v0.8.0-pre.0

CHANGELOG.md

@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 0.8.0-pre.0 (2022-12-??)
+### Added
+- Fix benches (#225)
+
+### Changed
+- Switched to signature trait v2.0.0-pre development versions (#217)
+
+[#225]: https://github.com/RustCrypto/RSA/pull/225
+[#217]: https://github.com/RustCrypto/RSA/pull/217
+
 ## 0.7.2 (2022-11-14)
 ### Added
 - Public accessor methods for `PrecomputedValues` ([#221])

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rsa"
-version = "0.8.0-pre"
+version = "0.8.0-pre.0"
 authors = ["RustCrypto Developers", "dignifiedquire <dignifiedquire@gmail.com>"]
 edition = "2021"
 description = "Pure Rust RSA implementation"
@@ -23,7 +23,7 @@ subtle = { version = "2.1.1", default-features = false }
 digest = { version = "0.10.5", default-features = false, features = ["alloc", "oid"] }
 pkcs1 = { version = "0.4", default-features = false, features = ["pkcs8", "alloc"] }
 pkcs8 = { version = "0.9", default-features = false, features = ["alloc"] }
-signature = { version = "2.0.0-pre.2", default-features = false , features = ["digest-preview", "rand-preview"] }
+signature = { version = "2.0.0-pre.3", default-features = false , features = ["digest-preview", "rand-preview"] }
 zeroize = { version = "1", features = ["alloc"] }
 
 [dependencies.serde_crate]

src/internals.rs

@@ -3,7 +3,7 @@ use alloc::vec;
 use alloc::vec::Vec;
 use num_bigint::{BigInt, BigUint, IntoBigInt, IntoBigUint, ModInverse, RandBigInt, ToBigInt};
 use num_traits::{One, Signed, Zero};
-use rand_core::{CryptoRng, RngCore};
+use rand_core::CryptoRngCore;
 use zeroize::Zeroize;
 
 use crate::errors::{Error, Result};
@@ -18,7 +18,7 @@ pub fn encrypt<K: PublicKeyParts>(key: &K, m: &BigUint) -> BigUint {
 /// Performs raw RSA decryption with no padding, resulting in a plaintext `BigUint`.
 /// Peforms RSA blinding if an `Rng` is passed.
 #[inline]
-pub fn decrypt<R: RngCore + CryptoRng>(
+pub fn decrypt<R: CryptoRngCore + ?Sized>(
     mut rng: Option<&mut R>,
     priv_key: &RsaPrivateKey,
     c: &BigUint,
@@ -108,7 +108,7 @@ pub fn decrypt<R: RngCore + CryptoRng>(
 /// Peforms RSA blinding if an `Rng` is passed.
 /// This will also check for errors in the CRT computation.
 #[inline]
-pub fn decrypt_and_check<R: RngCore + CryptoRng>(
+pub fn decrypt_and_check<R: CryptoRngCore + ?Sized>(
     rng: Option<&mut R>,
     priv_key: &RsaPrivateKey,
     c: &BigUint,
@@ -127,7 +127,7 @@ pub fn decrypt_and_check<R: RngCore + CryptoRng>(
 }
 
 /// Returns the blinded c, along with the unblinding factor.
-pub fn blind<R: RngCore + CryptoRng, K: PublicKeyParts>(
+pub fn blind<R: CryptoRngCore, K: PublicKeyParts>(
     rng: &mut R,
     key: &K,
     c: &BigUint,

src/oaep.rs

@@ -1,7 +1,7 @@
 use alloc::string::String;
 use alloc::vec;
 use alloc::vec::Vec;
-use rand_core::{CryptoRng, RngCore};
+use rand_core::CryptoRngCore;
 
 use digest::DynDigest;
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption};
@@ -23,7 +23,7 @@ const MAX_LABEL_LEN: u64 = 2_305_843_009_213_693_951;
 ///
 /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1
 #[inline]
-pub fn encrypt<R: RngCore + CryptoRng, K: PublicKey>(
+pub fn encrypt<R: CryptoRngCore, K: PublicKey>(
     rng: &mut R,
     pub_key: &K,
     msg: &[u8],
@@ -80,7 +80,7 @@ pub fn encrypt<R: RngCore + CryptoRng, K: PublicKey>(
 ///
 /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1
 #[inline]
-pub fn decrypt<R: RngCore + CryptoRng, SK: PrivateKey>(
+pub fn decrypt<R: CryptoRngCore, SK: PrivateKey>(
     rng: Option<&mut R>,
     priv_key: &SK,
     ciphertext: &[u8],
@@ -104,7 +104,7 @@ pub fn decrypt<R: RngCore + CryptoRng, SK: PrivateKey>(
 /// `rng` is given. It returns one or zero in valid that indicates whether the
 /// plaintext was correctly structured.
 #[inline]
-fn decrypt_inner<R: RngCore + CryptoRng, SK: PrivateKey>(
+fn decrypt_inner<R: CryptoRngCore, SK: PrivateKey>(
     rng: Option<&mut R>,
     priv_key: &SK,
     ciphertext: &[u8],

src/pkcs1v15.rs

@@ -161,7 +161,7 @@ pub(crate) fn decrypt<R: CryptoRngCore, SK: PrivateKey>(
 /// messages to signatures and identify the signed messages. As ever,
 /// signatures provide authenticity, not confidentiality.
 #[inline]
-pub(crate) fn sign<R: CryptoRngCore, SK: PrivateKey>(
+pub(crate) fn sign<R: CryptoRngCore + ?Sized, SK: PrivateKey>(
     rng: Option<&mut R>,
     priv_key: &SK,
     prefix: &[u8],
@@ -420,9 +420,9 @@ impl<D> RandomizedSigner<Signature> for SigningKey<D>
 where
     D: Digest,
 {
-    fn try_sign_with_rng(
+    fn try_sign_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         msg: &[u8],
     ) -> signature::Result<Signature> {
         sign(Some(rng), &self.inner, &self.prefix, &D::digest(msg))
@@ -446,9 +446,9 @@ impl<D> RandomizedDigestSigner<D, Signature> for SigningKey<D>
 where
     D: Digest,
 {
-    fn try_sign_digest_with_rng(
+    fn try_sign_digest_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         digest: D,
     ) -> signature::Result<Signature> {
         sign(Some(rng), &self.inner, &self.prefix, &digest.finalize())

src/pss.rs

@@ -136,7 +136,6 @@ where
 /// Note that hashed must be the result of hashing the input message using the
 /// given hash function. The opts argument may be nil, in which case sensible
 /// defaults are used.
-// TODO: bind T with the CryptoRng trait
 pub(crate) fn sign<T: CryptoRngCore, SK: PrivateKey>(
     rng: &mut T,
     blind: bool,
@@ -150,7 +149,11 @@ pub(crate) fn sign<T: CryptoRngCore, SK: PrivateKey>(
     sign_pss_with_salt(blind.then(|| rng), priv_key, hashed, &salt, digest)
 }
 
-pub(crate) fn sign_digest<T: CryptoRngCore, SK: PrivateKey, D: Digest + FixedOutputReset>(
+pub(crate) fn sign_digest<
+    T: CryptoRngCore + ?Sized,
+    SK: PrivateKey,
+    D: Digest + FixedOutputReset,
+>(
     rng: &mut T,
     blind: bool,
     priv_key: &SK,
@@ -194,7 +197,11 @@ fn sign_pss_with_salt<T: CryptoRngCore, SK: PrivateKey>(
     priv_key.raw_decryption_primitive(blind_rng, &em, priv_key.size())
 }
 
-fn sign_pss_with_salt_digest<T: CryptoRngCore, SK: PrivateKey, D: Digest + FixedOutputReset>(
+fn sign_pss_with_salt_digest<
+    T: CryptoRngCore + ?Sized,
+    SK: PrivateKey,
+    D: Digest + FixedOutputReset,
+>(
     blind_rng: Option<&mut T>,
     priv_key: &SK,
     hashed: &[u8],
@@ -626,9 +633,9 @@ impl<D> RandomizedSigner<Signature> for SigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn try_sign_with_rng(
+    fn try_sign_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         msg: &[u8],
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, false, &self.inner, &D::digest(msg), self.salt_len)
@@ -641,9 +648,9 @@ impl<D> RandomizedDigestSigner<D, Signature> for SigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn try_sign_digest_with_rng(
+    fn try_sign_digest_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         digest: D,
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, false, &self.inner, &digest.finalize(), self.salt_len)
@@ -656,9 +663,9 @@ impl<D> RandomizedPrehashSigner<Signature> for SigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn sign_prehash_with_rng(
+    fn sign_prehash_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         prehash: &[u8],
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, false, &self.inner, prehash, self.salt_len)
@@ -757,9 +764,9 @@ impl<D> RandomizedSigner<Signature> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn try_sign_with_rng(
+    fn try_sign_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         msg: &[u8],
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, true, &self.inner, &D::digest(msg), self.salt_len)
@@ -772,9 +779,9 @@ impl<D> RandomizedDigestSigner<D, Signature> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn try_sign_digest_with_rng(
+    fn try_sign_digest_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         digest: D,
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, true, &self.inner, &digest.finalize(), self.salt_len)
@@ -787,9 +794,9 @@ impl<D> RandomizedPrehashSigner<Signature> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
 {
-    fn sign_prehash_with_rng(
+    fn sign_prehash_with_rng<R: CryptoRngCore + ?Sized>(
         &self,
-        rng: &mut impl CryptoRngCore,
+        rng: &mut R,
         prehash: &[u8],
     ) -> signature::Result<Signature> {
         sign_digest::<_, _, D>(rng, true, &self.inner, prehash, self.salt_len)

src/raw.rs

@@ -1,6 +1,6 @@
 use alloc::vec::Vec;
 use num_bigint::BigUint;
-use rand_core::{CryptoRng, RngCore};
+use rand_core::CryptoRngCore;
 use zeroize::Zeroize;
 
 use crate::errors::{Error, Result};
@@ -14,7 +14,7 @@ pub trait EncryptionPrimitive {
 
 pub trait DecryptionPrimitive {
     /// Do NOT use directly! Only for implementors.
-    fn raw_decryption_primitive<R: RngCore + CryptoRng>(
+    fn raw_decryption_primitive<R: CryptoRngCore + ?Sized>(
         &self,
         rng: Option<&mut R>,
         ciphertext: &[u8],
@@ -43,7 +43,7 @@ impl EncryptionPrimitive for RsaPublicKey {
 }
 
 impl DecryptionPrimitive for RsaPrivateKey {
-    fn raw_decryption_primitive<R: RngCore + CryptoRng>(
+    fn raw_decryption_primitive<R: CryptoRngCore + ?Sized>(
         &self,
         rng: Option<&mut R>,
         ciphertext: &[u8],