ed448: pkcs8 API changes

baloo · baloo · commit b12d5d831775 · 2024-09-05T13:23:06.000-07:00
diff --git a/ed448/src/pkcs8.rs b/ed448/src/pkcs8.rs
@@ -15,14 +15,17 @@
 //! breaking changes when using this module.
 
 pub use pkcs8::{
-    spki, DecodePrivateKey, DecodePublicKey, Error, ObjectIdentifier, PrivateKeyInfo, Result,
+    spki, DecodePrivateKey, DecodePublicKey, Error, ObjectIdentifier, PrivateKeyInfoRef, Result,
 };
 
 #[cfg(feature = "alloc")]
 pub use pkcs8::{spki::EncodePublicKey, EncodePrivateKey};
 
 #[cfg(feature = "alloc")]
-pub use pkcs8::der::{asn1::BitStringRef, Document, SecretDocument};
+pub use pkcs8::der::{
+    asn1::{BitStringRef, OctetStringRef},
+    Document, SecretDocument,
+};
 
 use core::fmt;
 
@@ -112,21 +115,26 @@ impl EncodePrivateKey for KeypairBytes {
         private_key[0] = 0x04;
         private_key[1] = 0x39;
         private_key[2..].copy_from_slice(&self.secret_key);
+        let private_key = OctetStringRef::new(&private_key)?;
 
-        let private_key_info = PrivateKeyInfo {
+        let private_key_info = PrivateKeyInfoRef {
             algorithm: ALGORITHM_ID,
-            private_key: &private_key,
-            public_key: self.public_key.as_ref().map(|pk| pk.0.as_slice()),
+            private_key: private_key,
+            public_key: self
+                .public_key
+                .as_ref()
+                .map(|pk| BitStringRef::new(0, &pk.0))
+                .transpose()?,
         };
 
         Ok(SecretDocument::encode_msg(&private_key_info)?)
     }
 }
 
-impl TryFrom<PrivateKeyInfo<'_>> for KeypairBytes {
+impl TryFrom<PrivateKeyInfoRef<'_>> for KeypairBytes {
     type Error = Error;
 
-    fn try_from(private_key: PrivateKeyInfo<'_>) -> Result<Self> {
+    fn try_from(private_key: PrivateKeyInfoRef<'_>) -> Result<Self> {
         private_key.algorithm.assert_algorithm_oid(ALGORITHM_OID)?;
 
         if private_key.algorithm.parameters.is_some() {
@@ -141,13 +149,14 @@ impl TryFrom<PrivateKeyInfo<'_>> for KeypairBytes {
         //
         // - 0x04: OCTET STRING tag
         // - 0x39: 57-byte length
-        let secret_key = match private_key.private_key {
+        let secret_key = match private_key.private_key.as_bytes() {
             [0x04, 0x39, rest @ ..] => rest.try_into().map_err(|_| Error::KeyMalformed),
             _ => Err(Error::KeyMalformed),
         }?;
 
         let public_key = private_key
             .public_key
+            .and_then(|bs| bs.as_bytes())
             .map(|bytes| bytes.try_into().map_err(|_| Error::KeyMalformed))
             .transpose()?
             .map(PublicKeyBytes);
