From 7358fa6e64d4f8845d80e744f1c3e1fbf98d8e7f Mon Sep 17 00:00:00 2001
From: Arthur Gautier <baloo@superbaloo.net>
Date: Tue, 28 Nov 2023 19:49:18 -0800
Subject: [PATCH] rework rsa signer algorithm

Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
---
 cryptoki-rustcrypto/src/rsa/pkcs1v15.rs | 34 +++++++++++++------------
 cryptoki-rustcrypto/src/rsa/pss.rs      |  5 ++--
 2 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/cryptoki-rustcrypto/src/rsa/pkcs1v15.rs b/cryptoki-rustcrypto/src/rsa/pkcs1v15.rs
index 04535b98..2756dd24 100644
--- a/cryptoki-rustcrypto/src/rsa/pkcs1v15.rs
+++ b/cryptoki-rustcrypto/src/rsa/pkcs1v15.rs
@@ -2,12 +2,8 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use cryptoki::object::{Attribute, AttributeType, KeyType, ObjectClass, ObjectHandle};
-use der::AnyRef;
-use rsa::{
-    pkcs1,
-    pkcs1v15::{Signature, VerifyingKey},
-};
-use spki::{AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier, SignatureAlgorithmIdentifier};
+use rsa::pkcs1v15::{RsaSignatureAssociatedOid, Signature, VerifyingKey};
+use spki::{AlgorithmIdentifier, AssociatedAlgorithmIdentifier, SignatureAlgorithmIdentifier};
 use std::convert::TryFrom;
 
 use super::{read_key, DigestSigning, Error};
@@ -71,9 +67,14 @@ impl<D: DigestSigning, S: SessionLike> Signer<D, S> {
     }
 }
 
-impl<D: DigestSigning, S: SessionLike> AssociatedAlgorithmIdentifier for Signer<D, S> {
-    type Params = AnyRef<'static>;
-    const ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> = pkcs1::ALGORITHM_ID;
+impl<D, S> AssociatedAlgorithmIdentifier for Signer<D, S>
+where
+    D: DigestSigning,
+    S: SessionLike,
+{
+    type Params = <VerifyingKey<D> as AssociatedAlgorithmIdentifier>::Params;
+    const ALGORITHM_IDENTIFIER: AlgorithmIdentifier<Self::Params> =
+        <VerifyingKey<D> as AssociatedAlgorithmIdentifier>::ALGORITHM_IDENTIFIER;
 }
 
 impl<D: DigestSigning, S: SessionLike> signature::Keypair for Signer<D, S> {
@@ -99,12 +100,13 @@ impl<D: DigestSigning, S: SessionLike> signature::Signer<Signature> for Signer<D
     }
 }
 
-impl<D: DigestSigning, S: SessionLike> SignatureAlgorithmIdentifier for Signer<D, S> {
-    type Params = AnyRef<'static>;
+impl<D, S> SignatureAlgorithmIdentifier for Signer<D, S>
+where
+    S: SessionLike,
+    D: DigestSigning + RsaSignatureAssociatedOid,
+{
+    type Params = <VerifyingKey<D> as SignatureAlgorithmIdentifier>::Params;
 
-    const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifierRef<'static> =
-        AlgorithmIdentifierRef {
-            oid: D::OID,
-            parameters: Some(AnyRef::NULL),
-        };
+    const SIGNATURE_ALGORITHM_IDENTIFIER: AlgorithmIdentifier<Self::Params> =
+        <VerifyingKey<D> as SignatureAlgorithmIdentifier>::SIGNATURE_ALGORITHM_IDENTIFIER;
 }
diff --git a/cryptoki-rustcrypto/src/rsa/pss.rs b/cryptoki-rustcrypto/src/rsa/pss.rs
index 5c29a83c..cd579b47 100644
--- a/cryptoki-rustcrypto/src/rsa/pss.rs
+++ b/cryptoki-rustcrypto/src/rsa/pss.rs
@@ -2,13 +2,12 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use cryptoki::object::{Attribute, AttributeType, KeyType, ObjectClass, ObjectHandle};
-use der::{asn1::ObjectIdentifier, oid::AssociatedOid, Any, AnyRef};
+use der::AnyRef;
 use rsa::{
-    pkcs1::{self, RsaPssParams},
+    pkcs1,
     pkcs8::{self},
     pss::{get_default_pss_signature_algo_id, Signature, VerifyingKey},
 };
-use signature::digest::Digest;
 use spki::{
     AlgorithmIdentifierOwned, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier,
     DynSignatureAlgorithmIdentifier,