diff --git a/Cargo.lock b/Cargo.lock index 7ccfc9ad..d21b735e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -723,8 +723,8 @@ dependencies = [ [[package]] name = "signature" -version = "2.3.0-pre.6" -source = "git+https://github.com/RustCrypto/traits.git#7b82f397511d68f823d06a0fe50867e9011dd0f0" +version = "3.0.0-pre" +source = "git+https://github.com/RustCrypto/traits.git#f44963a897af10d125efe3af89b20930ebe4a999" dependencies = [ "digest", "rand_core 0.9.3", diff --git a/Cargo.toml b/Cargo.toml index 930efb25..5015b8b2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,7 +19,7 @@ subtle = { version = "2.6.1", default-features = false } digest = { version = "=0.11.0-pre.10", default-features = false, features = ["alloc", "oid"] } pkcs1 = { version = "0.8.0-rc.1", default-features = false, features = ["alloc", "pkcs8"] } pkcs8 = { version = "0.11.0-rc.2", default-features = false, features = ["alloc"] } -signature = { version = "=2.3.0-pre.6", default-features = false, features = ["alloc", "digest", "rand_core"] } +signature = { version = "=3.0.0-pre", default-features = false, features = ["alloc", "digest", "rand_core"] } spki = { version = "0.8.0-rc.1", default-features = false, features = ["alloc"] } zeroize = { version = "1.5", features = ["alloc"] } crypto-bigint = { version = "0.7.0-pre", default-features = false, features = ["zeroize", "alloc"] } @@ -57,7 +57,7 @@ os_rng = ["rand_core/os_rng", "crypto-bigint/rand_core"] serde = ["dep:serde", "dep:serdect", "crypto-bigint/serde"] pem = ["pkcs1/pem", "pkcs8/pem"] pkcs5 = ["pkcs8/encryption"] -std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "signature/std", "crypto-bigint/rand"] +std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "crypto-bigint/rand"] [package.metadata.docs.rs] diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs index 35751e3b..440205ad 100644 --- a/src/pkcs1v15.rs +++ b/src/pkcs1v15.rs @@ -458,15 +458,15 @@ mod tests { let signing_key = SigningKey::::new(priv_key); for (text, expected) in &tests { - let out = signing_key.sign(text.as_bytes()).to_bytes(); + let sig: Signature = signing_key.sign(text.as_bytes()); + let out = sig.to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); assert_ne!(out.as_ref(), &Sha1::digest(text.as_bytes()).to_vec()); assert_eq!(out.as_ref(), expected); let mut rng = ChaCha8Rng::from_seed([42; 32]); - let out2 = signing_key - .sign_with_rng(&mut rng, text.as_bytes()) - .to_bytes(); + let sig2: Signature = signing_key.sign_with_rng(&mut rng, text.as_bytes()); + let out2 = sig2.to_bytes(); assert_eq!(out2.as_ref(), expected); } } @@ -486,14 +486,14 @@ mod tests { let signing_key = SigningKey::::new(priv_key); for (text, expected) in &tests { - let out = signing_key.sign(text.as_bytes()).to_bytes(); + let sig: Signature = signing_key.sign(text.as_bytes()); + let out = sig.to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); assert_eq!(out.as_ref(), expected); let mut rng = ChaCha8Rng::from_seed([42; 32]); - let out2 = signing_key - .sign_with_rng(&mut rng, text.as_bytes()) - .to_bytes(); + let sig2: Signature = signing_key.sign_with_rng(&mut rng, text.as_bytes()); + let out2 = sig2.to_bytes(); assert_eq!(out2.as_ref(), expected); } } @@ -513,14 +513,14 @@ mod tests { let signing_key = SigningKey::::new(priv_key); for (text, expected) in &tests { - let out = signing_key.sign(text.as_bytes()).to_bytes(); + let signature: Signature = signing_key.sign(text.as_bytes()); + let out = signature.to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); assert_eq!(out.as_ref(), expected); let mut rng = ChaCha8Rng::from_seed([42; 32]); - let out2 = signing_key - .sign_with_rng(&mut rng, text.as_bytes()) - .to_bytes(); + let sig2: Signature = signing_key.sign_with_rng(&mut rng, text.as_bytes()); + let out2 = sig2.to_bytes(); assert_eq!(out2.as_ref(), expected); } } diff --git a/src/pss.rs b/src/pss.rs index d1843cab..31ee6fd8 100644 --- a/src/pss.rs +++ b/src/pss.rs @@ -453,7 +453,7 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let verifying_key = signing_key.verifying_key(); for test in &tests { - let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes()); + let sig: Signature = signing_key.sign_with_rng(&mut rng, test.as_bytes()); verifying_key .verify(test.as_bytes(), &sig) .expect("failed to verify"); @@ -470,7 +470,7 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let verifying_key = signing_key.verifying_key(); for test in &tests { - let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes()); + let sig: Signature = signing_key.sign_with_rng(&mut rng, test.as_bytes()); verifying_key .verify(test.as_bytes(), &sig) .expect("failed to verify"); diff --git a/tests/pkcs1v15.rs b/tests/pkcs1v15.rs index 0960c90e..c595cc58 100644 --- a/tests/pkcs1v15.rs +++ b/tests/pkcs1v15.rs @@ -5,7 +5,7 @@ fn signature_stringify() { use pkcs8::DecodePrivateKey; use signature::Signer; - use rsa::pkcs1v15::SigningKey; + use rsa::pkcs1v15::{Signature, SigningKey}; use rsa::RsaPrivateKey; let pem = include_str!("examples/pkcs8/rsa2048-priv.pem"); @@ -13,7 +13,7 @@ fn signature_stringify() { let signing_key = SigningKey::::new(private_key); let bytes: &[u8] = b"rsa4096"; // HACK - the criterion is that the signature has leading zeros. - let signature = signing_key.sign(bytes); + let signature: Signature = signing_key.sign(bytes); let expected = "029E365B60971D5A499FF5E1C288B954D3A5DCF52482CEE46DB90DC860B725A8D6CA031146FA156E9F17579BE6122FFB11DAC35E59B2193D75F7B31CE1442DDE7F4FF7885AD5D6080266E9A33BB4CEC93FCC2B6B885457A0ABF19E2DAA00876F694B37F535F119925CCCF9A17B90AE6CF39F07D7FEFBEECDF1B344C14B728196DDD154230BADDEDA5A7EFF373F6CD3EF6D41789572A7A068E3A252D3B7D5D706C6170D8CFDB48C8E738A4B3BFEA3E15716805E376EBD99EA09C6E82F3CFA13CEB23CD289E8F95C27F489ADC05AAACE8A9276EE7CED3B7A5C7264F0D34FF18CEDC3E91D667FCF9992A8CFDE8562F65FDDE1E06595C27E0F82063839A358C927B2"; assert_eq!(format!("{}", signature), expected); @@ -26,7 +26,7 @@ fn signature_stringify() { #[test] fn signing_key_new_same_as_from() { use pkcs1::DecodeRsaPrivateKey; - use rsa::RsaPrivateKey; + use rsa::{pkcs1v15::Signature, RsaPrivateKey}; use signature::{Keypair, Signer, Verifier}; // randomly generated key, hardcoded for test repeatability @@ -64,8 +64,8 @@ Rmb665iB5fwpqmbE/hYKIn7asYQE+V0dkgt8M3qvlJJ5JJbCrJx3 let key_via_new = rsa::pkcs1v15::SigningKey::::new(priv_key.clone()); let key_via_from = rsa::pkcs1v15::SigningKey::::from(priv_key.clone()); - let sig_via_new = key_via_new.sign(msg); - let sig_via_from = key_via_from.sign(msg); + let sig_via_new: Signature = key_via_new.sign(msg); + let sig_via_from: Signature = key_via_from.sign(msg); assert_eq!(sig_via_new, sig_via_from); // each verifies the other diff --git a/tests/proptests.rs b/tests/proptests.rs index eaeeebea..a6de63d2 100644 --- a/tests/proptests.rs +++ b/tests/proptests.rs @@ -22,7 +22,8 @@ proptest! { #[test] fn pkcs1v15_sign_roundtrip(private_key in private_key(), msg in any::>()) { let signing_key = pkcs1v15::SigningKey::::new(private_key); - let signature_bytes = signing_key.sign(&msg).to_bytes(); + let signature: pkcs1v15::Signature = signing_key.sign(&msg); + let signature_bytes = signature.to_bytes(); let verifying_key = signing_key.verifying_key(); let signature = pkcs1v15::Signature::try_from(&*signature_bytes).unwrap();