1 //! SPKI fingerprint support. 2 3 use der::Writer; 4 use sha2::{Digest, Sha256}; 5 6 /// Size of a SHA-256 SPKI fingerprint in bytes. 7 pub(crate) const SIZE: usize = 32; 8 9 /// Raw bytes of a SPKI fingerprint i.e. SHA-256 digest of 10 /// `SubjectPublicKeyInfo`'s DER encoding. 11 /// 12 /// See [RFC7469 § 2.1.1] for more information. 13 /// 14 /// [RFC7469 § 2.1.1]: https://datatracker.ietf.org/doc/html/rfc7469#section-2.1.1 15 pub type FingerprintBytes = [u8; SIZE]; 16 17 /// Writer newtype which accepts DER being serialized on-the-fly and computes a 18 /// hash of the contents. 19 #[derive(Clone, Default)] 20 pub(crate) struct Builder { 21 /// In-progress digest being computed from streaming DER. 22 digest: Sha256, 23 } 24 25 impl Builder { 26 /// Create a new fingerprint builder. new() -> Self27 pub fn new() -> Self { 28 Self::default() 29 } 30 31 /// Finish computing a fingerprint, returning the computed digest. finish(self) -> FingerprintBytes32 pub fn finish(self) -> FingerprintBytes { 33 self.digest.finalize().into() 34 } 35 } 36 37 impl Writer for Builder { write(&mut self, der_bytes: &[u8]) -> der::Result<()>38 fn write(&mut self, der_bytes: &[u8]) -> der::Result<()> { 39 self.digest.update(der_bytes); 40 Ok(()) 41 } 42 } 43