fn sign()

in src/crypto/openssl_pkey.rs [83:104]

• 13 lines of code
• 2 McCabe index (conditional complexity)

    fn sign(&self, digest: &[u8]) -> Result<Vec<u8>, CoseError> {
        let key = self.ec_key().map_err(|_| {
            CoseError::UnsupportedError("Non-EC keys are not yet supported".to_string())
        })?;

        let curve_name = key.group().curve_name().ok_or_else(|| {
            CoseError::UnsupportedError("Anonymous EC keys are not supported".to_string())
        })?;

        let (_, _, key_length) = ec_curve_to_parameters(curve_name)?;

        // The spec defines the signature as:
        // Signature = I2OSP(R, n) | I2OSP(S, n), where n = ceiling(key_length / 8)
        // The Signer interface doesn't provide this, so this will use EcdsaSig interface instead
        // and concatenate R and S.
        // See https://tools.ietf.org/html/rfc8017#section-4.1 for details.
        let signature = EcdsaSig::sign(digest, &key).map_err(CoseError::SignatureError)?;
        let bytes_r = signature.r().to_vec();
        let bytes_s = signature.s().to_vec();

        Ok(super::merge_ec_signature(&bytes_r, &bytes_s, key_length))
    }