@@ -13,7 +13,7 @@ use zeroize::Zeroizing;
13
13
14
14
use crate :: dummy_rng:: DummyRng ;
15
15
use crate :: errors:: { Error , Result } ;
16
- use crate :: hash:: Hash ;
16
+ use crate :: hash:: { AssociatedHash , Hash } ;
17
17
use crate :: key:: { self , PrivateKey , PublicKey } ;
18
18
use crate :: { RsaPrivateKey , RsaPublicKey } ;
19
19
@@ -318,11 +318,16 @@ where
318
318
phantom : Default :: default ( ) ,
319
319
}
320
320
}
321
+ }
321
322
322
- pub fn new_with_hash ( key : RsaPrivateKey , hash : Hash ) -> Self {
323
+ impl < D > SigningKey < D >
324
+ where
325
+ D : Digest + AssociatedHash ,
326
+ {
327
+ pub fn new_with_prefix ( key : RsaPrivateKey ) -> Self {
323
328
Self {
324
329
inner : key,
325
- hash : Some ( hash ) ,
330
+ hash : Some ( D :: HASH ) ,
326
331
phantom : Default :: default ( ) ,
327
332
}
328
333
}
@@ -410,11 +415,16 @@ where
410
415
phantom : Default :: default ( ) ,
411
416
}
412
417
}
418
+ }
413
419
414
- pub fn new_with_hash ( key : RsaPublicKey , hash : Hash ) -> Self {
420
+ impl < D > VerifyingKey < D >
421
+ where
422
+ D : Digest + AssociatedHash ,
423
+ {
424
+ pub fn new_with_prefix ( key : RsaPublicKey ) -> Self {
415
425
Self {
416
426
inner : key,
417
- hash : Some ( hash ) ,
427
+ hash : Some ( D :: HASH ) ,
418
428
phantom : Default :: default ( ) ,
419
429
}
420
430
}
@@ -486,6 +496,8 @@ mod tests {
486
496
use num_traits:: Num ;
487
497
use rand_chacha:: { rand_core:: SeedableRng , ChaCha8Rng } ;
488
498
use sha1:: { Digest , Sha1 } ;
499
+ #[ cfg( feature = "sha2" ) ]
500
+ use sha2:: Sha256 ;
489
501
use signature:: { RandomizedSigner , Signature , Signer , Verifier } ;
490
502
491
503
use crate :: { Hash , PaddingScheme , PublicKey , PublicKeyParts , RsaPrivateKey , RsaPublicKey } ;
@@ -611,19 +623,20 @@ mod tests {
611
623
}
612
624
}
613
625
626
+ #[ cfg( feature = "sha2" ) ]
614
627
#[ test]
615
628
fn test_sign_pkcs1v15_signer ( ) {
616
629
let priv_key = get_private_key ( ) ;
617
630
618
631
let tests = [ (
619
632
"Test.\n " ,
620
633
hex ! (
621
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
622
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae "
634
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
635
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b "
623
636
) ,
624
637
) ] ;
625
638
626
- let signing_key = SigningKey :: < Sha1 > :: new_with_hash ( priv_key, Hash :: SHA1 ) ;
639
+ let signing_key = SigningKey :: < Sha256 > :: new_with_prefix ( priv_key) ;
627
640
628
641
for ( text, expected) in & tests {
629
642
let out = signing_key. sign ( text. as_bytes ( ) ) ;
@@ -637,30 +650,31 @@ mod tests {
637
650
}
638
651
}
639
652
653
+ #[ cfg( feature = "sha2" ) ]
640
654
#[ test]
641
655
fn test_sign_pkcs1v15_digest_signer ( ) {
642
656
let priv_key = get_private_key ( ) ;
643
657
644
658
let tests = [ (
645
659
"Test.\n " ,
646
660
hex ! (
647
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
648
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae "
661
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
662
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b "
649
663
) ,
650
664
) ] ;
651
665
652
- let signing_key = SigningKey :: new_with_hash ( priv_key, Hash :: SHA1 ) ;
666
+ let signing_key = SigningKey :: new_with_prefix ( priv_key) ;
653
667
654
668
for ( text, expected) in & tests {
655
- let mut digest = Sha1 :: new ( ) ;
669
+ let mut digest = Sha256 :: new ( ) ;
656
670
digest. update ( text. as_bytes ( ) ) ;
657
671
let out = signing_key. sign_digest ( digest) ;
658
672
assert_ne ! ( out. as_ref( ) , text. as_bytes( ) ) ;
659
673
assert_ne ! ( out. as_ref( ) , & Sha1 :: digest( text. as_bytes( ) ) . to_vec( ) ) ;
660
674
assert_eq ! ( out. as_ref( ) , expected) ;
661
675
662
676
let mut rng = ChaCha8Rng :: from_seed ( [ 42 ; 32 ] ) ;
663
- let mut digest = Sha1 :: new ( ) ;
677
+ let mut digest = Sha256 :: new ( ) ;
664
678
digest. update ( text. as_bytes ( ) ) ;
665
679
let out2 = signing_key. sign_digest_with_rng ( & mut rng, digest) ;
666
680
assert_eq ! ( out2. as_ref( ) , expected) ;
@@ -709,6 +723,7 @@ mod tests {
709
723
}
710
724
}
711
725
726
+ #[ cfg( feature = "sha2" ) ]
712
727
#[ test]
713
728
fn test_verify_pkcs1v15_signer ( ) {
714
729
let priv_key = get_private_key ( ) ;
@@ -717,22 +732,22 @@ mod tests {
717
732
(
718
733
"Test.\n " ,
719
734
hex ! (
720
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
721
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae "
735
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
736
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b "
722
737
) ,
723
738
true ,
724
739
) ,
725
740
(
726
741
"Test.\n " ,
727
742
hex ! (
728
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
729
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af "
743
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
744
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451c "
730
745
) ,
731
746
false ,
732
747
) ,
733
748
] ;
734
749
let pub_key: RsaPublicKey = priv_key. into ( ) ;
735
- let verifying_key = VerifyingKey :: < Sha1 > :: new_with_hash ( pub_key, Hash :: SHA1 ) ;
750
+ let verifying_key = VerifyingKey :: < Sha256 > :: new_with_prefix ( pub_key) ;
736
751
737
752
for ( text, sig, expected) in & tests {
738
753
let result =
@@ -747,6 +762,7 @@ mod tests {
747
762
}
748
763
}
749
764
765
+ #[ cfg( feature = "sha2" ) ]
750
766
#[ test]
751
767
fn test_verify_pkcs1v15_digest_signer ( ) {
752
768
let priv_key = get_private_key ( ) ;
@@ -755,25 +771,25 @@ mod tests {
755
771
(
756
772
"Test.\n " ,
757
773
hex ! (
758
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
759
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae "
774
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
775
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b "
760
776
) ,
761
777
true ,
762
778
) ,
763
779
(
764
780
"Test.\n " ,
765
781
hex ! (
766
- "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33 "
767
- "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af "
782
+ "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea "
783
+ "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451c "
768
784
) ,
769
785
false ,
770
786
) ,
771
787
] ;
772
788
let pub_key: RsaPublicKey = priv_key. into ( ) ;
773
- let verifying_key = VerifyingKey :: new_with_hash ( pub_key, Hash :: SHA1 ) ;
789
+ let verifying_key = VerifyingKey :: new_with_prefix ( pub_key) ;
774
790
775
791
for ( text, sig, expected) in & tests {
776
- let mut digest = Sha1 :: new ( ) ;
792
+ let mut digest = Sha256 :: new ( ) ;
777
793
digest. update ( text. as_bytes ( ) ) ;
778
794
let result = verifying_key. verify_digest ( digest, & Signature :: from_bytes ( sig) . unwrap ( ) ) ;
779
795
match expected {
0 commit comments