@@ -3,10 +3,11 @@ use alloc::{boxed::Box, vec};
3
3
use der:: {
4
4
DecodeValue , EncodeValue , FixedTag , Length , Tag ,
5
5
asn1:: { OctetString , OctetStringRef } ,
6
+ oid:: db:: rfc6268,
6
7
referenced:: OwnedToRef ,
7
8
} ;
8
9
9
- use x509_cert:: time:: Time ;
10
+ use x509_cert:: { attr :: Attribute , time:: Time } ;
10
11
11
12
use crate :: signed_data:: SignerInfo ;
12
13
@@ -101,6 +102,30 @@ impl From<MessageDigest> for vec::Vec<u8> {
101
102
}
102
103
}
103
104
105
+ impl TryFrom < & Attribute > for MessageDigest {
106
+ type Error = der:: Error ;
107
+
108
+ fn try_from ( attr : & Attribute ) -> Result < Self , Self :: Error > {
109
+ if attr. oid != rfc6268:: ID_MESSAGE_DIGEST {
110
+ return Err ( der:: ErrorKind :: OidUnknown { oid : attr. oid } . into ( ) ) ;
111
+ }
112
+
113
+ // A message-digest attribute MUST have a single attribute value, even
114
+ // though the syntax is defined as a SET OF AttributeValue. There MUST
115
+ // NOT be zero or multiple instances of AttributeValue present.
116
+
117
+ if attr. values . len ( ) != 1 {
118
+ return Err ( der:: ErrorKind :: Value { tag : Tag :: Set } . into ( ) ) ;
119
+ }
120
+ let message_digest = attr
121
+ . values
122
+ . get ( 0 )
123
+ . expect ( "Invariant violation, only one value is present in the attribute" ) ;
124
+
125
+ message_digest. decode_as :: < OctetString > ( ) . map ( Self )
126
+ }
127
+ }
128
+
104
129
/// The `SigningTime` attribute is defined in [RFC 5652 Section 11.3].
105
130
///
106
131
/// ```text
0 commit comments