remove std.crypto.der

Only a little bit of generalized logic for DER encoding is needed and so it can live inside the Certificate namespace. This commit removes the generic "parse object id" function which is no longer used in favor of more specific, smaller sets of object ids used with ComptimeStringMap.
ziglang · Dec 23, 2022 · 2e278f6 · 2e278f6
1 parent 99c9087
commit 2e278f6
Show file tree

Hide file tree

Showing 4 changed files with 84 additions and 169 deletions.
diff --git a/lib/std/crypto.zig b/lib/std/crypto.zig
@@ -177,7 +177,6 @@ const std = @import("std.zig");
 pub const errors = @import("crypto/errors.zig");
 
 pub const tls = @import("crypto/tls.zig");
-pub const der = @import("crypto/der.zig");
 pub const Certificate = @import("crypto/Certificate.zig");
 
 test {
@@ -269,7 +268,6 @@ test {
     _ = random;
     _ = errors;
     _ = tls;
-    _ = der;
     _ = Certificate;
 }
 

diff --git a/lib/std/crypto/Certificate.zig b/lib/std/crypto/Certificate.zig
@@ -499,9 +499,91 @@ pub fn checkVersion(bytes: []const u8, version: der.Element) !void {
 const std = @import("../std.zig");
 const crypto = std.crypto;
 const mem = std.mem;
-const der = std.crypto.der;
 const Certificate = @This();
 
+pub const der = struct {
+    pub const Class = enum(u2) {
+        universal,
+        application,
+        context_specific,
+        private,
+    };
+
+    pub const PC = enum(u1) {
+        primitive,
+        constructed,
+    };
+
+    pub const Identifier = packed struct(u8) {
+        tag: Tag,
+        pc: PC,
+        class: Class,
+    };
+
+    pub const Tag = enum(u5) {
+        boolean = 1,
+        integer = 2,
+        bitstring = 3,
+        null = 5,
+        object_identifier = 6,
+        sequence = 16,
+        sequence_of = 17,
+        utc_time = 23,
+        generalized_time = 24,
+        _,
+    };
+
+    pub const Element = struct {
+        identifier: Identifier,
+        slice: Slice,
+
+        pub const Slice = struct {
+            start: u32,
+            end: u32,
+
+            pub const empty: Slice = .{ .start = 0, .end = 0 };
+        };
+    };
+
+    pub const ParseElementError = error{CertificateFieldHasInvalidLength};
+
+    pub fn parseElement(bytes: []const u8, index: u32) ParseElementError!Element {
+        var i = index;
+        const identifier = @bitCast(Identifier, bytes[i]);
+        i += 1;
+        const size_byte = bytes[i];
+        i += 1;
+        if ((size_byte >> 7) == 0) {
+            return .{
+                .identifier = identifier,
+                .slice = .{
+                    .start = i,
+                    .end = i + size_byte,
+                },
+            };
+        }
+
+        const len_size = @truncate(u7, size_byte);
+        if (len_size > @sizeOf(u32)) {
+            return error.CertificateFieldHasInvalidLength;
+        }
+
+        const end_i = i + len_size;
+        var long_form_size: u32 = 0;
+        while (i < end_i) : (i += 1) {
+            long_form_size = (long_form_size << 8) | bytes[i];
+        }
+
+        return .{
+            .identifier = identifier,
+            .slice = .{
+                .start = i,
+                .end = i + long_form_size,
+            },
+        };
+    }
+};
+
 test {
     _ = Bundle;
 }

diff --git a/lib/std/crypto/Certificate/Bundle.zig b/lib/std/crypto/Certificate/Bundle.zig
@@ -154,8 +154,8 @@ const fs = std.fs;
 const mem = std.mem;
 const crypto = std.crypto;
 const Allocator = std.mem.Allocator;
-const der = std.crypto.der;
 const Certificate = std.crypto.Certificate;
+const der = Certificate.der;
 const Bundle = @This();
 
 const base64 = std.base64.standard.decoderWithIgnore(" \t\r\n");

diff --git a/lib/std/crypto/der.zig b/lib/std/crypto/der.zig