Enhance cryptographic implementations with generic hash and HMAC structures

- Introduced GenericHash and GenericHmac for flexible hash and HMAC handling.
- Updated NIST curve key exchange implementations for better structure and clarity.
- Added support for additional ECDSA signature algorithms.
- Improved RSA verification with new traits and constants for PKCS1 and PSS schemes.

Author: stevefan1999-personal

src/hash.rs

@@ -1,68 +1,97 @@
 #[cfg(feature = "alloc")]
 use alloc::boxed::Box;
+use const_default::ConstDefault;
 
+use core::marker::PhantomData;
 use digest::{Digest, OutputSizeUser};
-use preinterpret::preinterpret;
 use rustls::crypto::{self, hash};
 
-macro_rules! impl_hash {
-    ($name:ident, $ty:ty, $algo:ty) => {
-        preinterpret! {
-            [!set! #hash_name = [!ident! Hash_ $name]]
-            [!set! #hash_content_name = [!ident! HashContent_ $name]]
+/// Trait to provide hash algorithm for different hash types
+pub trait HashAlgorithm {
+    const ALGORITHM: hash::HashAlgorithm;
+}
+
+// Generic hash implementation
+#[derive(ConstDefault)]
+pub struct GenericHash<H> {
+    _phantom: PhantomData<H>,
+}
+
+impl<H> hash::Hash for GenericHash<H>
+where
+    H: Digest + OutputSizeUser + Clone + Send + Sync + 'static + HashAlgorithm,
+{
+    fn start(&self) -> Box<dyn hash::Context> {
+        Box::new(GenericHashContext(H::new()))
+    }
+
+    fn hash(&self, data: &[u8]) -> hash::Output {
+        hash::Output::new(&H::digest(data)[..])
+    }
 
-            #[allow(non_camel_case_types)]
-            pub struct #hash_name;
+    fn output_len(&self) -> usize {
+        <H as OutputSizeUser>::output_size()
+    }
 
-            impl hash::Hash for #hash_name {
-                fn start(&self) -> Box<dyn hash::Context> {
-                    Box::new(#hash_content_name($ty::new()))
-                }
+    fn algorithm(&self) -> hash::HashAlgorithm {
+        H::ALGORITHM
+    }
+}
 
-                fn hash(&self, data: &[u8]) -> hash::Output {
-                    hash::Output::new(&$ty::digest(data)[..])
-                }
+// Implement HashAlgorithm trait for each hash type
+#[cfg(feature = "hash-sha224")]
+impl HashAlgorithm for ::sha2::Sha224 {
+    const ALGORITHM: hash::HashAlgorithm = hash::HashAlgorithm::SHA224;
+}
+
+#[cfg(feature = "hash-sha256")]
+impl HashAlgorithm for ::sha2::Sha256 {
+    const ALGORITHM: hash::HashAlgorithm = hash::HashAlgorithm::SHA256;
+}
 
-                fn output_len(&self) -> usize {
-                    <$ty as OutputSizeUser>::output_size()
-                }
+#[cfg(feature = "hash-sha384")]
+impl HashAlgorithm for ::sha2::Sha384 {
+    const ALGORITHM: hash::HashAlgorithm = hash::HashAlgorithm::SHA384;
+}
 
-                fn algorithm(&self) -> hash::HashAlgorithm {
-                    $algo
-                }
-            }
+#[cfg(feature = "hash-sha512")]
+impl HashAlgorithm for ::sha2::Sha512 {
+    const ALGORITHM: hash::HashAlgorithm = hash::HashAlgorithm::SHA512;
+}
 
-            #[allow(non_camel_case_types)]
-            pub struct #hash_content_name($ty);
+pub struct GenericHashContext<H>(H);
 
-            impl hash::Context for #hash_content_name {
-                fn fork_finish(&self) -> hash::Output {
-                    hash::Output::new(&self.0.clone().finalize()[..])
-                }
+impl<H> hash::Context for GenericHashContext<H>
+where
+    H: Digest + Clone + Send + Sync + 'static,
+{
+    fn fork_finish(&self) -> hash::Output {
+        hash::Output::new(&self.0.clone().finalize()[..])
+    }
 
-                fn fork(&self) -> Box<dyn hash::Context> {
-                    Box::new(#hash_content_name(self.0.clone()))
-                }
+    fn fork(&self) -> Box<dyn hash::Context> {
+        Box::new(GenericHashContext(self.0.clone()))
+    }
 
-                fn finish(self: Box<Self>) -> hash::Output {
-                    hash::Output::new(&self.0.finalize()[..])
-                }
+    fn finish(self: Box<Self>) -> hash::Output {
+        hash::Output::new(&self.0.finalize()[..])
+    }
 
-                fn update(&mut self, data: &[u8]) {
-                    self.0.update(data);
-                }
-            }
+    fn update(&mut self, data: &[u8]) {
+        self.0.update(data);
+    }
+}
 
-            pub const $name: &dyn crypto::hash::Hash = &#hash_name;
-        }
+/// Macro to generate hash constants
+macro_rules! hash_const {
+    ($name:ident, $hash:ty, $feature:literal) => {
+        #[cfg(feature = $feature)]
+        pub const $name: &dyn crypto::hash::Hash = &GenericHash::<$hash>::DEFAULT;
     };
 }
 
-#[cfg(feature = "hash-sha224")]
-impl_hash! {SHA224, ::sha2::Sha224, hash::HashAlgorithm::SHA224}
-#[cfg(feature = "hash-sha256")]
-impl_hash! {SHA256, ::sha2::Sha256, hash::HashAlgorithm::SHA256}
-#[cfg(feature = "hash-sha384")]
-impl_hash! {SHA384, ::sha2::Sha384, hash::HashAlgorithm::SHA384}
-#[cfg(feature = "hash-sha512")]
-impl_hash! {SHA512, ::sha2::Sha512, hash::HashAlgorithm::SHA512}
+// Generate hash constants using macro
+hash_const!(SHA224, ::sha2::Sha224, "hash-sha224");
+hash_const!(SHA256, ::sha2::Sha256, "hash-sha256");
+hash_const!(SHA384, ::sha2::Sha384, "hash-sha384");
+hash_const!(SHA512, ::sha2::Sha512, "hash-sha512");

src/hmac.rs

@@ -1,62 +1,70 @@
 #[cfg(feature = "alloc")]
 use alloc::boxed::Box;
 
-use crypto_common::KeyInit;
+use core::marker::PhantomData;
 use crypto_common::OutputSizeUser;
-use preinterpret::preinterpret;
-use rustls::crypto::hmac::{Hmac, Key, Tag};
-
-macro_rules! impl_hmac {
-    (
-        $name: ident,
-        $ty: ty
-    ) => {
-        preinterpret! {
-            [!set! #hmac_type_name = [!ident! Hmac_ $name]]
-            [!set! #hmac_key_type_name = [!ident! HmacKey_ $name]]
-
-            #[allow(non_camel_case_types)]
-            pub struct #hmac_type_name;
-
-            impl Hmac for #hmac_type_name {
-                fn with_key(&self, key: &[u8]) -> Box<dyn Key> {
-                    Box::new(#hmac_key_type_name(
-                        ::hmac::Hmac::<$ty>::new_from_slice(key).expect("Invalid key length for HMAC"),
-                    ))
-                }
-
-                fn hash_output_len(&self) -> usize {
-                    $ty::output_size()
-                }
-            }
-
-            #[allow(non_camel_case_types)]
-            pub struct #hmac_key_type_name(::hmac::Hmac<$ty>);
-
-            impl Key for #hmac_key_type_name {
-                fn sign_concat(&self, first: &[u8], middle: &[&[u8]], last: &[u8]) -> Tag {
-                    use ::hmac::Mac;
-                    let mut ctx = self.0.clone();
-                    ctx.update(first);
-                    for m in middle {
-                        ctx.update(m);
-                    }
-                    ctx.update(last);
-                    Tag::new(&ctx.finalize().into_bytes()[..])
-                }
-
-                fn tag_len(&self) -> usize {
-                    $ty::output_size()
-                }
-            }
-            pub const $name: &dyn Hmac = &#hmac_type_name;
+use hmac::{EagerHash, Hmac};
+use rustls::crypto::hmac::{Hmac as RustlsHmac, Key, Tag};
+
+pub trait HmacHash: EagerHash + Send + Sync + 'static {}
+
+impl<T> HmacHash for T where T: EagerHash + Send + Sync + 'static {}
+
+pub struct GenericHmac<H: HmacHash> {
+    _phantom: PhantomData<H>,
+}
+
+impl<H> RustlsHmac for GenericHmac<H>
+where
+    H: HmacHash,
+    <H as EagerHash>::Core: Send + Sync,
+{
+    fn with_key(&self, key: &[u8]) -> Box<dyn Key> {
+        Box::new(GenericHmacKey::<H>(
+            <::hmac::Hmac<H> as hmac::KeyInit>::new_from_slice(key)
+                .expect("Invalid key length for HMAC"),
+        ))
+    }
+
+    fn hash_output_len(&self) -> usize {
+        <H as OutputSizeUser>::output_size()
+    }
+}
+
+pub struct GenericHmacKey<H: HmacHash>(Hmac<H>);
+
+impl<H> Key for GenericHmacKey<H>
+where
+    H: HmacHash,
+    <H as EagerHash>::Core: Send + Sync,
+{
+    fn sign_concat(&self, first: &[u8], middle: &[&[u8]], last: &[u8]) -> Tag {
+        use ::hmac::Mac;
+        let mut ctx = self.0.clone();
+        ctx.update(first);
+        for m in middle {
+            ctx.update(m);
         }
-    };
+        ctx.update(last);
+        Tag::new(&ctx.finalize().into_bytes()[..])
+    }
+
+    fn tag_len(&self) -> usize {
+        <H as OutputSizeUser>::output_size()
+    }
 }
 
 #[cfg(feature = "hash-sha256")]
-impl_hmac! {SHA256, ::sha2::Sha256}
+pub const SHA256: &dyn RustlsHmac = &GenericHmac::<::sha2::Sha256> {
+    _phantom: PhantomData,
+};
+
 #[cfg(feature = "hash-sha384")]
-impl_hmac! {SHA384, ::sha2::Sha384}
+pub const SHA384: &dyn RustlsHmac = &GenericHmac::<::sha2::Sha384> {
+    _phantom: PhantomData,
+};
+
 #[cfg(feature = "hash-sha512")]
-impl_hmac! {SHA512, ::sha2::Sha512}
+pub const SHA512: &dyn RustlsHmac = &GenericHmac::<::sha2::Sha512> {
+    _phantom: PhantomData,
+};

src/kx.rs

@@ -6,11 +6,11 @@ pub const ALL_KX_GROUPS: &[&dyn SupportedKxGroup] = &[
     #[cfg(feature = "kx-x25519")]
     &x25519::X25519,
     #[cfg(feature = "kx-p256")]
-    &nist::SecP256R1,
+    &nist::SEC_P256_R1,
     #[cfg(feature = "kx-p384")]
-    &nist::SecP384R1,
+    &nist::SEC_P384_R1,
     #[cfg(feature = "kx-p521")]
-    &nist::SecP521R1,
+    &nist::SEC_P521_R1,
 ];
 
 #[cfg(feature = "kx-nist")]