Implement feature as TryInto

aws · Nov 21, 2024 · 0ab5a27 · 0ab5a27
1 parent f407c0b
commit 0ab5a27
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 19 deletions.
diff --git a/aws-lc-rs/src/rsa/key.rs b/aws-lc-rs/src/rsa/key.rs
@@ -20,7 +20,7 @@ use crate::{
     hex,
     ptr::{DetachableLcPtr, LcPtr},
     rand,
-    rsa::{PublicEncryptingKey},
+    rsa::PublicEncryptingKey,
     sealed::Sealed,
 };
 #[cfg(feature = "fips")]
@@ -368,7 +368,7 @@ impl PublicKey {
     }
 }
 
-/// Low-level API for the verification of RSA signatures.
+/// Low-level API for RSA public keys.
 ///
 /// When the public key is in DER-encoded PKCS#1 ASN.1 format, it is
 /// recommended to use `aws_lc_rs::signature::verify()` with
@@ -433,16 +433,6 @@ where
         Ok(pkey)
     }
 
-    /// Builds a `PublicEncryptingKey` from the public key components.
-    ///
-    /// # Errors
-    /// `error::Unspecified` if the key failed to verify.
-    pub fn build_encrypting_key(&self) -> Result<PublicEncryptingKey, Unspecified> {
-        let rsa = self.build_rsa()?;
-
-        PublicEncryptingKey::new(rsa)
-    }
-
     /// Verifies that `signature` is a valid signature of `message` using `self`
     /// as the public key. `params` determine what algorithm parameters
     /// (padding, digest algorithm, key length range, etc.) are used in the
@@ -468,6 +458,22 @@ where
     }
 }
 
+impl<B> TryInto<PublicEncryptingKey> for PublicKeyComponents<B>
+where
+    B: AsRef<[u8]> + Debug,
+{
+    type Error = Unspecified;
+
+    /// Try to build a `PublicEncryptingKey` from the public key components.
+    ///
+    /// # Errors
+    /// `error::Unspecified` if the key failed to verify.
+    fn try_into(self) -> Result<PublicEncryptingKey, Self::Error> {
+        let rsa = self.build_rsa()?;
+        PublicEncryptingKey::new(rsa)
+    }
+}
+
 pub(super) fn generate_rsa_key(size: c_int, fips: bool) -> Result<LcPtr<EVP_PKEY>, Unspecified> {
     // We explicitly don't use `EVP_PKEY_keygen`, as it will force usage of either the FIPS or non-FIPS
     // keygen function based on the whether the build of AWS-LC had FIPS enbaled. Rather we delegate to the desired

diff --git a/aws-lc-rs/tests/basic_rsa_test.rs b/aws-lc-rs/tests/basic_rsa_test.rs
@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0 OR ISC
 
 use aws_lc_rs::rand::SystemRandom;
-use aws_lc_rs::rsa::Pkcs1PublicEncryptingKey;
+use aws_lc_rs::rsa::{Pkcs1PublicEncryptingKey, PublicEncryptingKey};
 use aws_lc_rs::signature;
 use aws_lc_rs::signature::RsaKeyPair;
 use aws_lc_rs::test::from_dirty_hex;
@@ -210,14 +210,11 @@ fn test_encryption_rsa_primitive() {
     let msg = from_dirty_hex(r"68656c6c6f2c20776f726c64");
 
     let public_key = signature::RsaPublicKeyComponents { n: &n, e: &e };
-    let public_encrypting_key = public_key.build_encrypting_key()
-        .unwrap();
-    let pkcs_encrypting_key = Pkcs1PublicEncryptingKey::new(public_encrypting_key)
-        .unwrap();
+    let public_encrypting_key: PublicEncryptingKey = public_key.try_into().unwrap();
+    let pkcs_encrypting_key = Pkcs1PublicEncryptingKey::new(public_encrypting_key).unwrap();
 
     let mut encrypted = vec![0u8; pkcs_encrypting_key.ciphertext_size()];
-    pkcs_encrypting_key.encrypt(&msg, &mut encrypted)
-        .unwrap();
+    pkcs_encrypting_key.encrypt(&msg, &mut encrypted).unwrap();
 
     assert_ne!(encrypted, msg);
 }