From b83ae75f1dd5a89cfe89de3047f3852805236824 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Tue, 3 Jun 2025 12:14:28 -0600 Subject: [PATCH 1/4] [WIP] Minimum modulus size checks Changes the existing checked APIs to respect a minimum modulus size in addition to a maximum one. Note: several tests fail because of this, so we'll need to go through them and convert to an unchecked API where appropriate (or decide if the test is bogus to begin with) --- src/errors.rs | 4 ++ src/key.rs | 176 +++++++++++++++++++++++++++++++++++--------------- 2 files changed, 129 insertions(+), 51 deletions(-) diff --git a/src/errors.rs b/src/errors.rs index 83f1bbd5..463476bc 100644 --- a/src/errors.rs +++ b/src/errors.rs @@ -40,6 +40,9 @@ pub enum Error { /// Invalid coefficient. InvalidCoefficient, + /// Modulus too small. + ModulusTooSmall, + /// Modulus too large. ModulusTooLarge, @@ -92,6 +95,7 @@ impl core::fmt::Display for Error { Error::InvalidModulus => write!(f, "invalid modulus"), Error::InvalidExponent => write!(f, "invalid exponent"), Error::InvalidCoefficient => write!(f, "invalid coefficient"), + Error::ModulusTooSmall => write!(f, "modulus too small"), Error::ModulusTooLarge => write!(f, "modulus too large"), Error::PublicExponentTooSmall => write!(f, "public exponent too small"), Error::PublicExponentTooLarge => write!(f, "public exponent too large"), diff --git a/src/key.rs b/src/key.rs index 09743b89..b0d49623 100644 --- a/src/key.rs +++ b/src/key.rs @@ -2,6 +2,7 @@ use alloc::vec::Vec; use core::cmp::Ordering; use core::fmt; use core::hash::{Hash, Hasher}; +use core::ops::Range; use crypto_bigint::modular::{BoxedMontyForm, BoxedMontyParams}; use crypto_bigint::{BoxedUint, Integer, NonZero, Odd, Resize}; @@ -206,29 +207,37 @@ impl RsaPublicKey { pub fn verify(&self, scheme: S, hashed: &[u8], sig: &[u8]) -> Result<()> { scheme.verify(self, hashed, sig) } -} -impl RsaPublicKey { /// Minimum value of the public exponent `e`. pub const MIN_PUB_EXPONENT: u64 = 2; /// Maximum value of the public exponent `e`. pub const MAX_PUB_EXPONENT: u64 = (1 << 33) - 1; - /// Maximum size of the modulus `n` in bits. - pub const MAX_SIZE: usize = 4096; + /// Default minimum size of the modulus `n` in bits. + pub const MIN_SIZE: u32 = 1024; + + /// Default maximum size of the modulus `n` in bits. + pub const MAX_SIZE: u32 = 4096; /// Create a new public key from its components. /// /// This function accepts public keys with a modulus size up to 4096-bits, /// i.e. [`RsaPublicKey::MAX_SIZE`]. pub fn new(n: BoxedUint, e: BoxedUint) -> Result { - Self::new_with_max_size(n, e, Self::MAX_SIZE) + Self::new_with_size_limits(n, e, Self::MIN_SIZE..Self::MAX_SIZE) } /// Create a new public key from its components. - pub fn new_with_max_size(n: BoxedUint, e: BoxedUint, max_size: usize) -> Result { - check_public_with_max_size(&n, &e, max_size)?; + /// + /// Accepts a third argument which specifies a range of allowed sizes from minimum to maximum + /// in bits, which by default is `1024..4096`. + pub fn new_with_size_limits( + n: BoxedUint, + e: BoxedUint, + size_range_bits: Range, + ) -> Result { + check_public_with_size_limits(&n, &e, size_range_bits)?; let n_odd = Odd::new(n.clone()) .into_option() @@ -239,12 +248,18 @@ impl RsaPublicKey { Ok(Self { n, e, n_params }) } + /// Deprecated: this has been replaced with [`RsaPublicKey::new_with_size_limits`]. + #[deprecated(since = "0.10.0", note = "please use `new_with_size_limits` instead")] + pub fn new_with_max_size(n: BoxedUint, e: BoxedUint, max_size: usize) -> Result { + Self::new_with_size_limits(n, e, Self::MIN_SIZE..(max_size as u32)) + } + /// Create a new public key, bypassing checks around the modulus and public /// exponent size. /// /// This method is not recommended, and only intended for unusual use cases. /// Most applications should use [`RsaPublicKey::new`] or - /// [`RsaPublicKey::new_with_max_size`] instead. + /// [`RsaPublicKey::new_with_size_limits`] instead. pub fn new_unchecked(n: BoxedUint, e: BoxedUint) -> Self { let n_odd = Odd::new(n.clone()).expect("n must be odd"); let n_params = BoxedMontyParams::new(n_odd); @@ -252,6 +267,11 @@ impl RsaPublicKey { Self { n, e, n_params } } + + /// Get the size of the modulus `n` in bits. + pub fn bits(&self) -> u32 { + self.n.bits_vartime() + } } impl PublicKeyParts for RsaPrivateKey { @@ -309,6 +329,36 @@ impl RsaPrivateKey { /// /// [NIST SP 800-56B Revision 2]: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf pub fn from_components( + n: BoxedUint, + e: BoxedUint, + d: BoxedUint, + primes: Vec, + ) -> Result { + // The primes may come in padded with zeros too, so we need to shorten them as well. + let primes = primes + .into_iter() + .map(|p| { + let p_bits = p.bits(); + p.resize_unchecked(p_bits) + }) + .collect(); + + let mut k = Self::from_components_unchecked(n, e, d, primes)?; + + // Always validate the key, to ensure precompute can't fail + k.validate()?; + + // Precompute when possible, ignore error otherwise. + k.precompute().ok(); + + Ok(k) + } + + /// Constructs an RSA key pair from individual components. Bypasses checks on the key's + /// validity like the modulus size. + /// + /// Please use [`RsaPrivateKey::from_components`] whenever possible. + pub fn from_components_unchecked( n: BoxedUint, e: BoxedUint, d: BoxedUint, @@ -337,8 +387,8 @@ impl RsaPrivateKey { 1 => return Err(Error::NprimesTooSmall), _ => { // Check that the product of primes matches the modulus. - // This also ensures that `bit_precision` of each prime is <= that of the modulus, - // and `bit_precision` of their product is >= that of the modulus. + // This also ensures that `bits_precision` of each prime is <= that of the modulus, + // and `bits_precision` of their product is >= that of the modulus. if &primes.iter().fold(BoxedUint::one(), |acc, p| acc * p) != n_c.as_ref() { return Err(Error::InvalidModulus); } @@ -354,7 +404,7 @@ impl RsaPrivateKey { }) .collect(); - let mut k = RsaPrivateKey { + Ok(RsaPrivateKey { pubkey_components: RsaPublicKey { n: n_c, e, @@ -363,15 +413,7 @@ impl RsaPrivateKey { d, primes, precomputed: None, - }; - - // Alaways validate the key, to ensure precompute can't fail - k.validate()?; - - // Precompute when possible, ignore error otherwise. - k.precompute().ok(); - - Ok(k) + }) } /// Constructs an RSA key pair from its two primes p and q. @@ -584,6 +626,11 @@ impl RsaPrivateKey { ) -> Result> { padding.sign(Some(rng), self, digest_in) } + + /// Get the size of the modulus `n` in bits. + pub fn bits(&self) -> u32 { + self.pubkey_components.bits() + } } impl PrivateKeyParts for RsaPrivateKey { @@ -620,16 +667,30 @@ impl PrivateKeyParts for RsaPrivateKey { } } -/// Check that the public key is well formed and has an exponent within acceptable bounds. +/// Check that the public key is well-formed and has an exponent within acceptable bounds. #[inline] pub fn check_public(public_key: &impl PublicKeyParts) -> Result<()> { - check_public_with_max_size(public_key.n(), public_key.e(), RsaPublicKey::MAX_SIZE) + check_public_with_size_limits( + public_key.n(), + public_key.e(), + RsaPublicKey::MIN_SIZE..RsaPublicKey::MAX_SIZE, + ) } -/// Check that the public key is well formed and has an exponent within acceptable bounds. +/// Check that the public key is well-formed and has an exponent within acceptable bounds. #[inline] -fn check_public_with_max_size(n: &BoxedUint, e: &BoxedUint, max_size: usize) -> Result<()> { - if n.bits_vartime() as usize > max_size { +fn check_public_with_size_limits( + n: &BoxedUint, + e: &BoxedUint, + size_range_bits: Range, +) -> Result<()> { + let modulus_bits = n.bits_vartime(); + + if modulus_bits < size_range_bits.start { + return Err(Error::ModulusTooSmall); + } + + if modulus_bits > size_range_bits.end { return Err(Error::ModulusTooLarge); } @@ -730,7 +791,10 @@ mod tests { } fn test_key_basics(private_key: &RsaPrivateKey) { - private_key.validate().expect("invalid private key"); + // Some test keys have moduli which are smaller than 1024-bits + if private_key.bits() >= RsaPublicKey::MIN_SIZE { + private_key.validate().expect("invalid private key"); + } assert!( PrivateKeyParts::d(private_key) < PublicKeyParts::n(private_key).as_ref(), @@ -776,29 +840,17 @@ mod tests { }; } - key_generation!(key_generation_128, 2, 128); key_generation!(key_generation_1024, 2, 1024); - - key_generation!(key_generation_multi_3_256, 3, 256); - - key_generation!(key_generation_multi_4_64, 4, 64); - - key_generation!(key_generation_multi_5_64, 5, 64); - key_generation!(key_generation_multi_8_576, 8, 576); key_generation!(key_generation_multi_16_1024, 16, 1024); #[test] fn test_negative_decryption_value() { let bits = 128; - let private_key = RsaPrivateKey::from_components( - BoxedUint::from_le_slice( - &[ - 99, 192, 208, 179, 0, 220, 7, 29, 49, 151, 75, 107, 75, 73, 200, 180, - ], - bits, - ) - .unwrap(), - BoxedUint::from_le_slice(&[1, 0, 1, 0, 0, 0, 0, 0], 64).unwrap(), + let private_key = RsaPrivateKey::from_components_unchecked( + BoxedUint::from_le_slice_vartime(&[ + 99, 192, 208, 179, 0, 220, 7, 29, 49, 151, 75, 107, 75, 73, 200, 180, + ]), + BoxedUint::from_le_slice_vartime(&[1, 0, 1, 0, 0, 0, 0, 0]), BoxedUint::from_le_slice( &[ 81, 163, 254, 144, 171, 159, 144, 42, 244, 133, 51, 249, 28, 12, 63, 65, @@ -825,21 +877,43 @@ mod tests { use serde_test::{assert_tokens, Configure, Token}; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let priv_tokens = [Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900a", - "b240c3361d02e370203010001020811e54a15259d22f9020500ceff5cf302", - "0500d3a7aaad020500ccaddf17020500cb529d3d020500bb526d6f" + "30820278020100300d06092a864886f70d0101010500048202623082025e0", + "2010002818100cd1419dc3771354bee0955a90489cce0c98aee6577851358", + "afe386a68bc95287862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74", + "a6702329397ffe0a8f83e2ef5297aa3d9d883cbeb94ee018fd68e986e08d5", + "b044c15e8170217cd57501d42dd72ef691b2a95bcc090d9bca735bba3ecb8", + "38650f13b1aa36d0f454e37ff020301000102818100935c4248cf3df5c21d", + "c56f5c07faccd129813f5481d189d94c69fdb366f6beeacb2927552a2032f", + "321cd3e92237da40f3fcbfc8df6f9d928b3978c1ec8aab23e857a3ba2db26", + "941ace6ecda8dcb290866a80820b3aa9138179ca867d37825ebcdb48adbe7", + "c397f1e77c4160f0fbf87cc0cd5dff195ac96fd333c0b38384c74c1024100", + "e90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb2e7455aeb5c", + "af83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7aa924e", + "ff5d67024100e148067566a1fa3aabd0672361be62715516c9d62790b03f4", + "326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f", + "325e58c523b98199a9024100df15fc8924577892b1a4707b178faf4d751c6", + "91ed928b387486eaafd0ee7866a8916c73fa1b979d1f037ee6fa904563033", + "b4c5f2911e328a3c9f87c0d190d1c7024057461ce26c7141cc6af5608f6f7", + "55f13c2c0024f49a29ef4d321fb9425c1076033ac7e094c20ce4239185b5a", + "246b06795576a178d16fc4d9317db859bfaafa8902410084b2d64651b471b", + "f805af14018db693cdab6059063a6aa4eb8f9ca99b319074b79d7dead3d05", + "68c364978be262d3395aa60541d670f94367babebe7616dbc260" ))]; assert_tokens(&priv_key.clone().readable(), &priv_tokens); - let priv_tokens = [Token::Str( - "3024300d06092a864886f70d01010105000313003010020900ab240c3361d02e370203010001", - )]; + let pub_tokens = [Token::Str(concat!( + "30819f300d06092a864886f70d010101050003818d0030818902818100cd1419dc3771354bee", + "0955a90489cce0c98aee6577851358afe386a68bc95287862a1157d5aba8847e8e57b6f2f947", + "48ab7efda3f3c74a6702329397ffe0a8f83e2ef5297aa3d9d883cbeb94ee018fd68e986e08d5", + "b044c15e8170217cd57501d42dd72ef691b2a95bcc090d9bca735bba3ecb838650f13b1aa36d", + "0f454e37ff0203010001", + ))]; assert_tokens( &RsaPublicKey::from(priv_key.clone()).readable(), - &priv_tokens, + &pub_tokens, ); } From 5849cc34af29e125a6e1ba7e10c7521ee0d2d056 Mon Sep 17 00:00:00 2001 From: pinkforest <36498018+pinkforest@users.noreply.github.com> Date: Fri, 15 Aug 2025 06:28:09 +0000 Subject: [PATCH 2/4] Fix tests --- src/key.rs | 41 +++++------ src/oaep/decrypting_key.rs | 6 +- src/oaep/encrypting_key.rs | 4 +- src/pkcs1v15.rs | 120 ++++++++++++--------------------- src/pkcs1v15/decrypting_key.rs | 26 +++++-- src/pkcs1v15/encrypting_key.rs | 12 ++-- src/pkcs1v15/signing_key.rs | 25 +++++-- src/pkcs1v15/verifying_key.rs | 12 ++-- src/pss.rs | 78 +++++++-------------- src/pss/blinded_signing_key.rs | 6 +- src/pss/signing_key.rs | 25 +++++-- src/pss/verifying_key.rs | 12 ++-- tests/proptests.rs | 2 +- 13 files changed, 183 insertions(+), 186 deletions(-) diff --git a/src/key.rs b/src/key.rs index b391d7d0..e73f49d2 100644 --- a/src/key.rs +++ b/src/key.rs @@ -885,33 +885,34 @@ mod tests { "30820278020100300d06092a864886f70d0101010500048202623082025e0", "2010002818100cd1419dc3771354bee0955a90489cce0c98aee6577851358", "afe386a68bc95287862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74", - "a6702329397ffe0a8f83e2ef5297aa3d9d883cbeb94ee018fd68e986e08d5", - "b044c15e8170217cd57501d42dd72ef691b2a95bcc090d9bca735bba3ecb8", - "38650f13b1aa36d0f454e37ff020301000102818100935c4248cf3df5c21d", - "c56f5c07faccd129813f5481d189d94c69fdb366f6beeacb2927552a2032f", - "321cd3e92237da40f3fcbfc8df6f9d928b3978c1ec8aab23e857a3ba2db26", - "941ace6ecda8dcb290866a80820b3aa9138179ca867d37825ebcdb48adbe7", - "c397f1e77c4160f0fbf87cc0cd5dff195ac96fd333c0b38384c74c1024100", + "a6702329397ffe0b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5", + "242b3addb54d346ecf43eb0d7343bcb258a31d5fa51f47b9e0d7280623901", + "d1d29af1a986fec92ba5fe2430203010001028181009bb3203326d0c7b31f", + "456d08c6ce4c8379e10640792ecad271afe002406d184096a707c5d50ee00", + "1c00818266970c3233439551f0e2d879a8f7b90bd3d62fdffa3e661f14c8d", + "cce071f081966e25bb351289810c2f8a012f2fa3f001029d7f2e0cf24f6a4", + "b139292f8078fac24e7fc8185bab4f02f539267bd09b615e4e19fe1024100", "e90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb2e7455aeb5c", "af83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7aa924e", - "ff5d67024100e148067566a1fa3aabd0672361be62715516c9d62790b03f4", + "ff6031024100e148067566a1fa3aabd0672361be62715516c9d62790b03f4", "326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f", - "325e58c523b98199a9024100df15fc8924577892b1a4707b178faf4d751c6", - "91ed928b387486eaafd0ee7866a8916c73fa1b979d1f037ee6fa904563033", - "b4c5f2911e328a3c9f87c0d190d1c7024057461ce26c7141cc6af5608f6f7", - "55f13c2c0024f49a29ef4d321fb9425c1076033ac7e094c20ce4239185b5a", - "246b06795576a178d16fc4d9317db859bfaafa8902410084b2d64651b471b", - "f805af14018db693cdab6059063a6aa4eb8f9ca99b319074b79d7dead3d05", - "68c364978be262d3395aa60541d670f94367babebe7616dbc260" + "325e58c523b981a0b3024100ab96e85323bd038a3fca588c58ddd681278d6", + "96e8d84ef7ef676f303afcb7d728287e897a55e84e8c8b9e772da447b3115", + "8d0912877fa7d4945b4d15c382f7d102400ddde317e2e36185af01baf7809", + "2b97884664cb233e9421002d0268a7c79a3c313c167b4903466bfacd4da3b", + "db99420df988ab89cdd96a102da2852ff7c134e5024100bafb0dac0fda53f", + "9c755c23483343922727b88a5256a6fb47242e1c99b8f8a2c914f39f7af30", + "1219245786a6bb15336231d6a9b57ee7e0b3dd75129f93f54ecf" ))]; assert_tokens(&priv_key.clone().readable(), &priv_tokens); let pub_tokens = [Token::Str(concat!( - "30819f300d06092a864886f70d010101050003818d0030818902818100cd1419dc3771354bee", - "0955a90489cce0c98aee6577851358afe386a68bc95287862a1157d5aba8847e8e57b6f2f947", - "48ab7efda3f3c74a6702329397ffe0a8f83e2ef5297aa3d9d883cbeb94ee018fd68e986e08d5", - "b044c15e8170217cd57501d42dd72ef691b2a95bcc090d9bca735bba3ecb838650f13b1aa36d", - "0f454e37ff0203010001", + "30819f300d06092a864886f70d010101050003818d0030818902818100cd1", + "419dc3771354bee0955a90489cce0c98aee6577851358afe386a68bc95287", + "862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74a6702329397ffe0b", + "1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5242b3addb54d346e", + "cf43eb0d7343bcb258a31d5fa51f47b9e0d7280623901d1d29af1a986fec9", + "2ba5fe2430203010001" ))]; assert_tokens( &RsaPublicKey::from(priv_key.clone()).readable(), diff --git a/src/oaep/decrypting_key.rs b/src/oaep/decrypting_key.rs index 70d759bf..8969bf8f 100644 --- a/src/oaep/decrypting_key.rs +++ b/src/oaep/decrypting_key.rs @@ -107,7 +107,7 @@ mod tests { let mut rng = ChaCha8Rng::from_seed([42; 32]); let decrypting_key = DecryptingKey::::new( - RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"), + RsaPrivateKey::new(&mut rng, 2048).expect("failed to generate key"), ); let tokens = [ @@ -117,9 +117,7 @@ mod tests { }, Token::Str("inner"), Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900ab", - "240c3361d02e370203010001020811e54a15259d22f9020500ceff5cf30205", - "00d3a7aaad020500ccaddf17020500cb529d3d020500bb526d6f" + "308204bd020100300d06092a864886f70d0101010500048204a7308204a30201000282010100cf823bdbad23cda55787e9d1dbd630457e3e8407f3a4da723656a120866a8284ce211ff8464904cf7dab256d0b5544549719f4155d32187ad3eb928ada9cd4152a9e4153e21c68022e654b0d10b065519e9ef5619f431740c2a0f568141c27670485f28d1643fe650af3757f4775af5d01ed3c992a6269c5aa5ff7f52450c30a84783e36931b8855b091559540ec34e0730c511d62e09ea86d66b0f4cb92d1a609e7fb6f34ae8cf08bd791eee85150850e943fb5e4d9b7fd44a5eb474ed7e0bb7faa2e1dca443d5df8f77468fb0905731e421b2e06e864f957f3a517b2b0e3ad09118310b9fd74cb54bb07308d009e3ec6cecc17f06cddf10e0b1b9eff5ff8b90203010001028201000a7071d4765c63bf1aad32bd25031c80927e50a419c4c45c94913d1fe6c33af7b56b0331b94f79177b29fe03035bf1c913a4f19b9589aca3993fb3aa9a9ee32881715eb5fa9d153a6edd17ae7b9574336bf8713dcd065208270273f61d74e122949eac7a1e91a31db0345947e2ef6fb80d1dc33bad5f30150aa2335638d27b4d57f47262b31059351b08c2350d8afe88d1dfbd1b398daf317db8c0cd42859072b8ddadcc2d50c5ad1d6d06a56594bdabb7dd51c77fe2b5d404c64ff99e6500de5da418c5c49c6ebd7ecfc400f18ba26fd4d6e7b31e435d494326585a9efff7bdb3c51ba19399918df4a999453dfed65e84adb15b0a183416b5ec5f221491978102818100e148067566a1fa3aabd0672361be62715516c9d62790b03f4326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f325e58c523b9819747a90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb2e7455aeb5caf83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7aa924eff6ec902818100ebcdd03d9b1dfd2ea4f2d6dade79fcb02727d84426f9d756121525f14696434fa594867ca839d1025b823a7576eb6c8b33e6dd4ff4fcb72c6069d1e5e74885e90b76b0bf3994501dd0ef212694e73cbf43855731ba543c771debf979eea8f77fcab8a53d56fc46d5398893f3421ca54b371afb10ecb2137892f5062c506e82710281801c345542ab87c9f9407b85fe23059ff38a70a0f263dfb481271a1b5e5709afe4cc9bb7f63d4b7c9599175bed3f29b234288929a048c40c76d4e30e436bbd32c071047fb011c2f5f39c615bb3bfade232c2c0d5c797228c0c4544daa1c38ed50b8188093e2518fdb458b5102172b00ec0b8364e81c049847a5230a2a550a8a029028180718bebc89e9734416fc057e190dbe0e7da12ffbae1a1d1256b13afef9cf3e279c9dbd95ed18af5b052ec44c6277b7a0b15f50780e711820ae66a4e5e8c9e898d0cae1cb21841e8ca52bfb390e686eae396d9f080cb9ea077237b6be8611a10040354228d85037a0056f2037c51cb8574d096376b90eeb71d8a765e809c427aa102818100886afe7a9610e60cd2da4cf3137ba5f597cd9cdc344f36c4101720363341c42cdfe09f68ee25a3dd63e191b6542bcd97aaa0af776eb68aaab84db4594e5340591b4fe194ea2fe2f7586ac3c3aaf8bc337963c4e05d6556b1a6024ac6e07710cdf01bcd9543e263a35ad13baaa2aa6c3af60880cc56622959916cab038a51fff9", )), Token::Str("label"), Token::None, diff --git a/src/oaep/encrypting_key.rs b/src/oaep/encrypting_key.rs index 60524a21..58a6a453 100644 --- a/src/oaep/encrypting_key.rs +++ b/src/oaep/encrypting_key.rs @@ -80,7 +80,7 @@ mod tests { use serde_test::{assert_tokens, Configure, Token}; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 2048).expect("failed to generate key"); let encrypting_key = EncryptingKey::::new(priv_key.to_public_key()); let tokens = [ @@ -90,7 +90,7 @@ mod tests { }, Token::Str("inner"), Token::Str( - "3024300d06092a864886f70d01010105000313003010020900ab240c3361d02e370203010001", + "30820122300d06092a864886f70d01010105000382010f003082010a0282010100cf823bdbad23cda55787e9d1dbd630457e3e8407f3a4da723656a120866a8284ce211ff8464904cf7dab256d0b5544549719f4155d32187ad3eb928ada9cd4152a9e4153e21c68022e654b0d10b065519e9ef5619f431740c2a0f568141c27670485f28d1643fe650af3757f4775af5d01ed3c992a6269c5aa5ff7f52450c30a84783e36931b8855b091559540ec34e0730c511d62e09ea86d66b0f4cb92d1a609e7fb6f34ae8cf08bd791eee85150850e943fb5e4d9b7fd44a5eb474ed7e0bb7faa2e1dca443d5df8f77468fb0905731e421b2e06e864f957f3a517b2b0e3ad09118310b9fd74cb54bb07308d009e3ec6cecc17f06cddf10e0b1b9eff5ff8b90203010001", ), Token::Str("label"), Token::None, diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs index b3608e95..49502a28 100644 --- a/src/pkcs1v15.rs +++ b/src/pkcs1v15.rs @@ -268,24 +268,14 @@ mod tests { use crate::{RsaPrivateKey, RsaPublicKey}; fn get_private_key() -> RsaPrivateKey { - // In order to generate new test vectors you'll need the PEM form of this key: - // -----BEGIN RSA PRIVATE KEY----- - // MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0 - // fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu - // /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu - // RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/ - // EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A - // IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS - // tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V - // -----END RSA PRIVATE KEY----- - + // https://github.com/C2SP/wycheproof/blob/main/testvectors/rsa_oaep_misc_test.json RsaPrivateKey::from_components( - BoxedUint::from_be_hex("B2990F49C47DFA8CD400AE6A4D1B8A3B6A13642B23F28B003BFB97790ADE9A4CC82B8B2A81747DDEC08B6296E53A08C331687EF25C4BF4936BA1C0E6041E9D15", 512).unwrap(), + BoxedUint::from_be_hex("d0941e63a980fa92fb25ed4c7b3307f827023034ae7f1a7491f0699ca7607285e62ad8e994bac21b8b6e305e334f4874067d28e304230dca7f0e85f7ce595770b6e054c9f844ba86c0696eeba0769d8d4a347e8fe85c724ac1c44994af18a39e719f721f1bc50c46a39e6c075fcd1649f01f22608ce7dc6955502258336987d9", 1024).unwrap(), BoxedUint::from(65_537u64), - BoxedUint::from_be_hex("8ABD6A69F4D1A4B487F0AB8D7AAEFD38609405C999984E30F567E1E8AEEFF44E8B18BDB1EC78DFA31A55E32A48D7FB131F5AF1F44D7D6B2CED2A9DF5E5AE4535", 512).unwrap(), + BoxedUint::from_be_hex("5ff4a47e690ea338573e3d8b3fea5c32378ff4296855a51017cba86a9f3de9b1dc0fbe36c76b9bbd1c4a170a5f448c2a8489b3f3ac858be4aacb3daaa14dccc183622eedd3ae6f0427a2a298b51b97818a5430f13705f42d8b25476f939c935e389e30d9ade5d0180920135f5aef0c5fecd15f00b83b51dab8ba930d88826801", 1024).unwrap(), vec![ - BoxedUint::from_be_hex("DAB2F18048BAA68DE7DF04D2D35D5D80E60E2DFA42D50A9B04219032715E46B3", 256).unwrap(), - BoxedUint::from_be_hex("D10F2E66B1D0C13F10EF9927BF5324A379CA218146CBF9CAFC795221F16A3117", 256).unwrap() + BoxedUint::from_be_hex("e882d12d5f0be26a80359f13c08210bdcbf759dfee695313efa8886919659b064e3c656a267af6275ed1af89a5dfe9e25b31a02bafbd59445b7507a22989a681", 512).unwrap(), + BoxedUint::from_be_hex("e5a65cfa668bd857d59135a78c18c8adb7c222368e9d74abad8e83299f7ac3c2ad7aa44ddb05deea6d9b20dbaf09a8615284a17c72d3723240334685ea7e2559", 512).unwrap(), ], ).unwrap() } @@ -296,19 +286,19 @@ mod tests { let tests = [ [ - "gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==", + "f0f4qsNunKxRgsag5/p3AER7uoqs/Gupe33kuJWGAkLjobLsLszxp7uwVngeoxpDi87rTcJ9y0Sbu2QfnV/KvwEHiuQ8NL1FCRt4ujwgNtQms9XHjkTeLUX9tapoxdA0QhLsjblZFdb3fAvZXHGKPTBdHkxHut6LHG37SxbHeQY=", "x", ], [ - "Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==", + "l+L4+CdrgcFJ9LngppA+o7pZAKmZs4Gu5cRsum7OAji0+XNamTaPKxgtAio5A8ltRLJxrfZnRFOIOyn4964vMIB2YfVG/Vak//kLIn/rbgaVGndmWxQuR6ykEruOuqn5JUqv4JHaW30aDzEkCbpXWpFJ7dhfrWZdSv4XKpt9cY4=", "testing.", ], [ - "arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==", + "JtlpY3lTeCmkRRrIgfuOXH0ubMOL1U/n6nM6r6kF2iuRiFIPapfEzHF2WSvrbxZXa8gzJo1PuAJiJ6Vy90vOWbP43VEXLk5wyGZPePwHQ1WwOcE+6okZ9j9zmAmAnQUyaUjPfhwyDC64ObjiSKeIPCYSsdURy/Z67lcTZ6JJ8+8=", "testing.\n", ], [ - "WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==", + "TcyqI5jrGyln5AspqnvWShPIjKIZtXbNApf9TqAZrsl31RS+k6blEJy6YVZeow9QKis+UyIcz08nMGX/D3lm/JA4bwpyBFAvSFr2MNjNpGh9QqEcGryI0CpLA1fy56x7YGB/Y0eJZXnSj91udGubJTEI9ULTouoFAKxoWq7ioTc=", "01234567890123456789012345678901234567890123456789012", ], ]; @@ -352,19 +342,19 @@ mod tests { let tests = [ [ - "gIcUIoVkD6ATMBk/u/nlCZCCWRKdkfjCgFdo35VpRXLduiKXhNz1XupLLzTXAybEq15juc+EgY5o0DHv/nt3yg==", + "f0f4qsNunKxRgsag5/p3AER7uoqs/Gupe33kuJWGAkLjobLsLszxp7uwVngeoxpDi87rTcJ9y0Sbu2QfnV/KvwEHiuQ8NL1FCRt4ujwgNtQms9XHjkTeLUX9tapoxdA0QhLsjblZFdb3fAvZXHGKPTBdHkxHut6LHG37SxbHeQY=", "x", ], [ - "Y7TOCSqofGhkRb+jaVRLzK8xw2cSo1IVES19utzv6hwvx+M8kFsoWQm5DzBeJCZTCVDPkTpavUuEbgp8hnUGDw==", + "l+L4+CdrgcFJ9LngppA+o7pZAKmZs4Gu5cRsum7OAji0+XNamTaPKxgtAio5A8ltRLJxrfZnRFOIOyn4964vMIB2YfVG/Vak//kLIn/rbgaVGndmWxQuR6ykEruOuqn5JUqv4JHaW30aDzEkCbpXWpFJ7dhfrWZdSv4XKpt9cY4=", "testing.", ], [ - "arReP9DJtEVyV2Dg3dDp4c/PSk1O6lxkoJ8HcFupoRorBZG+7+1fDAwT1olNddFnQMjmkb8vxwmNMoTAT/BFjQ==", + "JtlpY3lTeCmkRRrIgfuOXH0ubMOL1U/n6nM6r6kF2iuRiFIPapfEzHF2WSvrbxZXa8gzJo1PuAJiJ6Vy90vOWbP43VEXLk5wyGZPePwHQ1WwOcE+6okZ9j9zmAmAnQUyaUjPfhwyDC64ObjiSKeIPCYSsdURy/Z67lcTZ6JJ8+8=", "testing.\n", ], [ - "WtaBXIoGC54+vH0NH0CHHE+dRDOsMc/6BrfFu2lEqcKL9+uDuWaf+Xj9mrbQCjjZcpQuX733zyok/jsnqe/Ftw==", + "TcyqI5jrGyln5AspqnvWShPIjKIZtXbNApf9TqAZrsl31RS+k6blEJy6YVZeow9QKis+UyIcz08nMGX/D3lm/JA4bwpyBFAvSFr2MNjNpGh9QqEcGryI0CpLA1fy56x7YGB/Y0eJZXnSj91udGubJTEI9ULTouoFAKxoWq7ioTc=", "01234567890123456789012345678901234567890123456789012", ], ]; @@ -413,24 +403,21 @@ mod tests { let tests = [( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), )]; for (text, expected) in &tests { let digest = Sha1::digest(text.as_bytes()).to_vec(); let out = priv_key.sign(Pkcs1v15Sign::new::(), &digest).unwrap(); - assert_ne!(out, digest); - assert_eq!(out, expected); + assert_ne!(hex::encode(&out), hex::encode(&digest)); + assert_eq!(hex::encode(&out), hex::encode(&expected)); let mut rng = ChaCha8Rng::from_seed([42; 32]); let out2 = priv_key .sign_with_rng(&mut rng, Pkcs1v15Sign::new::(), &digest) .unwrap(); - assert_eq!(out2, expected); + assert_eq!(hex::encode(&out2), hex::encode(&expected)); } } @@ -440,10 +427,7 @@ mod tests { let tests = [( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), )]; let signing_key = SigningKey::::new(priv_key); @@ -452,7 +436,7 @@ mod tests { let out = signing_key.sign(text.as_bytes()).to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); assert_ne!(out.as_ref(), &Sha1::digest(text.as_bytes()).to_vec()); - assert_eq!(out.as_ref(), expected); + assert_eq!(hex::encode(out.as_ref()), hex::encode(&expected)); let mut rng = ChaCha8Rng::from_seed([42; 32]); let out2 = signing_key @@ -468,10 +452,7 @@ mod tests { let tests = [( "Test.\n", - hex!( - "2ffae3f3e130287b3a1dcb320e46f52e8f3f7969b646932273a7e3a6f2a182ea" - "02d42875a7ffa4a148aa311f9e4b562e4e13a2223fb15f4e5bf5f2b206d9451b" - ), + hex!("506ea024cfef1a98540d98da07d50a3c08bf03e09f9503e211dada539cd99bcb31e1d439d19182e4ec195496602180874ee1300282f62c74f7d57b9b619ac6092eebb47fedeca1d5d0e63bb5e1f630b06e170a1409fd310e265409b29bb741c37f5400524a6cf18e396ebda1190bc585086e214586d97f0ff822907796bc3879"), )]; let signing_key = SigningKey::::new(priv_key); @@ -479,7 +460,7 @@ mod tests { for (text, expected) in &tests { let out = signing_key.sign(text.as_bytes()).to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); - assert_eq!(out.as_ref(), expected); + assert_eq!(hex::encode(out.as_ref()), hex::encode(&expected)); let mut rng = ChaCha8Rng::from_seed([42; 32]); let out2 = signing_key @@ -495,10 +476,7 @@ mod tests { let tests = [( "Test.\n", - hex!( - "55e9fba3354dfb51d2c8111794ea552c86afc2cab154652c03324df8c2c51ba7" - "2ff7c14de59a6f9ba50d90c13a7537cc3011948369f1f0ec4a49d21eb7e723f9" - ), + hex!("54e376075e2dfb2c98329102f932f44bc3ae993184742f6572dc5bb86da6d33c966164e377735056e9c56847cf8905ee2f8fd326468571502b3119b8ec8cd30c25a479f2ae204cddff3a0ecc206ce27eca4fdf5d26bad83ef891f9ebb443c6150cae5718ef567f9a8056c8819aad6134ee1d06ed8f150ff573c7938ec568efa1"), )]; let signing_key = SigningKey::::new(priv_key); @@ -506,7 +484,7 @@ mod tests { for (text, expected) in &tests { let out = signing_key.sign(text.as_bytes()).to_bytes(); assert_ne!(out.as_ref(), text.as_bytes()); - assert_eq!(out.as_ref(), expected); + assert_eq!(hex::encode(out.as_ref()), hex::encode(&expected)); let mut rng = ChaCha8Rng::from_seed([42; 32]); let out2 = signing_key @@ -522,10 +500,7 @@ mod tests { let tests = [( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), )]; let signing_key = SigningKey::new(priv_key); @@ -555,18 +530,12 @@ mod tests { let tests = [ ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), true, ), ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af" - ), + hex!("7919de0402424f7b00f16bda36bb7b4d83dd7fb2cb315d9083f60457063393948dc991cfc8161c7b1266ec373b69bc47554a833f95edab8266385a3a36786fe90f172a9882eddc451f3f678a85ed09c60b26300490dd69ef601849c1f4c01f78046bb8351f3a7888b8ce2213790ab11c5402c4a279cbc9a52e4bc76c4cc41600"), false, ), ]; @@ -574,8 +543,8 @@ mod tests { for (text, sig, expected) in &tests { let digest = Sha1::digest(text.as_bytes()).to_vec(); - let result = pub_key.verify(Pkcs1v15Sign::new::(), &digest, sig); + match expected { true => result.expect("failed to verify"), false => { @@ -592,18 +561,12 @@ mod tests { let tests = [ ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), true, ), ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a0800"), false, ), ]; @@ -631,18 +594,12 @@ mod tests { let tests = [ ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362ae" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a082d"), true, ), ( "Test.\n", - hex!( - "a4f3fa6ea93bcdd0c57be020c1193ecbfd6f200a3d95c409769b029578fa0e33" - "6ad9a347600e40d3ae823b8c7e6bad88cc07c1d54c3a1523cbbb6d58efc362af" - ), + hex!("2c5954065af5f8c651cc46c49af719507648947a6100ef5c37294939a396c529551bd65c90c4aae0417cd3e621bcfb1d40630b6593a14589b94943efa50342310c23b07aa7acd102dc0b922272db0908509467d56ae3edc5d4ec71ba072f509d0f83d7bc1d88174c0c39a3587963c8625e606c3b99cf9a202da0c0b3677a0800"), false, ), ]; @@ -652,6 +609,7 @@ mod tests { for (text, sig, expected) in &tests { let mut digest = Sha1::new(); digest.update(text.as_bytes()); + let result = verifying_key.verify_digest(digest, &Signature::try_from(sig.as_slice()).unwrap()); match expected { @@ -666,11 +624,14 @@ mod tests { #[test] fn test_unpadded_signature() { let msg = b"Thu Dec 19 18:06:16 EST 2013\n"; - let expected_sig = Base64::decode_vec("pX4DR8azytjdQ1rtUiC040FjkepuQut5q2ZFX1pTjBrOVKNjgsCDyiJDGZTCNoh9qpXYbhl7iEym30BWWwuiZg==").unwrap(); + let expected_sig = Base64::decode_vec("E3O2B8toxZitc013ZK0TRP4uo47Clpm/Me/o+Yv5qpU7ZP6x9gFUc8IVv2LkX7kUtkgPl/85f/ehJhcXCsoRoOEbcio8PR3JCt/uPJSzokTvNx7bmYxXTJox6oF3kM3+NI+21jh8CZVyk81lTtFulLfmzAsH4L4w5QJcwWtNJpE=").unwrap(); let priv_key = get_private_key(); let sig = priv_key.sign(Pkcs1v15Sign::new_unprefixed(), msg).unwrap(); - assert_eq!(expected_sig, sig); + assert_eq!( + Base64::encode_string(&expected_sig), + Base64::encode_string(&sig) + ); let pub_key: RsaPublicKey = priv_key.into(); pub_key @@ -681,7 +642,7 @@ mod tests { #[test] fn test_unpadded_signature_hazmat() { let msg = b"Thu Dec 19 18:06:16 EST 2013\n"; - let expected_sig = Base64::decode_vec("pX4DR8azytjdQ1rtUiC040FjkepuQut5q2ZFX1pTjBrOVKNjgsCDyiJDGZTCNoh9qpXYbhl7iEym30BWWwuiZg==").unwrap(); + let expected_sig = Base64::decode_vec("E3O2B8toxZitc013ZK0TRP4uo47Clpm/Me/o+Yv5qpU7ZP6x9gFUc8IVv2LkX7kUtkgPl/85f/ehJhcXCsoRoOEbcio8PR3JCt/uPJSzokTvNx7bmYxXTJox6oF3kM3+NI+21jh8CZVyk81lTtFulLfmzAsH4L4w5QJcwWtNJpE=").unwrap(); let priv_key = get_private_key(); let signing_key = SigningKey::::new_unprefixed(priv_key); @@ -689,7 +650,10 @@ mod tests { .sign_prehash(msg) .expect("Failure during sign") .to_bytes(); - assert_eq!(sig.as_ref(), expected_sig); + assert_eq!( + Base64::encode_string(sig.as_ref()), + Base64::encode_string(&expected_sig) + ); let verifying_key = signing_key.verifying_key(); verifying_key diff --git a/src/pkcs1v15/decrypting_key.rs b/src/pkcs1v15/decrypting_key.rs index f5c36922..2c67a450 100644 --- a/src/pkcs1v15/decrypting_key.rs +++ b/src/pkcs1v15/decrypting_key.rs @@ -64,7 +64,7 @@ mod tests { let mut rng = ChaCha8Rng::from_seed([42; 32]); let decrypting_key = - DecryptingKey::new(RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key")); + DecryptingKey::new(RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key")); let tokens = [ Token::Struct { @@ -73,9 +73,27 @@ mod tests { }, Token::Str("inner"), Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900ab", - "240c3361d02e370203010001020811e54a15259d22f9020500ceff5cf30205", - "00d3a7aaad020500ccaddf17020500cb529d3d020500bb526d6f" + "30820278020100300d06092a864886f70d0101010500048202623082025e0", + "2010002818100cd1419dc3771354bee0955a90489cce0c98aee6577851358", + "afe386a68bc95287862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74", + "a6702329397ffe0b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5", + "242b3addb54d346ecf43eb0d7343bcb258a31d5fa51f47b9e0d7280623901", + "d1d29af1a986fec92ba5fe2430203010001028181009bb3203326d0c7b31f", + "456d08c6ce4c8379e10640792ecad271afe002406d184096a707c5d50ee00", + "1c00818266970c3233439551f0e2d879a8f7b90bd3d62fdffa3e661f14c8d", + "cce071f081966e25bb351289810c2f8a012f2fa3f001029d7f2e0cf24f6a4", + "b139292f8078fac24e7fc8185bab4f02f539267bd09b615e4e19fe1024100", + "e90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb2e7455aeb5c", + "af83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7aa924e", + "ff6031024100e148067566a1fa3aabd0672361be62715516c9d62790b03f4", + "326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f", + "325e58c523b981a0b3024100ab96e85323bd038a3fca588c58ddd681278d6", + "96e8d84ef7ef676f303afcb7d728287e897a55e84e8c8b9e772da447b3115", + "8d0912877fa7d4945b4d15c382f7d102400ddde317e2e36185af01baf7809", + "2b97884664cb233e9421002d0268a7c79a3c313c167b4903466bfacd4da3b", + "db99420df988ab89cdd96a102da2852ff7c134e5024100bafb0dac0fda53f", + "9c755c23483343922727b88a5256a6fb47242e1c99b8f8a2c914f39f7af30", + "1219245786a6bb15336231d6a9b57ee7e0b3dd75129f93f54ecf" )), Token::StructEnd, ]; diff --git a/src/pkcs1v15/encrypting_key.rs b/src/pkcs1v15/encrypting_key.rs index 0999f88b..2419bd4c 100644 --- a/src/pkcs1v15/encrypting_key.rs +++ b/src/pkcs1v15/encrypting_key.rs @@ -37,7 +37,7 @@ mod tests { use serde_test::{assert_tokens, Configure, Token}; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let encrypting_key = EncryptingKey::new(priv_key.to_public_key()); let tokens = [ @@ -46,9 +46,13 @@ mod tests { len: 1, }, Token::Str("inner"), - Token::Str( - "3024300d06092a864886f70d01010105000313003010020900ab240c3361d02e370203010001", - ), + Token::Str(concat!( + "30819f300d06092a864886f70d010101050003818d0030818902818100cd1419dc3771354bee", + "0955a90489cce0c98aee6577851358afe386a68bc95287862a1157d5aba8847e8e57b6f2f947", + "48ab7efda3f3c74a6702329397ffe0b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5", + "242b3addb54d346ecf43eb0d7343bcb258a31d5fa51f47b9e0d7280623901d1d29af1a986fec", + "92ba5fe2430203010001", + )), Token::StructEnd, ]; assert_tokens(&encrypting_key.clone().readable(), &tokens); diff --git a/src/pkcs1v15/signing_key.rs b/src/pkcs1v15/signing_key.rs index 2bb6e72b..efad3a43 100644 --- a/src/pkcs1v15/signing_key.rs +++ b/src/pkcs1v15/signing_key.rs @@ -327,13 +327,30 @@ mod tests { use sha2::Sha256; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let signing_key = SigningKey::::new(priv_key); let tokens = [Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900ab240c", - "3361d02e370203010001020811e54a15259d22f9020500ceff5cf3020500d3a7aa", - "ad020500ccaddf17020500cb529d3d020500bb526d6f", + "30820278020100300d06092a864886f70d0101010500048202623082025e020100", + "02818100cd1419dc3771354bee0955a90489cce0c98aee6577851358afe386a68b", + "c95287862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74a6702329397ffe0", + "b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5242b3addb54d346ecf43", + "eb0d7343bcb258a31d5fa51f47b9e0d7280623901d1d29af1a986fec92ba5fe243", + "0203010001028181009bb3203326d0c7b31f456d08c6ce4c8379e10640792ecad2", + "71afe002406d184096a707c5d50ee001c00818266970c3233439551f0e2d879a8f", + "7b90bd3d62fdffa3e661f14c8dcce071f081966e25bb351289810c2f8a012f2fa3", + "f001029d7f2e0cf24f6a4b139292f8078fac24e7fc8185bab4f02f539267bd09b6", + "15e4e19fe1024100e90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb", + "2e7455aeb5caf83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7", + "aa924eff6031024100e148067566a1fa3aabd0672361be62715516c9d62790b03f", + "4326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f325e", + "58c523b981a0b3024100ab96e85323bd038a3fca588c58ddd681278d696e8d84ef", + "7ef676f303afcb7d728287e897a55e84e8c8b9e772da447b31158d0912877fa7d4", + "945b4d15c382f7d102400ddde317e2e36185af01baf78092b97884664cb233e942", + "1002d0268a7c79a3c313c167b4903466bfacd4da3bdb99420df988ab89cdd96a10", + "2da2852ff7c134e5024100bafb0dac0fda53f9c755c23483343922727b88a5256a", + "6fb47242e1c99b8f8a2c914f39f7af301219245786a6bb15336231d6a9b57ee7e0", + "b3dd75129f93f54ecf", ))]; assert_tokens(&signing_key.readable(), &tokens); diff --git a/src/pkcs1v15/verifying_key.rs b/src/pkcs1v15/verifying_key.rs index f6150c93..080cabc7 100644 --- a/src/pkcs1v15/verifying_key.rs +++ b/src/pkcs1v15/verifying_key.rs @@ -249,13 +249,17 @@ mod tests { use sha2::Sha256; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let pub_key = priv_key.to_public_key(); let verifying_key = VerifyingKey::::new(pub_key); - let tokens = [Token::Str( - "3024300d06092a864886f70d01010105000313003010020900ab240c3361d02e370203010001", - )]; + let tokens = [Token::Str(concat!( + "30819f300d06092a864886f70d010101050003818d0030818902818100cd1419dc3771354bee", + "0955a90489cce0c98aee6577851358afe386a68bc95287862a1157d5aba8847e8e57b6f2f947", + "48ab7efda3f3c74a6702329397ffe0b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5", + "242b3addb54d346ecf43eb0d7343bcb258a31d5fa51f47b9e0d7280623901d1d29af1a986fec", + "92ba5fe2430203010001", + ))]; assert_tokens(&verifying_key.readable(), &tokens); } diff --git a/src/pss.rs b/src/pss.rs index 3ef0e429..f31682b8 100644 --- a/src/pss.rs +++ b/src/pss.rs @@ -269,26 +269,21 @@ mod test { use signature::{DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, Verifier}; fn get_private_key() -> RsaPrivateKey { - // In order to generate new test vectors you'll need the PEM form of this key: - // -----BEGIN RSA PRIVATE KEY----- - // MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0 - // fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu - // /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu - // RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/ - // EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A - // IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS - // tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V - // -----END RSA PRIVATE KEY----- - let pem = r#" -----BEGIN RSA PRIVATE KEY----- -MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0 -fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu -/ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu -RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/ -EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A -IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS -tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V +MIICXQIBAAKBgQDQlB5jqYD6kvsl7Ux7Mwf4JwIwNK5/GnSR8Gmcp2ByheYq2OmU +usIbi24wXjNPSHQGfSjjBCMNyn8OhffOWVdwtuBUyfhEuobAaW7roHadjUo0fo/o +XHJKwcRJlK8Yo55xn3IfG8UMRqOebAdfzRZJ8B8iYIzn3GlVUCJYM2mH2QIDAQAB +AoGAX/SkfmkOozhXPj2LP+pcMjeP9CloVaUQF8uoap896bHcD742x2ubvRxKFwpf +RIwqhImz86yFi+Sqyz2qoU3MwYNiLu3Trm8EJ6KimLUbl4GKVDDxNwX0LYslR2+T +nJNeOJ4w2a3l0BgJIBNfWu8MX+zRXwC4O1HauLqTDYiCaAECQQDogtEtXwviaoA1 +nxPAghC9y/dZ3+5pUxPvqIhpGWWbBk48ZWomevYnXtGviaXf6eJbMaArr71ZRFt1 +B6IpiaaBAkEA5aZc+maL2FfVkTWnjBjIrbfCIjaOnXSrrY6DKZ96w8KteqRN2wXe +6m2bINuvCahhUoShfHLTcjJAM0aF6n4lWQJBAKMnyOjxnUFQQo9eBVo86sqEahnj +DUVTStYNiUtWyvmxvwyajZZbCogt/S4UhRVO5cvgUujU9SXC1fqVVLGZKgECQQCR +8XzrQRokfgVih/eXh/SYucwtFADkPc4QuR3P6OMK34CCDULRK1T0JH3Oju4ZNCHN +YC6EOTD5RMgaDfpzAIHZAkB1kVpFR3C0kIJCN2EkTM7GWm5IrplmNEtnVhD6ytkW +L6W9HMUQjDIsL7PBRPgHdzosfQl/Y+XI072M6O+sKt4E -----END RSA PRIVATE KEY-----"#; RsaPrivateKey::from_pkcs1_pem(pem).unwrap() @@ -301,22 +296,16 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let tests = [ ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962f" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1939"), true, ), ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962e" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1900"), false, ), ]; - let pub_key: RsaPublicKey = priv_key.into(); + let pub_key: RsaPublicKey = priv_key.clone().into(); for (text, sig, expected) in &tests { let digest = Sha1::digest(text.as_bytes()).to_vec(); @@ -338,22 +327,16 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let tests = [ ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962f" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1939"), true, ), ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962e" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1900"), false, ), ]; - let pub_key: RsaPublicKey = priv_key.into(); + let pub_key: RsaPublicKey = priv_key.clone().into(); let verifying_key: VerifyingKey = VerifyingKey::new(pub_key); for (text, sig, expected) in &tests { @@ -377,27 +360,22 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let tests = [ ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962f" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1939"), true, ), ( "test\n", - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962e" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1900"), false, ), ]; - let pub_key: RsaPublicKey = priv_key.into(); + let pub_key: RsaPublicKey = priv_key.clone().into(); let verifying_key = VerifyingKey::new(pub_key); for (text, sig, expected) in &tests { let mut digest = Sha1::new(); digest.update(text.as_bytes()); + let result = verifying_key.verify_digest(digest, &Signature::try_from(sig.as_slice()).unwrap()); match expected { @@ -534,18 +512,12 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let tests = [ ( Sha1::digest("test\n"), - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962f" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1939"), true, ), ( Sha1::digest("test\n"), - hex!( - "6f86f26b14372b2279f79fb6807c49889835c204f71e38249b4c5601462da8ae" - "30f26ffdd9c13f1c75eee172bebe7b7c89f2f1526c722833b9737d6c172a962e" - ), + hex!("699c0fa19964fe6db15b04e78f99d720d8b5d4aa7febd262e1177afed16340f8619583e3bb8e6489753ae60e83053a2c146a60bdd1be17ba952abf53499cc5ea71b092058cba4e3ad5a8740ecf77ba2ee42410fc4642b5d56f9ba075ec87f9c08c90f11e052efde3675a79e6fe4b2a6e73ebcfab277532b138d709e0618b1900"), false, ), ]; diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs index 3c1b7a66..e1e0d809 100644 --- a/src/pss/blinded_signing_key.rs +++ b/src/pss/blinded_signing_key.rs @@ -288,13 +288,11 @@ mod tests { let mut rng = ChaCha8Rng::from_seed([42; 32]); let signing_key = BlindedSigningKey::::new( - RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"), + RsaPrivateKey::new(&mut rng, 2048).expect("failed to generate key"), ); let tokens = [Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900ab240c", - "3361d02e370203010001020811e54a15259d22f9020500ceff5cf3020500d3a7aa", - "ad020500ccaddf17020500cb529d3d020500bb526d6f" + "308204bd020100300d06092a864886f70d0101010500048204a7308204a30201000282010100cf823bdbad23cda55787e9d1dbd630457e3e8407f3a4da723656a120866a8284ce211ff8464904cf7dab256d0b5544549719f4155d32187ad3eb928ada9cd4152a9e4153e21c68022e654b0d10b065519e9ef5619f431740c2a0f568141c27670485f28d1643fe650af3757f4775af5d01ed3c992a6269c5aa5ff7f52450c30a84783e36931b8855b091559540ec34e0730c511d62e09ea86d66b0f4cb92d1a609e7fb6f34ae8cf08bd791eee85150850e943fb5e4d9b7fd44a5eb474ed7e0bb7faa2e1dca443d5df8f77468fb0905731e421b2e06e864f957f3a517b2b0e3ad09118310b9fd74cb54bb07308d009e3ec6cecc17f06cddf10e0b1b9eff5ff8b90203010001028201000a7071d4765c63bf1aad32bd25031c80927e50a419c4c45c94913d1fe6c33af7b56b0331b94f79177b29fe03035bf1c913a4f19b9589aca3993fb3aa9a9ee32881715eb5fa9d153a6edd17ae7b9574336bf8713dcd065208270273f61d74e122949eac7a1e91a31db0345947e2ef6fb80d1dc33bad5f30150aa2335638d27b4d57f47262b31059351b08c2350d8afe88d1dfbd1b398daf317db8c0cd42859072b8ddadcc2d50c5ad1d6d06a56594bdabb7dd51c77fe2b5d404c64ff99e6500de5da418c5c49c6ebd7ecfc400f18ba26fd4d6e7b31e435d494326585a9efff7bdb3c51ba19399918df4a999453dfed65e84adb15b0a183416b5ec5f221491978102818100e148067566a1fa3aabd0672361be62715516c9d62790b03f4326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f325e58c523b9819747a90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb2e7455aeb5caf83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7aa924eff6ec902818100ebcdd03d9b1dfd2ea4f2d6dade79fcb02727d84426f9d756121525f14696434fa594867ca839d1025b823a7576eb6c8b33e6dd4ff4fcb72c6069d1e5e74885e90b76b0bf3994501dd0ef212694e73cbf43855731ba543c771debf979eea8f77fcab8a53d56fc46d5398893f3421ca54b371afb10ecb2137892f5062c506e82710281801c345542ab87c9f9407b85fe23059ff38a70a0f263dfb481271a1b5e5709afe4cc9bb7f63d4b7c9599175bed3f29b234288929a048c40c76d4e30e436bbd32c071047fb011c2f5f39c615bb3bfade232c2c0d5c797228c0c4544daa1c38ed50b8188093e2518fdb458b5102172b00ec0b8364e81c049847a5230a2a550a8a029028180718bebc89e9734416fc057e190dbe0e7da12ffbae1a1d1256b13afef9cf3e279c9dbd95ed18af5b052ec44c6277b7a0b15f50780e711820ae66a4e5e8c9e898d0cae1cb21841e8ca52bfb390e686eae396d9f080cb9ea077237b6be8611a10040354228d85037a0056f2037c51cb8574d096376b90eeb71d8a765e809c427aa102818100886afe7a9610e60cd2da4cf3137ba5f597cd9cdc344f36c4101720363341c42cdfe09f68ee25a3dd63e191b6542bcd97aaa0af776eb68aaab84db4594e5340591b4fe194ea2fe2f7586ac3c3aaf8bc337963c4e05d6556b1a6024ac6e07710cdf01bcd9543e263a35ad13baaa2aa6c3af60880cc56622959916cab038a51fff9", ))]; assert_tokens(&signing_key.readable(), &tokens); } diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs index b67d86d4..c2676393 100644 --- a/src/pss/signing_key.rs +++ b/src/pss/signing_key.rs @@ -320,13 +320,30 @@ mod tests { use sha2::Sha256; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let signing_key = SigningKey::::new(priv_key); let tokens = [Token::Str(concat!( - "3056020100300d06092a864886f70d010101050004423040020100020900ab240c", - "3361d02e370203010001020811e54a15259d22f9020500ceff5cf3020500d3a7aa", - "ad020500ccaddf17020500cb529d3d020500bb526d6f" + "30820278020100300d06092a864886f70d0101010500048202623082025e020100", + "02818100cd1419dc3771354bee0955a90489cce0c98aee6577851358afe386a68b", + "c95287862a1157d5aba8847e8e57b6f2f94748ab7efda3f3c74a6702329397ffe0", + "b1d4f76e1b025d87d583e48b3cfce99d6a507d94eb46c5242b3addb54d346ecf43", + "eb0d7343bcb258a31d5fa51f47b9e0d7280623901d1d29af1a986fec92ba5fe243", + "0203010001028181009bb3203326d0c7b31f456d08c6ce4c8379e10640792ecad2", + "71afe002406d184096a707c5d50ee001c00818266970c3233439551f0e2d879a8f", + "7b90bd3d62fdffa3e661f14c8dcce071f081966e25bb351289810c2f8a012f2fa3", + "f001029d7f2e0cf24f6a4b139292f8078fac24e7fc8185bab4f02f539267bd09b6", + "15e4e19fe1024100e90ad93c4b19bb40807391b5a9404ce5ea359e7b0556ee25cb", + "2e7455aeb5caf83fc26f34457cdbb173347962c66b6fe0c4686b54dbe0d2c913a7", + "aa924eff6031024100e148067566a1fa3aabd0672361be62715516c9d62790b03f", + "4326cc00b2f782e6b64a167689e5c9aebe6a4cf594f3083380fe2a0a7edf1f325e", + "58c523b981a0b3024100ab96e85323bd038a3fca588c58ddd681278d696e8d84ef", + "7ef676f303afcb7d728287e897a55e84e8c8b9e772da447b31158d0912877fa7d4", + "945b4d15c382f7d102400ddde317e2e36185af01baf78092b97884664cb233e942", + "1002d0268a7c79a3c313c167b4903466bfacd4da3bdb99420df988ab89cdd96a10", + "2da2852ff7c134e5024100bafb0dac0fda53f9c755c23483343922727b88a5256a", + "6fb47242e1c99b8f8a2c914f39f7af301219245786a6bb15336231d6a9b57ee7e0", + "b3dd75129f93f54ecf" ))]; assert_tokens(&signing_key.readable(), &tokens); diff --git a/src/pss/verifying_key.rs b/src/pss/verifying_key.rs index de96a1f5..9989a9ec 100644 --- a/src/pss/verifying_key.rs +++ b/src/pss/verifying_key.rs @@ -234,13 +234,17 @@ mod tests { use sha2::Sha256; let mut rng = ChaCha8Rng::from_seed([42; 32]); - let priv_key = crate::RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); + let priv_key = crate::RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); let pub_key = priv_key.to_public_key(); let verifying_key = VerifyingKey::::new(pub_key); - let tokens = [Token::Str( - "3024300d06092a864886f70d01010105000313003010020900ab240c3361d02e370203010001", - )]; + let tokens = [Token::Str(concat!( + "30819f300d06092a864886f70d010101050003818d0030818902818100cd1419dc", + "3771354bee0955a90489cce0c98aee6577851358afe386a68bc95287862a1157d5", + "aba8847e8e57b6f2f94748ab7efda3f3c74a6702329397ffe0b1d4f76e1b025d87", + "d583e48b3cfce99d6a507d94eb46c5242b3addb54d346ecf43eb0d7343bcb258a3", + "1d5fa51f47b9e0d7280623901d1d29af1a986fec92ba5fe2430203010001", + ))]; assert_tokens(&verifying_key.readable(), &tokens); } diff --git a/tests/proptests.rs b/tests/proptests.rs index eaeeebea..b6aeaa47 100644 --- a/tests/proptests.rs +++ b/tests/proptests.rs @@ -14,7 +14,7 @@ prop_compose! { // WARNING: do *NOT* copy and paste this code. It's insecure and optimized for test speed. fn private_key()(seed in any::<[u8; 32]>()) -> RsaPrivateKey { let mut rng = ChaCha8Rng::from_seed(seed); - RsaPrivateKey::new(&mut rng, 512).unwrap() + RsaPrivateKey::new(&mut rng, 2048).unwrap() } } From 172db8c78d418ea172667e5cf0a178550c96cd02 Mon Sep 17 00:00:00 2001 From: pinkforest <36498018+pinkforest@users.noreply.github.com> Date: Fri, 15 Aug 2025 06:33:31 +0000 Subject: [PATCH 3/4] Disable typos checking for now --- .github/workflows/workspace.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/workspace.yml b/.github/workflows/workspace.yml index f4709cd2..7de23fc5 100644 --- a/.github/workflows/workspace.yml +++ b/.github/workflows/workspace.yml @@ -51,8 +51,9 @@ jobs: RUSTDOCFLAGS: "-Dwarnings --cfg docsrs" run: cargo doc --no-deps --features std,serde,hazmat,sha2 - typos: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: crate-ci/typos@v1.35.1 +# does not understand concat! macro +# typos: +# runs-on: ubuntu-latest +# steps: +# - uses: actions/checkout@v4 +# - uses: crate-ci/typos@v1.35.1 From 36d432184847e9e40d5ad87d91670cf8896a4331 Mon Sep 17 00:00:00 2001 From: pinkforest <36498018+pinkforest@users.noreply.github.com> Date: Fri, 15 Aug 2025 18:04:00 +0000 Subject: [PATCH 4/4] Add hazmat RSAPrivateKey::new_unchecked and move protests under hazmat insecure 64bit keys --- src/key.rs | 19 +++++++++++++++++++ tests/proptests.rs | 3 ++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/src/key.rs b/src/key.rs index e73f49d2..9cd6e05e 100644 --- a/src/key.rs +++ b/src/key.rs @@ -297,6 +297,25 @@ impl RsaPrivateKey { Self::new_with_exp(rng, bit_size, BoxedUint::from(Self::EXP)) } + /// Generate a new Rsa key pair of the given bit size using the passed in `rng + /// and allowing hazardous insecure or weak constructions of `RsaPrivateKey + /// + /// Unless you have specific needs, you should use `RsaPrivateKey::new` instead + #[cfg(feature = "hazmat")] + pub fn new_unchecked( + rng: &mut R, + bit_size: usize, + ) -> Result { + let components = + generate_multi_prime_key_with_exp(rng, 2, bit_size, BoxedUint::from(Self::EXP))?; + RsaPrivateKey::from_components_unchecked( + components.n.get(), + components.e, + components.d, + components.primes, + ) + } + /// Generate a new RSA key pair of the given bit size and the public exponent /// using the passed in `rng`. /// diff --git a/tests/proptests.rs b/tests/proptests.rs index b6aeaa47..992467b0 100644 --- a/tests/proptests.rs +++ b/tests/proptests.rs @@ -1,3 +1,4 @@ +#![cfg(feature = "hazmat")] //! Property-based tests. use proptest::prelude::*; @@ -14,7 +15,7 @@ prop_compose! { // WARNING: do *NOT* copy and paste this code. It's insecure and optimized for test speed. fn private_key()(seed in any::<[u8; 32]>()) -> RsaPrivateKey { let mut rng = ChaCha8Rng::from_seed(seed); - RsaPrivateKey::new(&mut rng, 2048).unwrap() + RsaPrivateKey::new_unchecked(&mut rng, 521).unwrap() } }