rsa: hook new Signer/Verifier implementations

lumag · lumag · commit e211befc84ab · 2022-08-01T01:06:12.000+03:00
Signed-off-by: Dmitry Baryshkov &lt;dmitry.baryshkov@linaro.org&gt;
diff --git a/src/key.rs b/src/key.rs
@@ -15,6 +15,8 @@ use crate::errors::{Error, Result};
 
 use crate::padding::PaddingScheme;
 use crate::raw::{DecryptionPrimitive, EncryptionPrimitive};
+use crate::signer::{RsaBlindedSigner, RsaSigner};
+use crate::verifier::RsaVerifier;
 use crate::{oaep, pkcs1v15, pss};
 
 static MIN_PUB_EXPONENT: u64 = 2;
@@ -199,7 +201,7 @@ impl PublicKeyParts for RsaPublicKey {
     }
 }
 
-impl PublicKey for RsaPublicKey {
+impl<'a> PublicKey for RsaPublicKey {
     fn encrypt<R: RngCore + CryptoRng>(
         &self,
         rng: &mut R,
@@ -229,14 +231,18 @@ impl PublicKey for RsaPublicKey {
     }
 }
 
-impl RsaPublicKey {
+impl<'a> RsaPublicKey {
     /// Create a new key from its components.
     pub fn new(n: BigUint, e: BigUint) -> Result<Self> {
         let k = RsaPublicKey { n, e };
         check_public(&k)?;
 
         Ok(k)
     }
+
+    pub fn to_verifier(&'a self, padding: PaddingScheme) -> RsaVerifier<'a> {
+        RsaVerifier::new(&self, padding)
+    }
 }
 
 impl<'a> PublicKeyParts for &'a RsaPublicKey {
@@ -290,7 +296,7 @@ impl<'a> PublicKeyParts for &'a RsaPrivateKey {
 
 impl<'a> PrivateKey for &'a RsaPrivateKey {}
 
-impl RsaPrivateKey {
+impl<'a> RsaPrivateKey {
     /// Generate a new Rsa key pair of the given bit size using the passed in `rng`.
     pub fn new<R: RngCore + CryptoRng>(rng: &mut R, bit_size: usize) -> Result<RsaPrivateKey> {
         generate_multi_prime_key(rng, 2, bit_size)
@@ -547,6 +553,14 @@ impl RsaPrivateKey {
             _ => Err(Error::InvalidPaddingScheme),
         }
     }
+
+    pub fn to_signer(&'a self, padding: PaddingScheme) -> RsaSigner<'a> {
+        RsaSigner::new(&self, padding)
+    }
+
+    pub fn to_blinded_signer(&'a self, padding: PaddingScheme) -> RsaBlindedSigner<'a> {
+        RsaBlindedSigner::new(&self, padding)
+    }
 }
 
 /// Check that the public key is well formed and has an exponent within acceptable bounds.
diff --git a/src/lib.rs b/src/lib.rs
@@ -182,6 +182,7 @@ pub use pkcs8;
 pub use self::hash::Hash;
 pub use self::key::{PublicKey, PublicKeyParts, RsaPrivateKey, RsaPublicKey};
 pub use self::padding::PaddingScheme;
+pub use self::rsa_core::RsaSignature;
 
 /// Internal raw RSA functions.
 #[cfg(not(feature = "expose-internals"))]
diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs
@@ -224,8 +224,12 @@ mod tests {
     use num_traits::Num;
     use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng};
     use sha1::{Digest, Sha1};
+    use signature::RandomizedSigner;
+    use signature::Signer;
+    use signature::Signature;
+    use signature::Verifier;
 
-    use crate::{Hash, PaddingScheme, PublicKey, PublicKeyParts, RsaPrivateKey, RsaPublicKey};
+    use crate::{Hash, PaddingScheme, PublicKey, PublicKeyParts, RsaPrivateKey, RsaPublicKey, RsaSignature};
 
     #[test]
     fn test_non_zero_bytes() {
@@ -345,6 +349,19 @@ mod tests {
                 )
                 .unwrap();
             assert_eq!(out2, expected);
+
+            let out = priv_key
+                .to_signer(PaddingScheme::new_pkcs1v15_sign(Some(Hash::SHA1)))
+                .try_sign(&digest)
+                .expect("failed to sign");
+            assert_ne!(out.as_ref(), digest);
+            assert_eq!(out.as_ref(), expected);
+
+            let out2 = priv_key
+                .to_blinded_signer(PaddingScheme::new_pkcs1v15_sign(Some(Hash::SHA1)))
+                .try_sign_with_rng(&mut rng, &digest)
+                .expect("failed to sign");
+            assert_eq!(out2.as_ref(), expected);
         }
     }
 
@@ -371,6 +388,14 @@ mod tests {
                     sig,
                 )
                 .expect("failed to verify");
+
+            pub_key
+                .to_verifier(PaddingScheme::new_pkcs1v15_sign(Some(Hash::SHA1)))
+                .verify(
+                    &digest,
+                    &RsaSignature::from_bytes(sig).expect("failed to create signature"),
+                )
+                .expect("failed to verify");
         }
     }
 
diff --git a/src/pss.rs b/src/pss.rs
@@ -239,13 +239,16 @@ fn emsa_pss_verify(
 #[cfg(test)]
 mod test {
     use crate::hash::Hash;
-    use crate::{PaddingScheme, PublicKey, RsaPrivateKey, RsaPublicKey};
+    use crate::{PaddingScheme, PublicKey, RsaPrivateKey, RsaPublicKey, RsaSignature};
 
     use hex_literal::hex;
     use num_bigint::BigUint;
     use num_traits::{FromPrimitive, Num};
     use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng};
     use sha1::{Digest, Sha1};
+    use signature::RandomizedSigner;
+    use signature::Signature;
+    use signature::Verifier;
 
     fn get_private_key() -> RsaPrivateKey {
         // In order to generate new test vectors you'll need the PEM form of this key:
@@ -288,6 +291,14 @@ mod test {
             pub_key
                 .verify(PaddingScheme::new_pss::<Sha1>(Hash::SHA1), &digest, sig)
                 .expect("failed to verify");
+
+            pub_key
+                .to_verifier(PaddingScheme::new_pss::<Sha1>(Hash::SHA1))
+                .verify(
+                    &digest,
+                    &RsaSignature::from_bytes(sig).expect("failed to create signature"),
+                )
+                .expect("failed to verify");
         }
     }
 
@@ -311,6 +322,15 @@ mod test {
             priv_key
                 .verify(PaddingScheme::new_pss::<Sha1>(Hash::SHA1), &digest, &sig)
                 .expect("failed to verify");
+
+            let sig = priv_key
+                .to_signer(PaddingScheme::new_pss::<Sha1>(Hash::SHA1))
+                .try_sign_with_rng(&mut rng.clone(), &digest)
+                .expect("failed to sign");
+            priv_key
+                .to_verifier(PaddingScheme::new_pss::<Sha1>(Hash::SHA1))
+                .verify(&digest, &sig)
+                .expect("failed to verify");
         }
     }
 
@@ -334,6 +354,15 @@ mod test {
             priv_key
                 .verify(PaddingScheme::new_pss::<Sha1>(Hash::SHA1), &digest, &sig)
                 .expect("failed to verify");
+
+            let sig = priv_key
+                .to_blinded_signer(PaddingScheme::new_pss::<Sha1>(Hash::SHA1))
+                .try_sign_with_rng(&mut rng.clone(), &digest)
+                .expect("failed to sign");
+            priv_key
+                .to_verifier(PaddingScheme::new_pss::<Sha1>(Hash::SHA1))
+                .verify(&digest, &sig)
+                .expect("failed to verify");
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,8 @@ use crate::errors::{Error, Result};`
`15`	`15`
`16`	`16`	`use crate::padding::PaddingScheme;`
`17`	`17`	`use crate::raw::{DecryptionPrimitive, EncryptionPrimitive};`
	`18`	`+use crate::signer::{RsaBlindedSigner, RsaSigner};`
	`19`	`+use crate::verifier::RsaVerifier;`
`18`	`20`	`use crate::{oaep, pkcs1v15, pss};`
`19`	`21`
`20`	`22`	`static MIN_PUB_EXPONENT: u64 = 2;`
`@@ -199,7 +201,7 @@ impl PublicKeyParts for RsaPublicKey {`
`199`	`201`	`}`
`200`	`202`	`}`
`201`	`203`
`202`		`-impl PublicKey for RsaPublicKey {`
	`204`	`+impl<'a> PublicKey for RsaPublicKey {`
`203`	`205`	`fn encrypt<R: RngCore + CryptoRng>(`
`204`	`206`	`&self,`
`205`	`207`	`rng: &mut R,`
`@@ -229,14 +231,18 @@ impl PublicKey for RsaPublicKey {`
`229`	`231`	`}`
`230`	`232`	`}`
`231`	`233`
`232`		`-impl RsaPublicKey {`
	`234`	`+impl<'a> RsaPublicKey {`
`233`	`235`	`/// Create a new key from its components.`
`234`	`236`	`pub fn new(n: BigUint, e: BigUint) -> Result<Self> {`
`235`	`237`	`let k = RsaPublicKey { n, e };`
`236`	`238`	`check_public(&k)?;`
`237`	`239`
`238`	`240`	`Ok(k)`
`239`	`241`	`}`
	`242`	`+`
	`243`	`+ pub fn to_verifier(&'a self, padding: PaddingScheme) -> RsaVerifier<'a> {`
	`244`	`+ RsaVerifier::new(&self, padding)`
	`245`	`+ }`
`240`	`246`	`}`
`241`	`247`
`242`	`248`	`impl<'a> PublicKeyParts for &'a RsaPublicKey {`
`@@ -290,7 +296,7 @@ impl<'a> PublicKeyParts for &'a RsaPrivateKey {`
`290`	`296`
`291`	`297`	`impl<'a> PrivateKey for &'a RsaPrivateKey {}`
`292`	`298`
`293`		`-impl RsaPrivateKey {`
	`299`	`+impl<'a> RsaPrivateKey {`
`294`	`300`	/// Generate a new Rsa key pair of the given bit size using the passed in `rng`.
`295`	`301`	`pub fn new<R: RngCore + CryptoRng>(rng: &mut R, bit_size: usize) -> Result<RsaPrivateKey> {`
`296`	`302`	`generate_multi_prime_key(rng, 2, bit_size)`
`@@ -547,6 +553,14 @@ impl RsaPrivateKey {`
`547`	`553`	`_ => Err(Error::InvalidPaddingScheme),`
`548`	`554`	`}`
`549`	`555`	`}`
	`556`	`+`
	`557`	`+ pub fn to_signer(&'a self, padding: PaddingScheme) -> RsaSigner<'a> {`
	`558`	`+ RsaSigner::new(&self, padding)`
	`559`	`+ }`
	`560`	`+`
	`561`	`+ pub fn to_blinded_signer(&'a self, padding: PaddingScheme) -> RsaBlindedSigner<'a> {`
	`562`	`+ RsaBlindedSigner::new(&self, padding)`
	`563`	`+ }`
`550`	`564`	`}`
`551`	`565`
`552`	`566`	`/// Check that the public key is well formed and has an exponent within acceptable bounds.`