ECC in CMS support

[nemynm]

Hello,

I believe that the current code base does not support EnvelopedData with Elliptic Curve Cryptography (ECC) for CMS.
Would you be interested in a code contribution that would bring partial CMS ECC support as per rfc5753?

I could contribute some code that would essentially implement KeyAgreeRecipientInfoBuilder for KeyAgreeRecipientInfo (Kari).

It would not implement all the KeyAgreement algorithms mentioned in the RFC as I think that RustCrypto does not currently have all the primitive to fully support other KeyAgreement schemes (namely 'Co-factor' ECDH and 1-Pass ECMQV). As such it would mainly focus on EnvelopedData Using (ephemeral-static) ECDH with 'Standard' ECDH

A few initial prerequisite would be:

• ANSI-X9.63-KDF support - (Pending - I already opened a PR in KDFs Done in ANSI-X9.63-KDF KDFs#101)
• Missing OIDs from rfc5753 - I can open another issue here if there is interest (Pending Done in Add RFC5753 to const-oid #1546).

Thank you and let me know your thoughts,

Best,

[tarcieri]

Sure, sounds great!

Re: OIDs for RFC5753, that should be pretty easy to add: https://github.com/RustCrypto/formats/tree/master/const-oid/oiddbgen

Please open a separate issue and/or PR for that

[nemynm]

Sure, sounds great!

Re: OIDs for RFC5753, that should be pretty easy to add: https://github.com/RustCrypto/formats/tree/master/const-oid/oiddbgen

Please open a separate issue and/or PR for that

Great thanks,
I opened #1546 for the OIDs.

I'll prepare a PR for ECC support itself.

Thanks!

[nemynm]

Hello, I have a branch almost ready (I need to rebase),
Quick question before I open the PR: right now the dependency for the key-derivation function points to the RustCrypto KDFs git repo as the new crate for ansi-x963-kdf is not yet published.
Is that acceptable for review or do you want to wait until the new crate is published on crates.io?

[tarcieri]

You can add a git dependency, that's fine

[nemynm]

here it is, I put things into separate modules for the sake of clarity and limit conflicts as I think some other PR are working on the builder-side too.