Skip to content

Commit

Permalink
feat: switch to implementing the Keypair trait
Browse files Browse the repository at this point in the history 
Drop the hand-crafted From traits, replacing them with the
implementation of the Keypair trait.

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
  • Loading branch information
@lumag
lumag committed Oct 31, 2022
1 parent c6206fd commit c28a2c1
Show file tree
Hide file tree
Showing 3 changed files with 80 additions and 96 deletions.
8 changes: 4 additions & 4 deletions src/lib.rs
View file
Expand Up @@ -52,14 +52,14 @@
//! use rsa::RsaPrivateKey;
//! use rsa::pkcs1v15::{SigningKey, VerifyingKey};
//! use sha2::{Digest, Sha256};
//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
//!
//! let mut rng = rand::thread_rng();
//!
//! let bits = 2048;
//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
//! let signing_key = SigningKey::<Sha256>::new_with_prefix(private_key);
//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
//! let verifying_key = signing_key.verifying_key();
//!
//! // Sign
//! let data = b"hello world";
Expand All @@ -75,14 +75,14 @@
//! use rsa::RsaPrivateKey;
//! use rsa::pss::{BlindedSigningKey, VerifyingKey};
//! use sha2::{Digest, Sha256};
//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
//!
//! let mut rng = rand::thread_rng();
//!
//! let bits = 2048;
//! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
//! let signing_key = BlindedSigningKey::<Sha256>::new(private_key);
//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
//! let verifying_key = signing_key.verifying_key();
//!
//! // Sign
//! let data = b"hello world";
Expand Down
55 changes: 28 additions & 27 deletions src/pkcs1v15.rs
View file
Expand Up @@ -8,8 +8,8 @@ use rand_core::{CryptoRng, RngCore};
#[cfg(feature = "hazmat")]
use signature::hazmat::{PrehashSigner, PrehashVerifier};
use signature::{
DigestSigner, DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding,
Signer, Verifier,
DigestSigner, DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner,
SignatureEncoding, Signer, Verifier,
};
use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
use zeroize::Zeroizing;
Expand Down Expand Up @@ -310,10 +310,6 @@ impl<D> SigningKey<D>
where
D: Digest,
{
pub(crate) fn key(&self) -> &RsaPrivateKey {
&self.inner
}

pub(crate) fn prefix(&self) -> Vec<u8> {
self.prefix.clone()
}
Expand Down Expand Up @@ -445,7 +441,7 @@ where
}
}

#[derive(Debug, Clone)]
#[derive(Debug)]
pub struct VerifyingKey<D>
where
D: Digest,
Expand All @@ -455,6 +451,20 @@ where
phantom: PhantomData<D>,
}

/* Implemented manually so we don't have to bind D with Clone */
impl<D> Clone for VerifyingKey<D>
where
D: Digest,
{
fn clone(&self) -> Self {
Self {
inner: self.inner.clone(),
prefix: self.prefix.clone(),
phantom: Default::default(),
}
}
}

impl<D> VerifyingKey<D>
where
D: Digest,
Expand Down Expand Up @@ -508,27 +518,15 @@ where
}
}

impl<D> From<SigningKey<D>> for VerifyingKey<D>
where
D: Digest,
{
fn from(key: SigningKey<D>) -> Self {
Self {
inner: key.key().into(),
prefix: key.prefix(),
phantom: Default::default(),
}
}
}

impl<D> From<&SigningKey<D>> for VerifyingKey<D>
impl<D> Keypair for SigningKey<D>
where
D: Digest,
{
fn from(key: &SigningKey<D>) -> Self {
Self {
inner: key.key().into(),
prefix: key.prefix(),
type VerifyingKey = VerifyingKey<D>;
fn verifying_key(&self) -> Self::VerifyingKey {
VerifyingKey {
inner: self.inner.to_public_key(),
prefix: self.prefix(),
phantom: Default::default(),
}
}
Expand Down Expand Up @@ -968,9 +966,12 @@ mod tests {
let sig = signing_key.sign_prehash(msg).expect("Failure during sign");
assert_eq!(sig.as_ref(), expected_sig);

let verifying_key: VerifyingKey<_> = (&signing_key).into();
let verifying_key = signing_key.verifying_key();
verifying_key
.verify_prehash(msg, &Signature::from_bytes(&expected_sig.into_boxed_slice()).unwrap())
.verify_prehash(
msg,
&Signature::from_bytes(&expected_sig.into_boxed_slice()).unwrap(),
)
.expect("failed to verify");
}
}
113 changes: 48 additions & 65 deletions src/pss.rs
View file
Expand Up @@ -9,7 +9,7 @@ use rand_core::{CryptoRng, RngCore};
#[cfg(feature = "hazmat")]
use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
use signature::{
DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
};
use subtle::ConstantTimeEq;

Expand Down Expand Up @@ -526,10 +526,6 @@ impl<D> SigningKey<D>
where
D: Digest,
{
pub(crate) fn key(&self) -> &RsaPrivateKey {
&self.inner
}

pub fn new(key: RsaPrivateKey) -> Self {
Self {
inner: key,
Expand Down Expand Up @@ -574,6 +570,19 @@ where
}
}

impl<D> Keypair for SigningKey<D>
where
D: Digest,
{
type VerifyingKey = VerifyingKey<D>;
fn verifying_key(&self) -> Self::VerifyingKey {
VerifyingKey {
inner: self.inner.to_public_key(),
phantom: Default::default(),
}
}
}

impl<D> RandomizedSigner<Signature> for SigningKey<D>
where
D: Digest + FixedOutputReset,
Expand Down Expand Up @@ -649,10 +658,6 @@ impl<D> BlindedSigningKey<D>
where
D: Digest,
{
pub(crate) fn key(&self) -> &RsaPrivateKey {
&self.inner
}

pub fn new(key: RsaPrivateKey) -> Self {
Self {
inner: key,
Expand Down Expand Up @@ -697,6 +702,19 @@ where
}
}

impl<D> Keypair for BlindedSigningKey<D>
where
D: Digest,
{
type VerifyingKey = VerifyingKey<D>;
fn verifying_key(&self) -> Self::VerifyingKey {
VerifyingKey {
inner: self.inner.to_public_key(),
phantom: Default::default(),
}
}
}

impl<D> RandomizedSigner<Signature> for BlindedSigningKey<D>
where
D: Digest + FixedOutputReset,
Expand Down Expand Up @@ -758,7 +776,7 @@ where
}
}

#[derive(Debug, Clone)]
#[derive(Debug)]
pub struct VerifyingKey<D>
where
D: Digest,
Expand All @@ -767,81 +785,46 @@ where
phantom: PhantomData<D>,
}

impl<D> VerifyingKey<D>
where
D: Digest,
{
pub fn new(key: RsaPublicKey) -> Self {
Self {
inner: key,
phantom: Default::default(),
}
}
}

impl<D> From<RsaPublicKey> for VerifyingKey<D>
where
D: Digest,
{
fn from(key: RsaPublicKey) -> Self {
Self::new(key)
}
}

impl<D> From<VerifyingKey<D>> for RsaPublicKey
where
D: Digest,
{
fn from(key: VerifyingKey<D>) -> Self {
key.inner
}
}

impl<D> From<SigningKey<D>> for VerifyingKey<D>
/* Implemented manually so we don't have to bind D with Clone */
impl<D> Clone for VerifyingKey<D>
where
D: Digest,
{
fn from(key: SigningKey<D>) -> Self {
fn clone(&self) -> Self {
Self {
inner: key.key().into(),
inner: self.inner.clone(),
phantom: Default::default(),
}
}
}

impl<D> From<&SigningKey<D>> for VerifyingKey<D>
impl<D> VerifyingKey<D>
where
D: Digest,
{
fn from(key: &SigningKey<D>) -> Self {
pub fn new(key: RsaPublicKey) -> Self {
Self {
inner: key.key().into(),
inner: key,
phantom: Default::default(),
}
}
}

impl<D> From<BlindedSigningKey<D>> for VerifyingKey<D>
impl<D> From<RsaPublicKey> for VerifyingKey<D>
where
D: Digest,
{
fn from(key: BlindedSigningKey<D>) -> Self {
Self {
inner: key.key().into(),
phantom: Default::default(),
}
fn from(key: RsaPublicKey) -> Self {
Self::new(key)
}
}

impl<D> From<&BlindedSigningKey<D>> for VerifyingKey<D>
impl<D> From<VerifyingKey<D>> for RsaPublicKey
where
D: Digest,
{
fn from(key: &BlindedSigningKey<D>) -> Self {
Self {
inner: key.key().into(),
phantom: Default::default(),
}
fn from(key: VerifyingKey<D>) -> Self {
key.inner
}
}

Expand Down Expand Up @@ -905,7 +888,7 @@ mod test {
use sha1::{Digest, Sha1};
#[cfg(feature = "hazmat")]
use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
use signature::{DigestVerifier, RandomizedDigestSigner, RandomizedSigner, Verifier};
use signature::{DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, Verifier};

fn get_private_key() -> RsaPrivateKey {
// In order to generate new test vectors you'll need the PEM form of this key:
Expand Down Expand Up @@ -1089,7 +1072,7 @@ mod test {
let tests = ["test\n"];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = SigningKey::<Sha1>::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
Expand All @@ -1106,7 +1089,7 @@ mod test {
let tests = ["test\n"];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
Expand All @@ -1123,7 +1106,7 @@ mod test {
let tests = ["test\n"];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = SigningKey::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let mut digest = Sha1::new();
Expand All @@ -1145,7 +1128,7 @@ mod test {
let tests = ["test\n"];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let mut digest = Sha1::new();
Expand Down Expand Up @@ -1206,7 +1189,7 @@ mod test {
let tests = [Sha1::digest("test\n")];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = SigningKey::<Sha1>::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let sig = signing_key
Expand All @@ -1226,7 +1209,7 @@ mod test {
let tests = [Sha1::digest("test\n")];
let mut rng = ChaCha8Rng::from_seed([42; 32]);
let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
let verifying_key = VerifyingKey::from(&signing_key);
let verifying_key = signing_key.verifying_key();

for test in &tests {
let sig = signing_key
Expand Down

0 comments on commit c28a2c1

Please sign in to comment.