From fec0ec96ef51234677adbfd37cd9160e6e6bcebd Mon Sep 17 00:00:00 2001
From: Joe Birr-Pixton <jpixton@gmail.com>
Date: Mon, 23 Dec 2024 13:30:11 +0000
Subject: [PATCH] Move `AlgorithmIdentifier` type into `alg_id`

---
 src/alg_id.rs | 68 +++++++++++++++++++++++++++++++++++++++++++++++++--
 src/lib.rs    | 60 +--------------------------------------------
 2 files changed, 67 insertions(+), 61 deletions(-)

diff --git a/src/alg_id.rs b/src/alg_id.rs
index 637027d..aeb2af0 100644
--- a/src/alg_id.rs
+++ b/src/alg_id.rs
@@ -1,9 +1,73 @@
-//! Common values of the PKIX [`AlgorithmIdentifier`] type.
+//! The PKIX [`AlgorithmIdentifier`] type, and common values.
 //!
 //! If you need to use an [`AlgorithmIdentifier`] not defined here,
 //! you can define it locally.
 
-use super::AlgorithmIdentifier;
+use core::fmt;
+use core::ops::Deref;
+
+/// A DER encoding of the PKIX AlgorithmIdentifier type:
+///
+/// ```ASN.1
+/// AlgorithmIdentifier  ::=  SEQUENCE  {
+///     algorithm               OBJECT IDENTIFIER,
+///     parameters              ANY DEFINED BY algorithm OPTIONAL  }
+///                                -- contains a value of the type
+///                                -- registered for use with the
+///                                -- algorithm object identifier value
+/// ```
+/// (from <https://www.rfc-editor.org/rfc/rfc5280#section-4.1.1.2>)
+///
+/// The outer sequence encoding is *not included*, so this is the DER encoding
+/// of an OID for `algorithm` plus the `parameters` value.
+///
+/// For example, this is the `rsaEncryption` algorithm (but prefer to use the constant
+/// [`RSA_ENCRYPTION`] instead):
+///
+/// ```
+/// let rsa_encryption = rustls_pki_types::AlgorithmIdentifier::from_slice(
+///     &[
+///         // algorithm: 1.2.840.113549.1.1.1
+///         0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
+///         // parameters: NULL
+///         0x05, 0x00
+///     ]
+/// );
+/// assert_eq!(rustls_pki_types::alg_id::RSA_ENCRYPTION, rsa_encryption);
+/// ```
+///
+/// Common values for this type are provided in this module.
+#[derive(Clone, Copy, PartialEq, Eq)]
+pub struct AlgorithmIdentifier(&'static [u8]);
+
+impl AlgorithmIdentifier {
+    /// Makes a new `AlgorithmIdentifier` from a static octet slice.
+    ///
+    /// This does not validate the contents of the slice.
+    pub const fn from_slice(bytes: &'static [u8]) -> Self {
+        Self(bytes)
+    }
+}
+
+impl AsRef<[u8]> for AlgorithmIdentifier {
+    fn as_ref(&self) -> &[u8] {
+        self.0
+    }
+}
+
+impl fmt::Debug for AlgorithmIdentifier {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        super::hex(f, self.0)
+    }
+}
+
+impl Deref for AlgorithmIdentifier {
+    type Target = [u8];
+
+    fn deref(&self) -> &Self::Target {
+        self.as_ref()
+    }
+}
 
 // See src/data/README.md.
 
diff --git a/src/lib.rs b/src/lib.rs
index 335e0e9..04237f7 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -95,6 +95,7 @@ mod server_name;
 #[cfg(feature = "alloc")]
 pub mod pem;
 
+pub use alg_id::AlgorithmIdentifier;
 pub use server_name::{
     AddrParseError, DnsName, InvalidDnsNameError, IpAddr, Ipv4Addr, Ipv6Addr, ServerName,
 };
@@ -900,65 +901,6 @@ pub trait SignatureVerificationAlgorithm: Send + Sync + fmt::Debug {
 #[derive(Debug, Copy, Clone)]
 pub struct InvalidSignature;
 
-/// A DER encoding of the PKIX AlgorithmIdentifier type:
-///
-/// ```ASN.1
-/// AlgorithmIdentifier  ::=  SEQUENCE  {
-///     algorithm               OBJECT IDENTIFIER,
-///     parameters              ANY DEFINED BY algorithm OPTIONAL  }
-///                                -- contains a value of the type
-///                                -- registered for use with the
-///                                -- algorithm object identifier value
-/// ```
-/// (from <https://www.rfc-editor.org/rfc/rfc5280#section-4.1.1.2>)
-///
-/// The outer sequence encoding is *not included*, so this is the DER encoding
-/// of an OID for `algorithm` plus the `parameters` value.
-///
-/// For example, this is the `rsaEncryption` algorithm:
-///
-/// ```
-/// let rsa_encryption = rustls_pki_types::AlgorithmIdentifier::from_slice(
-///     &[
-///         // algorithm: 1.2.840.113549.1.1.1
-///         0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
-///         // parameters: NULL
-///         0x05, 0x00
-///     ]
-/// );
-/// ```
-#[derive(Clone, Copy, PartialEq, Eq)]
-pub struct AlgorithmIdentifier(&'static [u8]);
-
-impl AlgorithmIdentifier {
-    /// Makes a new `AlgorithmIdentifier` from a static octet slice.
-    ///
-    /// This does not validate the contents of the slice.
-    pub const fn from_slice(bytes: &'static [u8]) -> Self {
-        Self(bytes)
-    }
-}
-
-impl AsRef<[u8]> for AlgorithmIdentifier {
-    fn as_ref(&self) -> &[u8] {
-        self.0
-    }
-}
-
-impl fmt::Debug for AlgorithmIdentifier {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        hex(f, self.0)
-    }
-}
-
-impl Deref for AlgorithmIdentifier {
-    type Target = [u8];
-
-    fn deref(&self) -> &Self::Target {
-        self.as_ref()
-    }
-}
-
 /// A timestamp, tracking the number of non-leap seconds since the Unix epoch.
 ///
 /// The Unix epoch is defined January 1, 1970 00:00:00 UTC.