Move get_signature_schema_from_offered to utils crate with better rus…

…tdoc

rustls-mbedcrypto-provider/src/sign.rs

@@ -7,7 +7,7 @@ use rustls::{pki_types, SignatureScheme};
 use std::sync::Mutex;
 use utils::error::mbedtls_err_into_rustls_err;
 use utils::hash::{buffer_for_hash_type, rustls_signature_scheme_to_mbedtls_hash_type};
-use utils::pk::{pk_type_to_signature_algo, rustls_signature_scheme_to_mbedtls_pk_options};
+use utils::pk::{get_signature_schema_from_offered, pk_type_to_signature_algo, rustls_signature_scheme_to_mbedtls_pk_options};
 
 struct MbedTlsSigner(Arc<Mutex<mbedtls::pk::Pk>>, SignatureScheme);
 
@@ -154,35 +154,6 @@ impl rustls::sign::SigningKey for MbedTlsPkSigningKey {
     }
 }
 
-/// Helper function to choose proper [`SignatureScheme`] based on given inputs
-pub fn get_signature_schema_from_offered(
-    pk_type: mbedtls::pk::Type,
-    offered: &[SignatureScheme],
-    ec_signature_scheme: Option<SignatureScheme>,
-    rsa_scheme_prefer_order_list: &[SignatureScheme],
-) -> Option<SignatureScheme> {
-    match pk_type {
-        mbedtls::pk::Type::Rsa | mbedtls::pk::Type::RsaAlt | mbedtls::pk::Type::RsassaPss => {
-            // choose a rsa schema
-            for scheme in rsa_scheme_prefer_order_list {
-                if offered.contains(scheme) {
-                    return Some(*scheme);
-                }
-            }
-            None
-        }
-        mbedtls::pk::Type::Eckey | mbedtls::pk::Type::EckeyDh | mbedtls::pk::Type::Ecdsa => {
-            let scheme = ec_signature_scheme.expect("validated");
-            if offered.contains(&scheme) {
-                Some(scheme)
-            } else {
-                None
-            }
-        }
-        _ => None,
-    }
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;

rustls-mbedtls-provider-utils/src/pk.rs

@@ -75,7 +75,7 @@ pub fn rustls_signature_scheme_to_mbedtls_curve_id(signature_scheme: SignatureSc
     }
 }
 
-/// Helper function to get [`rustls::SignatureAlgorithm`] from mbedtls [`mbedtls::pk::Type`]
+/// Helper function to get [`rustls::SignatureAlgorithm`] from mbedtls [`Type`]
 pub fn pk_type_to_signature_algo(pk_type: Type) -> Option<rustls::SignatureAlgorithm> {
     use rustls::SignatureAlgorithm;
     match pk_type {
@@ -85,6 +85,48 @@ pub fn pk_type_to_signature_algo(pk_type: Type) -> Option<rustls::SignatureAlgor
     }
 }
 
+/// Helper function to choose proper `SignatureScheme` based on given inputs
+///
+/// # Arguments
+///
+/// * `pk_type` - The type of [`Pk`][1] used currently.
+/// * `offered` - The list of offered signature schemes
+/// * `ec_signature_scheme` - If current [`Pk`][1] is EC key, corresponding ec signature scheme should be provided
+/// * `rsa_scheme_prefer_order_list` - Order list of preferred RSA signature schemes
+///
+/// # Returns
+///
+/// The chosen `SignatureScheme` if found, otherwise `None`
+///
+/// [1]: mbedtls::pk::Pk
+pub fn get_signature_schema_from_offered(
+    pk_type: Type,
+    offered: &[SignatureScheme],
+    ec_signature_scheme: Option<SignatureScheme>,
+    rsa_scheme_prefer_order_list: &[SignatureScheme],
+) -> Option<SignatureScheme> {
+    match pk_type {
+        Type::Rsa | Type::RsaAlt | Type::RsassaPss => {
+            // choose a rsa schema
+            for scheme in rsa_scheme_prefer_order_list {
+                if offered.contains(scheme) {
+                    return Some(*scheme);
+                }
+            }
+            None
+        }
+        Type::Eckey | Type::EckeyDh | Type::Ecdsa => {
+            let scheme = ec_signature_scheme.expect("EC Pk should provides a valid ec_signature_scheme");
+            if offered.contains(&scheme) {
+                Some(scheme)
+            } else {
+                None
+            }
+        }
+        _ => None,
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;