in cert-storage-inspector/src/main.rs [115:156]
fn split_der_key(key: &[u8]) -> Result<(&[u8], &[u8]), SimpleError> {
if key.len() < 2 {
return Err(SimpleError::from("key too short to be DER"));
}
let first_len_byte = key[1] as usize;
if first_len_byte < 0x80 {
if key.len() < first_len_byte + 2 {
return Err(SimpleError::from("key too short"));
}
return Ok(key.split_at(first_len_byte + 2 as usize));
}
if first_len_byte == 0x80 {
return Err(SimpleError::from("unsupported ASN.1"));
}
if first_len_byte == 0x81 {
if key.len() < 3 {
return Err(SimpleError::from("key too short to be DER"));
}
let len = key[2] as usize;
if len < 0x80 {
return Err(SimpleError::from("bad DER"));
}
if key.len() < len + 3 {
return Err(SimpleError::from("key too short"));
}
return Ok(key.split_at(len + 3));
}
if first_len_byte == 0x82 {
if key.len() < 4 {
return Err(SimpleError::from("key too short to be DER"));
}
let len = (key[2] as usize) << 8 | key[3] as usize;
if len < 256 {
return Err(SimpleError::from("bad DER"));
}
if key.len() < len + 4 {
return Err(SimpleError::from("key too short"));
}
return Ok(key.split_at(len + 4));
}
Err(SimpleError::from("key too long"))
}