diff --git a/src/key.rs b/src/key.rs index 248f2f8a..3d65d5c3 100644 --- a/src/key.rs +++ b/src/key.rs @@ -512,18 +512,24 @@ impl RsaPrivateKey { PaddingScheme::PKCS1v15Sign { ref hash } => { pkcs1v15::sign::(None, self, hash.as_ref(), digest_in) } + _ => Err(Error::InvalidPaddingScheme), + } + } + + /// Sign the given digest using the provided rng + /// + /// Use `rng` for signature process. + pub fn sign_with_rng( + &self, + rng: &mut R, + padding: PaddingScheme, + digest_in: &[u8], + ) -> Result> { + match padding { PaddingScheme::PSS { - mut salt_rng, mut digest, salt_len, - } => pss::sign::<_, DummyRng, _>( - &mut *salt_rng, - None, - self, - digest_in, - salt_len, - &mut *digest, - ), + } => pss::sign::(rng, false, self, digest_in, salt_len, &mut *digest), _ => Err(Error::InvalidPaddingScheme), } } @@ -542,17 +548,9 @@ impl RsaPrivateKey { pkcs1v15::sign(Some(rng), self, hash.as_ref(), digest_in) } PaddingScheme::PSS { - mut salt_rng, mut digest, salt_len, - } => pss::sign::<_, R, _>( - &mut *salt_rng, - Some(rng), - self, - digest_in, - salt_len, - &mut *digest, - ), + } => pss::sign::(rng, true, self, digest_in, salt_len, &mut *digest), _ => Err(Error::InvalidPaddingScheme), } } diff --git a/src/padding.rs b/src/padding.rs index e9c9102e..8655cb63 100644 --- a/src/padding.rs +++ b/src/padding.rs @@ -3,7 +3,6 @@ use alloc::string::{String, ToString}; use core::fmt; use digest::{Digest, DynDigest}; -use rand_core::RngCore; use crate::hash::Hash; @@ -30,7 +29,6 @@ pub enum PaddingScheme { }, /// Sign and Verify using PSS padding. PSS { - salt_rng: Box, digest: Box, salt_len: Option, }, @@ -142,20 +140,15 @@ impl PaddingScheme { } } - pub fn new_pss(rng: S) -> Self { + pub fn new_pss() -> Self { PaddingScheme::PSS { - salt_rng: Box::new(rng), digest: Box::new(T::new()), salt_len: None, } } - pub fn new_pss_with_salt( - rng: S, - len: usize, - ) -> Self { + pub fn new_pss_with_salt(len: usize) -> Self { PaddingScheme::PSS { - salt_rng: Box::new(rng), digest: Box::new(T::new()), salt_len: Some(len), } diff --git a/src/pss.rs b/src/pss.rs index d577be19..fe498920 100644 --- a/src/pss.rs +++ b/src/pss.rs @@ -102,20 +102,7 @@ pub(crate) fn verify( /// given hash function. The opts argument may be nil, in which case sensible /// defaults are used. // TODO: bind T with the CryptoRng trait -pub(crate) fn sign( - rng: &mut T, - blind_rng: Option<&mut S>, - priv_key: &SK, - hashed: &[u8], - salt_len: Option, - digest: &mut dyn DynDigest, -) -> Result> { - let salt = generate_salt(rng, priv_key, salt_len, digest); - - sign_pss_with_salt(blind_rng, priv_key, hashed, &salt, digest) -} - -fn sign_int( +pub(crate) fn sign( rng: &mut T, blind: bool, priv_key: &SK, @@ -360,7 +347,7 @@ impl RandomizedSigner for SigningKey { mut rng: impl CryptoRng + RngCore, digest: &[u8], ) -> signature::Result { - sign_int( + sign( &mut rng, false, &self.inner, @@ -403,7 +390,7 @@ impl RandomizedSigner for BlindedSigningKey { mut rng: impl CryptoRng + RngCore, digest: &[u8], ) -> signature::Result { - sign_int( + sign( &mut rng, true, &self.inner, @@ -540,8 +527,7 @@ mod test { for (text, sig, expected) in &tests { let digest = Sha1::digest(text.as_bytes()).to_vec(); - let rng = ChaCha8Rng::from_seed([42; 32]); - let result = pub_key.verify(PaddingScheme::new_pss::(rng), &digest, sig); + let result = pub_key.verify(PaddingScheme::new_pss::(), &digest, sig); match expected { true => result.expect("failed to verify"), false => { @@ -600,19 +586,30 @@ mod test { for test in &tests { let digest = Sha1::digest(test.as_bytes()).to_vec(); let sig = priv_key - .sign_blinded( - &mut rng.clone(), - PaddingScheme::new_pss::(rng.clone()), - &digest, - ) + .sign_with_rng(&mut rng.clone(), PaddingScheme::new_pss::(), &digest) + .expect("failed to sign"); + + priv_key + .verify(PaddingScheme::new_pss::(), &digest, &sig) + .expect("failed to verify"); + } + } + + #[test] + fn test_sign_blinded_and_verify_roundtrip() { + let priv_key = get_private_key(); + + let tests = ["test\n"]; + let rng = ChaCha8Rng::from_seed([42; 32]); + + for test in &tests { + let digest = Sha1::digest(test.as_bytes()).to_vec(); + let sig = priv_key + .sign_blinded(&mut rng.clone(), PaddingScheme::new_pss::(), &digest) .expect("failed to sign"); priv_key - .verify( - PaddingScheme::new_pss::(rng.clone()), - &digest, - &sig, - ) + .verify(PaddingScheme::new_pss::(), &digest, &sig) .expect("failed to verify"); } }