From e467cef774b26119c1ea76b3f61028eee9fa92b9 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <arthur.gautier@arista.com>
Date: Thu, 4 May 2023 10:31:46 -0700
Subject: [PATCH] spki: Adds a `SignatureBitStringEncoding` trait

This is used to differentiate the different encoding for signatures as
x509 related structures rely on `BitString` encoding of the various
signatures.

This is mostly used as a marker trait to ensure misuse resistance of the
API.
---
 spki/src/lib.rs    |  1 +
 spki/src/traits.rs | 11 ++++++++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/spki/src/lib.rs b/spki/src/lib.rs
index 026109c29..6c0caa72a 100644
--- a/spki/src/lib.rs
+++ b/spki/src/lib.rs
@@ -61,6 +61,7 @@ pub use {
         spki::SubjectPublicKeyInfoOwned,
         traits::{
             DynAssociatedAlgorithmIdentifier, DynSignatureAlgorithmIdentifier, EncodePublicKey,
+            SignatureBitStringEncoding,
         },
     },
     der::Document,
diff --git a/spki/src/traits.rs b/spki/src/traits.rs
index 1126c7c40..764b02a4a 100644
--- a/spki/src/traits.rs
+++ b/spki/src/traits.rs
@@ -6,7 +6,7 @@ use der::{EncodeValue, Tagged};
 #[cfg(feature = "alloc")]
 use {
     crate::AlgorithmIdentifierOwned,
-    der::{Any, Document},
+    der::{asn1::BitString, Any, Document},
 };
 
 #[cfg(feature = "pem")]
@@ -173,3 +173,12 @@ where
         })
     }
 }
+
+/// Returns the `BitString` encoding of the signature.
+///
+/// X.509 and CSR structures require signatures to be BitString encoded.
+#[cfg(feature = "alloc")]
+pub trait SignatureBitStringEncoding {
+    /// `BitString` encoding for this signature.
+    fn to_bitstring(&self) -> der::Result<BitString>;
+}