cms: ECC KeyAgreementRecipientInfo initial support

Cargo.toml

@@ -67,6 +67,14 @@ x509-ocsp = { path = "./x509-ocsp" }
 # https://github.com/RustCrypto/signatures/pull/923
 ecdsa   = { git = "https://github.com/RustCrypto/signatures.git" }
 rfc6979 = { git = "https://github.com/RustCrypto/signatures.git" }
+# https://github.com/RustCrypto/key-wraps/pull/34
+# https://github.com/RustCrypto/key-wraps/pull/35
+# https://github.com/RustCrypto/key-wraps/pull/39
+aes-kw = { git = "https://github.com/RustCrypto/key-wraps.git" }
+
+
+# https://github.com/RustCrypto/KDFs/pull/102
+ansi-x963-kdf = { git = "https://github.com/RustCrypto/KDFs.git" }
 
 
 # https://github.com/RustCrypto/traits/pull/1777

cms/Cargo.toml

@@ -22,8 +22,12 @@ x509-cert = { version = "=0.3.0-pre.0", default-features = false }
 
 # optional dependencies
 aes = { version = "=0.9.0-pre.3", optional = true }
+aes-kw = { version ="=0.3.0-pre", optional = true }
+ansi-x963-kdf = { version = "0.0.1", optional = true }
 cbc = { version = "=0.2.0-pre.2", optional = true }
 cipher = { version = "=0.5.0-pre.8", features = ["alloc", "block-padding", "rand_core"], optional = true }
+digest = { version = "0.11.0-pre.10", optional = true }
+elliptic-curve = { version = "=0.14.0-rc.1", optional = true }
 rsa = { version = "=0.10.0-pre.4", optional = true }
 sha1 = { version = "=0.11.0-pre.5", optional = true }
 sha2 = { version = "=0.11.0-pre.5", optional = true }
@@ -49,8 +53,13 @@ x509-cert = { version = "=0.3.0-pre.0", features = ["pem"] }
 std = ["der/std", "spki/std"]
 builder = [
     "dep:aes",
+    "dep:aes-kw",
+    "dep:ansi-x963-kdf",
     "dep:cbc",
     "dep:cipher",
+    "dep:digest",
+    "elliptic-curve/ecdh",
+    "elliptic-curve/pkcs8",
     "dep:rsa",
     "dep:sha1",
     "dep:sha2",

cms/src/builder.rs

@@ -6,8 +6,8 @@ use crate::cert::CertificateChoices;
 use crate::content_info::{CmsVersion, ContentInfo};
 use crate::enveloped_data::{
     EncryptedContentInfo, EncryptedKey, EnvelopedData, KekIdentifier, KeyTransRecipientInfo,
-    OriginatorIdentifierOrKey, OriginatorInfo, PasswordRecipientInfo, RecipientIdentifier,
-    RecipientInfo, RecipientInfos, UserKeyingMaterial,
+    OriginatorInfo, PasswordRecipientInfo, RecipientIdentifier, RecipientInfo, RecipientInfos,
+    UserKeyingMaterial,
 };
 use crate::revocation::{RevocationInfoChoice, RevocationInfoChoices};
 use crate::signed_data::{
@@ -45,6 +45,16 @@ use x509_cert::attr::{Attribute, AttributeValue, Attributes};
 use x509_cert::builder::{self, AsyncBuilder, Builder};
 use zeroize::Zeroize;
 
+// Modules
+mod kari;
+mod utils;
+
+// Exports
+pub use kari::{
+    DhSinglePassStdDhKdf, EcKeyEncryptionInfo, KeyAgreeRecipientInfoBuilder, KeyAgreementAlgorithm,
+};
+pub use utils::kw::KeyWrapAlgorithm;
+
 /// Error type
 #[derive(Debug)]
 #[non_exhaustive]
@@ -689,64 +699,6 @@ where
     }
 }
 
-/// Builds a `KeyAgreeRecipientInfo` according to RFC 5652 § 6.
-/// This type uses key agreement:  the recipient's public key and the sender's
-/// private key are used to generate a pairwise symmetric key, then
-/// the content-encryption key is encrypted in the pairwise symmetric key.
-pub struct KeyAgreeRecipientInfoBuilder<R: ?Sized> {
-    /// A CHOICE with three alternatives specifying the sender's key agreement public key.
-    pub originator: OriginatorIdentifierOrKey,
-    /// Optional information which helps generating different keys every time.
-    pub ukm: Option<UserKeyingMaterial>,
-    /// Encryption algorithm to be used for key encryption
-    pub key_enc_alg: AlgorithmIdentifierOwned,
-    _rng: PhantomData<R>,
-}
-
-impl<R> KeyAgreeRecipientInfoBuilder<R> {
-    /// Creates a `KeyAgreeRecipientInfoBuilder`
-    pub fn new(
-        originator: OriginatorIdentifierOrKey,
-        ukm: Option<UserKeyingMaterial>,
-        key_enc_alg: AlgorithmIdentifierOwned,
-    ) -> Result<Self> {
-        Ok(KeyAgreeRecipientInfoBuilder {
-            originator,
-            ukm,
-            key_enc_alg,
-            _rng: PhantomData,
-        })
-    }
-}
-
-impl<R: ?Sized> RecipientInfoBuilder for KeyAgreeRecipientInfoBuilder<R>
-where
-    R: CryptoRng,
-{
-    type Rng = R;
-
-    /// Returns the RecipientInfoType
-    fn recipient_info_type(&self) -> RecipientInfoType {
-        RecipientInfoType::Kari
-    }
-
-    /// Returns the `CMSVersion` for this `RecipientInfo`
-    fn recipient_info_version(&self) -> CmsVersion {
-        CmsVersion::V3
-    }
-
-    /// Build a `KeyAgreeRecipientInfoBuilder`. See RFC 5652 § 6.2.1
-    fn build_with_rng(
-        &mut self,
-        _content_encryption_key: &[u8],
-        _rng: &mut Self::Rng,
-    ) -> Result<RecipientInfo> {
-        Err(Error::Builder(String::from(
-            "Building KeyAgreeRecipientInfo is not implemented, yet.",
-        )))
-    }
-}
-
 /// Builds a `KekRecipientInfo` according to RFC 5652 § 6.
 /// Uses symmetric key-encryption keys: the content-encryption key is
 /// encrypted in a previously distributed symmetric key-encryption key.