    fn verify_signature(
+        &self,
+        public_key: &[u8],
+        message: &[u8],
+        signature: &[u8],
+    ) -> Result<(), InvalidSignature> {
+        signature::UnparsedPublicKey::new(self.verification_alg, public_key)
+            .verify(message, signature)
+            .map_err(|_| InvalidSignature)
+    }
+}
+
+/// ECDSA signatures using the P-256 curve and SHA-256.
+pub static ECDSA_P256_SHA256: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ECDSA_P256,
+    signature_alg_id: alg_id::ECDSA_SHA256,
+    verification_alg: &signature::ECDSA_P256_SHA256_ASN1,
+};
+
+/// ECDSA signatures using the P-256 curve and SHA-384. Deprecated.
+pub static ECDSA_P256_SHA384: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ECDSA_P256,
+    signature_alg_id: alg_id::ECDSA_SHA384,
+    verification_alg: &signature::ECDSA_P256_SHA384_ASN1,
+};
+
+/// ECDSA signatures using the P-384 curve and SHA-256. Deprecated.
+pub static ECDSA_P384_SHA256: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ECDSA_P384,
+    signature_alg_id: alg_id::ECDSA_SHA256,
+    verification_alg: &signature::ECDSA_P384_SHA256_ASN1,
+};
+
+/// ECDSA signatures using the P-384 curve and SHA-384.
+pub static ECDSA_P384_SHA384: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ECDSA_P384,
+    signature_alg_id: alg_id::ECDSA_SHA384,
+    verification_alg: &signature::ECDSA_P384_SHA384_ASN1,
+};
+
+/// RSA PKCS#1 1.5 signatures using SHA-256 for keys of 2048-8192 bits.
+pub static RSA_PKCS1_2048_8192_SHA256: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::RSA_ENCRYPTION,
+    signature_alg_id: alg_id::RSA_PKCS1_SHA256,
+    verification_alg: &signature::RSA_PKCS1_2048_8192_SHA256,
+};
+
+/// RSA PKCS#1 1.5 signatures using SHA-384 for keys of 2048-8192 bits.
+pub static RSA_PKCS1_2048_8192_SHA384: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::RSA_ENCRYPTION,
+    signature_alg_id: alg_id::RSA_PKCS1_SHA384,
+    verification_alg: &signature::RSA_PKCS1_2048_8192_SHA384,
+};
+
+/// RSA PKCS#1 1.5 signatures using SHA-512 for keys of 2048-8192 bits.
+pub static RSA_PKCS1_2048_8192_SHA512: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::RSA_ENCRYPTION,
+    signature_alg_id: alg_id::RSA_PKCS1_SHA512,
+    verification_alg: &signature::RSA_PKCS1_2048_8192_SHA512,
+};
+
+/// RSA PKCS#1 1.5 signatures using SHA-384 for keys of 3072-8192 bits.
+pub static RSA_PKCS1_3072_8192_SHA384: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::RSA_ENCRYPTION,
+    signature_alg_id: alg_id::RSA_PKCS1_SHA384,
+    verification_alg: &signature::RSA_PKCS1_3072_8192_SHA384,
+};
+
+/// RSA PSS signatures using SHA-256 for keys of 2048-8192 bits and of
+/// type rsaEncryption; see [RFC 4055 Section 1.2].
+///
+/// [RFC 4055 Section 1.2]: https://tools.ietf.org/html/rfc4055#section-1.2
+pub static RSA_PSS_2048_8192_SHA256_LEGACY_KEY: &dyn SignatureVerificationAlgorithm =
+    &AwsLcRsAlgorithm {
+        public_key_alg_id: alg_id::RSA_ENCRYPTION,
+        signature_alg_id: alg_id::RSA_PSS_SHA256,
+        verification_alg: &signature::RSA_PSS_2048_8192_SHA256,
+    };
+
+/// RSA PSS signatures using SHA-384 for keys of 2048-8192 bits and of
+/// type rsaEncryption; see [RFC 4055 Section 1.2].
+///
+/// [RFC 4055 Section 1.2]: https://tools.ietf.org/html/rfc4055#section-1.2
+pub static RSA_PSS_2048_8192_SHA384_LEGACY_KEY: &dyn SignatureVerificationAlgorithm =
+    &AwsLcRsAlgorithm {
+        public_key_alg_id: alg_id::RSA_ENCRYPTION,
+        signature_alg_id: alg_id::RSA_PSS_SHA384,
+        verification_alg: &signature::RSA_PSS_2048_8192_SHA384,
+    };
+
+/// RSA PSS signatures using SHA-512 for keys of 2048-8192 bits and of
+/// type rsaEncryption; see [RFC 4055 Section 1.2].
+///
+/// [RFC 4055 Section 1.2]: https://tools.ietf.org/html/rfc4055#section-1.2
+pub static RSA_PSS_2048_8192_SHA512_LEGACY_KEY: &dyn SignatureVerificationAlgorithm =
+    &AwsLcRsAlgorithm {
+        public_key_alg_id: alg_id::RSA_ENCRYPTION,
+        signature_alg_id: alg_id::RSA_PSS_SHA512,
+        verification_alg: &signature::RSA_PSS_2048_8192_SHA512,
+    };
+
+/// ED25519 signatures according to RFC 8410
+pub static ED25519: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ED25519,
+    signature_alg_id: alg_id::ED25519,
+    verification_alg: &signature::ED25519,
+};
+
+#[cfg(test)]
+#[path = "."]
+mod tests {
+    use crate::Error;
+
+    static SUPPORTED_ALGORITHMS_IN_TESTS: &[&dyn super::SignatureVerificationAlgorithm] = &[
+        // Reasonable algorithms.
+        super::ECDSA_P256_SHA256,
+        super::ECDSA_P384_SHA384,
+        super::ED25519,
+        super::RSA_PKCS1_2048_8192_SHA256,
+        super::RSA_PKCS1_2048_8192_SHA384,
+        super::RSA_PKCS1_2048_8192_SHA512,
+        super::RSA_PKCS1_3072_8192_SHA384,
+        super::RSA_PSS_2048_8192_SHA256_LEGACY_KEY,
+        super::RSA_PSS_2048_8192_SHA384_LEGACY_KEY,
+        super::RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
+        // Algorithms deprecated because they are nonsensical combinations.
+        super::ECDSA_P256_SHA384, // Truncates digest.
+        super::ECDSA_P384_SHA256, // Digest is unnecessarily short.
+    ];
+
+    const UNSUPPORTED_SIGNATURE_ALGORITHM_FOR_RSA_KEY: Error =
+        Error::UnsupportedSignatureAlgorithmForPublicKey;
+
+    const INVALID_SIGNATURE_FOR_RSA_KEY: Error = Error::InvalidSignatureForPublicKey;
+
+    const OK_IF_RSA_AVAILABLE: Result<(), Error> = Ok(());
+
+    #[path = "alg_tests.rs"]
+    mod alg_tests;
+}

src/lib.rs

@@ -24,6 +24,7 @@
 //! | `alloc` | Enable features that require use of the heap. Currently all RSA signature algorithms require this feature. |
 //! | `std` | Enable features that require libstd. Implies `alloc`. |
 //! | `ring` | Enable use of the *ring* crate for cryptography. |
+//! | `aws_lc_rs` | Enable use of the aws-lc-rs crate for cryptography. |
 
 #![cfg_attr(not(feature = "std"), no_std)]
 #![warn(unreachable_pub)]
@@ -46,6 +47,8 @@ extern crate alloc;
 #[macro_use]
 mod der;
 
+#[cfg(feature = "aws_lc_rs")]
+mod aws_lc_rs_algs;
 mod cert;
 mod end_entity;
 mod error;
@@ -104,9 +107,20 @@ pub mod ring {
     };
 }
 
+#[cfg(feature = "aws_lc_rs")]
+/// Signature verification algorithm implementations using the aws-lc-rs crypto library.
+pub mod aws_lc_rs {
+    pub use super::aws_lc_rs_algs::{
+        ECDSA_P256_SHA256, ECDSA_P256_SHA384, ECDSA_P384_SHA256, ECDSA_P384_SHA384, ED25519,
+        RSA_PKCS1_2048_8192_SHA256, RSA_PKCS1_2048_8192_SHA384, RSA_PKCS1_2048_8192_SHA512,
+        RSA_PKCS1_3072_8192_SHA384, RSA_PSS_2048_8192_SHA256_LEGACY_KEY,
+        RSA_PSS_2048_8192_SHA384_LEGACY_KEY, RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
+    };
+}
+
 /// An array of all the verification algorithms exported by this crate.
 ///
-/// This will be empty if the crate is built without the `ring` feature.
+/// This will be empty if the crate is built without the `ring` and `aws_lc_rs` features.
 pub static ALL_VERIFICATION_ALGS: &[&dyn types::SignatureVerificationAlgorithm] = &[
     #[cfg(feature = "ring")]
     ring::ECDSA_P256_SHA256,
@@ -132,4 +146,28 @@ pub static ALL_VERIFICATION_ALGS: &[&dyn types::SignatureVerificationAlgorithm]
     ring::RSA_PSS_2048_8192_SHA384_LEGACY_KEY,
     #[cfg(all(feature = "ring", feature = "alloc"))]
     ring::RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::ECDSA_P256_SHA256,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::ECDSA_P256_SHA384,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::ECDSA_P384_SHA256,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::ECDSA_P384_SHA384,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::ED25519,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PKCS1_2048_8192_SHA256,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PKCS1_2048_8192_SHA384,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PKCS1_2048_8192_SHA512,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PKCS1_3072_8192_SHA384,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PSS_2048_8192_SHA256_LEGACY_KEY,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PSS_2048_8192_SHA384_LEGACY_KEY,
+    #[cfg(feature = "aws_lc_rs")]
+    aws_lc_rs::RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
 ];