Migrate AlgorithmIdentifier values from rustls-webpki

Any downstream crate defining a custom `rustls::CryptoProvider`
currently needs to take a dependency on `rustls-webpki` to reuse
these values (alternatively they can redefine these values, but meh.)

Moving them here removes that need.

Author: ctz

src/alg_id.rs

@@ -0,0 +1,76 @@
+//! Encodings of the PKIX AlgorithmIdentifier type.
+//!
+//! This module contains a set of common values, and exists to keep the
+//! names of these separate from the actual algorithm implementations.
+
+use super::AlgorithmIdentifier;
+
+// See src/data/README.md.
+
+/// AlgorithmIdentifier for `id-ecPublicKey` with named curve `secp256r1`.
+pub const ECDSA_P256: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-p256.der"));
+
+/// AlgorithmIdentifier for `id-ecPublicKey` with named curve `secp384r1`.
+pub const ECDSA_P384: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-p384.der"));
+
+/// AlgorithmIdentifier for `id-ecPublicKey` with named curve `secp521r1`.
+pub const ECDSA_P521: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-p521.der"));
+
+/// AlgorithmIdentifier for `ecdsa-with-SHA256`.
+pub const ECDSA_SHA256: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-sha256.der"));
+
+/// AlgorithmIdentifier for `ecdsa-with-SHA384`.
+pub const ECDSA_SHA384: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-sha384.der"));
+
+/// AlgorithmIdentifier for `ecdsa-with-SHA512`.
+pub const ECDSA_SHA512: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ecdsa-sha512.der"));
+
+/// AlgorithmIdentifier for `rsaEncryption`.
+pub const RSA_ENCRYPTION: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-encryption.der"));
+
+/// AlgorithmIdentifier for `sha256WithRSAEncryption`.
+pub const RSA_PKCS1_SHA256: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pkcs1-sha256.der"));
+
+/// AlgorithmIdentifier for `sha384WithRSAEncryption`.
+pub const RSA_PKCS1_SHA384: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pkcs1-sha384.der"));
+
+/// AlgorithmIdentifier for `sha512WithRSAEncryption`.
+pub const RSA_PKCS1_SHA512: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pkcs1-sha512.der"));
+
+/// AlgorithmIdentifier for `rsassaPss` with:
+///
+/// - hashAlgorithm: sha256
+/// - maskGenAlgorithm: mgf1 with sha256
+/// - saltLength: 32
+pub const RSA_PSS_SHA256: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pss-sha256.der"));
+
+/// AlgorithmIdentifier for `rsassaPss` with:
+///
+/// - hashAlgorithm: sha384
+/// - maskGenAlgorithm: mgf1 with sha384
+/// - saltLength: 48
+pub const RSA_PSS_SHA384: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pss-sha384.der"));
+
+/// AlgorithmIdentifier for `rsassaPss` with:
+///
+/// - hashAlgorithm: sha512
+/// - maskGenAlgorithm: mgf1 with sha512
+/// - saltLength: 64
+pub const RSA_PSS_SHA512: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-rsa-pss-sha512.der"));
+
+/// AlgorithmIdentifier for `ED25519`.
+pub const ED25519: AlgorithmIdentifier =
+    AlgorithmIdentifier::from_slice(include_bytes!("data/alg-ed25519.der"));

src/data/README.md

@@ -0,0 +1,21 @@
+These files contain the binary DER encoding of the *values* of some
+ASN.1 [`AlgorithmIdentifier`]s, without the outer `SEQUENCE` tag or the outer
+length component.
+
+These files were encoded with the help of [der-ascii]. They can be decoded
+using:
+
+```sh
+go get github.com/google/der-ascii/cmd/der2ascii
+der2ascii -i <filename> -o <filename>.ascii
+```
+
+New or modified der-ascii files can be encoded using:
+
+```sh
+go get github.com/google/der-ascii/cmd/ascii2der
+ascii2der i <filename>.ascii -o <filename>
+```
+
+[`AlgorithmIdentifier`]: https://tools.ietf.org/html/rfc5280#section-4.1.1.2]
+[der-ascii]: https://github.com/google/der-ascii

src/data/alg-ecdsa-p256.der

@@ -0,0 +1 @@
+*�H�=
*�H�=


src/data/alg-ecdsa-p384.der

@@ -0,0 +1 @@
+*�H�=

src/data/alg-ecdsa-p521.der

@@ -0,0 +1 @@
+*�H�=

src/data/alg-ecdsa-sha256.der

@@ -0,0 +1 @@
+*�H�=

src/data/alg-ecdsa-sha384.der

@@ -0,0 +1 @@
++ep

src/data/alg-ecdsa-sha512.der

@@ -83,6 +83,7 @@ use std::time::SystemTime;
 #[cfg(all(target_family = "wasm", target_os = "unknown", feature = "web"))]
 use web_time::SystemTime;
 
+pub mod alg_id;
 mod base64;
 mod server_name;