transports/tls-quic: Use oids from oid-registry

kpp · Jul 20, 2021 · dc645db · dc645db
1 parent cea7fcc
commit dc645db
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 23 deletions.
diff --git a/transports/tls-quic/Cargo.toml b/transports/tls-quic/Cargo.toml
@@ -13,6 +13,7 @@ libp2p-core = { path = "../../core", version = "0.29.0" }
 rcgen = "0.8.11"
 x509-parser = "0.9.2"
 der-parser = { version = "5.1.0", features = ["serialize"] }
+oid-registry = "0.1.5"
 yasna = "0.4.0"
 rustls = "0.19.1"
 ring = "0.16.20"
diff --git a/transports/tls-quic/src/certificate.rs b/transports/tls-quic/src/certificate.rs
@@ -292,14 +292,6 @@ impl P2pCertificate<'_> {
                 return Some(RSA_PKCS1_SHA512)
             }
             if signature_algorithm.algorithm == OID_PKCS1_RSASSAPSS {
-                // FIXME move OIDs to `oid_registry`
-                #[allow(non_snake_case)]
-                let OID_NIST_HASH_SHA384 = der_parser::oid::Oid::from(&[2,16,840,1,101,3,4,2,2])
-                    .expect("This is a valid OID; qed");
-                #[allow(non_snake_case)]
-                let OID_NIST_HASH_SHA512 = der_parser::oid::Oid::from(&[2,16,840,1,101,3,4,2,3])
-                    .expect("This is a valid OID; qed");
-
                 // According to https://datatracker.ietf.org/doc/html/rfc4055#section-3.1:
                 // Inside of params there shuld be a sequence of:
                 // - Hash Algorithm
@@ -333,21 +325,14 @@ impl P2pCertificate<'_> {
         }
 
         if pki_algorithm.algorithm == OID_KEY_TYPE_EC_PUBLIC_KEY {
-            let signature_param = pki_algorithm.parameters.as_ref()?.as_oid().ok()?;
-            // FIXME move OIDs to `oid_registry`
-            let p256 = der_parser::oid::Oid::from(&[1,2,840,10045,3,1,7])
-                .expect("This is a valid OID; qed");
-            let p384 = der_parser::oid::Oid::from(&[1,3,132,0,34])
-                .expect("This is a valid OID; qed");
-            let p521 = der_parser::oid::Oid::from(&[1,3,132,0,35])
-                .expect("This is a valid OID; qed");
-            if signature_param == &p256 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA256 {
+            let signature_param = pki_algorithm.parameters.as_ref()?.as_oid_val().ok()?;
+            if signature_param == OID_EC_P256 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA256 {
                 return Some(ECDSA_NISTP256_SHA256)
             }
-            if signature_param == &p384 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA384 {
+            if signature_param == OID_NIST_EC_P384 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA384 {
                 return Some(ECDSA_NISTP384_SHA384)
             }
-            if signature_param == &p521 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA512 {
+            if signature_param == OID_NIST_EC_P521 && signature_algorithm.algorithm == OID_SIG_ECDSA_WITH_SHA512 {
                 return Some(ECDSA_NISTP521_SHA512)
             }
             return None
@@ -356,10 +341,6 @@ impl P2pCertificate<'_> {
         if signature_algorithm.algorithm == OID_SIG_ED25519 {
             return Some(ED25519)
         }
-        // FIXME move OID to `oid_registry`
-        #[allow(non_snake_case)]
-        let OID_SIG_ED448 = der_parser::oid::Oid::from(&[1,3,101,113])
-            .expect("This is a valid OID; qed");
         if signature_algorithm.algorithm == OID_SIG_ED448 {
            return Some(ED448)
         }