pkcs1: remove duplication between Digest generic and hash argument

lumag · lumag · commit 09391cae0dac · 2022-09-05T23:38:59.000+03:00
There is an information duplication when the keys are expected to
generate signatures over the ASN.1-prefixed data:

SigningKey::&lt;Sha256&gt;::new_with_hash(private_key, Hash::SHA2_256);

Remove this duplication by adding the AssociatedHash trait and
implementing it for sha1/sha2/sha3 types. Note, this trait should
morph into DynAssociatedOid trait and be implemented directly for the
corresponding digest implementations.

Signed-off-by: Dmitry Baryshkov &lt;dmitry.baryshkov@linaro.org&gt;
diff --git a/Cargo.toml b/Cargo.toml
@@ -30,6 +30,11 @@ zeroize = { version = "1", features = ["alloc"] }
 # Temporary workaround until https://github.com/dignifiedquire/num-bigint/pull/42 lands
 smallvec = { version = "1.6.1", default-features = false }
 
+# Temporary until the link from Digest to OID is moved to corresponding crates
+sha1 = { version = "0.10.1", default-features = false, optional = true }
+sha2 = { version = "0.10.2", default-features = false, optional = true }
+sha3 = { version = "0.10.1", default-features = false, optional = true }
+
 [dependencies.serde_crate]
 package = "serde"
 optional = true
@@ -53,7 +58,7 @@ sha3 = { version = "0.10.1", default-features = false }
 name = "key"
 
 [features]
-default = ["std", "pem"]
+default = ["std", "pem", "sha2"]
 nightly = ["num-bigint/nightly"]
 serde = ["num-bigint/serde", "serde_crate"]
 expose-internals = []
@@ -63,7 +68,7 @@ pkcs5 = ["pkcs8/encryption"]
 getrandom = ["rand_core/getrandom"]
 
 [package.metadata.docs.rs]
-features = ["std", "pem", "serde", "expose-internals"]
+features = ["std", "pem", "serde", "expose-internals", "sha1", "sha2", "sha3"]
 rustdoc-args = ["--cfg", "docsrs"]
 
 [profile.dev]
diff --git a/src/hash.rs b/src/hash.rs
@@ -83,3 +83,73 @@ impl Hash {
         }
     }
 }
+
+/* FIXME: This trait should be refactored into per-digest implementations returning OID */
+pub trait AssociatedHash {
+    fn get_hash() -> Hash;
+}
+
+#[cfg(feature = "sha1")]
+impl AssociatedHash for sha1::Sha1 {
+    fn get_hash() -> Hash {
+        Hash::SHA1
+    }
+}
+
+#[cfg(feature = "sha2")]
+impl AssociatedHash for sha2::Sha224 {
+    fn get_hash() -> Hash {
+        Hash::SHA2_224
+    }
+}
+
+#[cfg(feature = "sha2")]
+impl AssociatedHash for sha2::Sha256 {
+    fn get_hash() -> Hash {
+        Hash::SHA2_256
+    }
+}
+
+#[cfg(feature = "sha2")]
+impl AssociatedHash for sha2::Sha384 {
+    fn get_hash() -> Hash {
+        Hash::SHA2_384
+    }
+}
+
+#[cfg(feature = "sha2")]
+impl AssociatedHash for sha2::Sha512 {
+    fn get_hash() -> Hash {
+        Hash::SHA2_512
+    }
+}
+
+/*
+#[cfg(feature = "sha3")]
+impl AssociatedHash for sha3::Sha3_224 {
+    fn get_hash() -> Hash {
+        Hash::SHA3_224
+    }
+}
+*/
+
+#[cfg(feature = "sha3")]
+impl AssociatedHash for sha3::Sha3_256 {
+    fn get_hash() -> Hash {
+        Hash::SHA3_256
+    }
+}
+
+#[cfg(feature = "sha3")]
+impl AssociatedHash for sha3::Sha3_384 {
+    fn get_hash() -> Hash {
+        Hash::SHA3_384
+    }
+}
+
+#[cfg(feature = "sha3")]
+impl AssociatedHash for sha3::Sha3_512 {
+    fn get_hash() -> Hash {
+        Hash::SHA3_512
+    }
+}
diff --git a/src/lib.rs b/src/lib.rs
@@ -47,28 +47,29 @@
 //! assert_eq!(&data[..], &dec_data[..]);
 //! ```
 //!
-//! Using PKCS1v15 signatures
-//! ```
-//! use rsa::{Hash, RsaPrivateKey};
-//! use rsa::pkcs1v15::{SigningKey, VerifyingKey};
-//! use sha2::{Digest, Sha256};
-//! use signature::{RandomizedSigner, Signature, Verifier};
-//!
-//! let mut rng = rand::thread_rng();
-//!
-//! let bits = 2048;
-//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
-//! let signing_key = SigningKey::<Sha256>::new_with_hash(private_key, Hash::SHA2_256);
-//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
-//!
-//! // Sign
-//! let data = b"hello world";
-//! let signature = signing_key.sign_with_rng(&mut rng, data);
-//! assert_ne!(signature.as_bytes(), data);
-//!
-//! // Verify
-//! verifying_key.verify(data, &signature).expect("failed to verify");
-//! ```
+#![cfg_attr(feature = "sha2", doc = r#"
+Using PKCS1v15 signatures
+```
+use rsa::{Hash, RsaPrivateKey};
+use rsa::pkcs1v15::{SigningKey, VerifyingKey};
+use sha2::{Digest, Sha256};
+use signature::{RandomizedSigner, Signature, Verifier};
+
+let mut rng = rand::thread_rng();
+
+let bits = 2048;
+let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
+let signing_key = SigningKey::<Sha256>::new_with_hash(private_key);
+let verifying_key: VerifyingKey<_> = (&signing_key).into();
+
+// Sign
+let data = b"hello world";
+let signature = signing_key.sign_with_rng(&mut rng, data);
+assert_ne!(signature.as_bytes(), data);
+
+// Verify
+verifying_key.verify(data, &signature).expect("failed to verify");
+```"#)]
 //!
 //! Using PSS signatures
 //! ```
diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs
@@ -13,7 +13,7 @@ use zeroize::Zeroizing;
 
 use crate::dummy_rng::DummyRng;
 use crate::errors::{Error, Result};
-use crate::hash::Hash;
+use crate::hash::{AssociatedHash, Hash};
 use crate::key::{self, PrivateKey, PublicKey};
 use crate::{RsaPrivateKey, RsaPublicKey};
 
@@ -318,11 +318,16 @@ where
             phantom: Default::default(),
         }
     }
+}
 
-    pub fn new_with_hash(key: RsaPrivateKey, hash: Hash) -> Self {
+impl<D> SigningKey<D>
+where
+    D: Digest + AssociatedHash,
+{
+    pub fn new_with_prefix(key: RsaPrivateKey) -> Self {
         Self {
             inner: key,
-            hash: Some(hash),
+            hash: Some(D::get_hash()),
             phantom: Default::default(),
         }
     }
@@ -410,11 +415,16 @@ where
             phantom: Default::default(),
         }
     }
+}
 
-    pub fn new_with_hash(key: RsaPublicKey, hash: Hash) -> Self {
+impl<D> VerifyingKey<D>
+where
+    D: Digest + AssociatedHash,
+{
+    pub fn new_with_prefix(key: RsaPublicKey) -> Self {
         Self {
             inner: key,
-            hash: Some(hash),
+            hash: Some(D::get_hash()),
             phantom: Default::default(),
         }
     }
@@ -486,6 +496,8 @@ mod tests {
     use num_traits::Num;
     use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng};
     use sha1::{Digest, Sha1};
+    #[cfg(feature = "sha2")]
+    use sha2::Sha256;
     use signature::{RandomizedSigner, Signature, Signer, Verifier};
 
     use crate::{Hash, PaddingScheme, PublicKey, PublicKeyParts, RsaPrivateKey, RsaPublicKey};
@@ -611,19 +623,20 @@ mod tests {
         }
     }
 
+    #[cfg(feature = "sha2")]
     #[test]
     fn test_sign_pkcs1v15_signer() {
         let priv_key = get_private_key();
 
         let tests = [(
             "Test.\n",
             hex!(
-                "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"
+                "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b"
             ),
         )];
 
-        let signing_key = SigningKey::<Sha1>::new_with_hash(priv_key, Hash::SHA1);
+        let signing_key = SigningKey::<Sha256>::new_with_prefix(priv_key);
 
         for (text, expected) in &tests {
             let out = signing_key.sign(text.as_bytes());
@@ -637,30 +650,31 @@ mod tests {
         }
     }
 
+    #[cfg(feature = "sha2")]
     #[test]
     fn test_sign_pkcs1v15_digest_signer() {
         let priv_key = get_private_key();
 
         let tests = [(
             "Test.\n",
             hex!(
-                "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"
+                "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b"
             ),
         )];
 
-        let signing_key = SigningKey::new_with_hash(priv_key, Hash::SHA1);
+        let signing_key = SigningKey::new_with_prefix(priv_key);
 
         for (text, expected) in &tests {
-            let mut digest = Sha1::new();
+            let mut digest = Sha256::new();
             digest.update(text.as_bytes());
             let out = signing_key.sign_digest(digest);
             assert_ne!(out.as_ref(), text.as_bytes());
             assert_ne!(out.as_ref(), &Sha1::digest(text.as_bytes()).to_vec());
             assert_eq!(out.as_ref(), expected);
 
             let mut rng = ChaCha8Rng::from_seed([42; 32]);
-            let mut digest = Sha1::new();
+            let mut digest = Sha256::new();
             digest.update(text.as_bytes());
             let out2 = signing_key.sign_digest_with_rng(&mut rng, digest);
             assert_eq!(out2.as_ref(), expected);
@@ -709,6 +723,7 @@ mod tests {
         }
     }
 
+    #[cfg(feature = "sha2")]
     #[test]
     fn test_verify_pkcs1v15_signer() {
         let priv_key = get_private_key();
@@ -717,22 +732,22 @@ mod tests {
             (
                 "Test.\n",
                 hex!(
-                    "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                    "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"
+                    "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                    "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b"
                 ),
                 true,
             ),
             (
                 "Test.\n",
                 hex!(
-                    "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                    "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af"
+                    "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                    "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451c"
                 ),
                 false,
             ),
         ];
         let pub_key: RsaPublicKey = priv_key.into();
-        let verifying_key = VerifyingKey::<Sha1>::new_with_hash(pub_key, Hash::SHA1);
+        let verifying_key = VerifyingKey::<Sha256>::new_with_prefix(pub_key);
 
         for (text, sig, expected) in &tests {
             let result =
@@ -747,6 +762,7 @@ mod tests {
         }
     }
 
+    #[cfg(feature = "sha2")]
     #[test]
     fn test_verify_pkcs1v15_digest_signer() {
         let priv_key = get_private_key();
@@ -755,25 +771,25 @@ mod tests {
             (
                 "Test.\n",
                 hex!(
-                    "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                    "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae"
+                    "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                    "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b"
                 ),
                 true,
             ),
             (
                 "Test.\n",
                 hex!(
-                    "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33"
-                    "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af"
+                    "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea"
+                    "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451c"
                 ),
                 false,
             ),
         ];
         let pub_key: RsaPublicKey = priv_key.into();
-        let verifying_key = VerifyingKey::new_with_hash(pub_key, Hash::SHA1);
+        let verifying_key = VerifyingKey::new_with_prefix(pub_key);
 
         for (text, sig, expected) in &tests {
-            let mut digest = Sha1::new();
+            let mut digest = Sha256::new();
             digest.update(text.as_bytes());
             let result = verifying_key.verify_digest(digest, &Signature::from_bytes(sig).unwrap());
             match expected {
