diff --git a/src/algorithms/mgf.rs b/src/algorithms/mgf.rs index 009a5030..b0ca5533 100644 --- a/src/algorithms/mgf.rs +++ b/src/algorithms/mgf.rs @@ -1,11 +1,14 @@ //! Mask generation function common to both PSS and OAEP padding -use digest::{Digest, DynDigest, FixedOutputReset}; +use digest::{Digest, FixedOutputReset}; /// Mask generation function. /// /// Panics if out is larger than 2**32. This is in accordance with RFC 8017 - PKCS #1 B.2.1 -pub(crate) fn mgf1_xor(out: &mut [u8], digest: &mut dyn DynDigest, seed: &[u8]) { +pub(crate) fn mgf1_xor(out: &mut [u8], digest: &mut D, seed: &[u8]) +where + D: Digest + FixedOutputReset, +{ let mut counter = [0u8; 4]; let mut i = 0; @@ -17,7 +20,7 @@ pub(crate) fn mgf1_xor(out: &mut [u8], digest: &mut dyn DynDigest, seed: &[u8]) digest_input[0..seed.len()].copy_from_slice(seed); digest_input[seed.len()..].copy_from_slice(&counter); - digest.update(digest_input.as_slice()); + Digest::update(digest, digest_input.as_slice()); let digest_output = &*digest.finalize_reset(); let mut j = 0; loop { diff --git a/src/algorithms/oaep.rs b/src/algorithms/oaep.rs index da069bba..178dde80 100644 --- a/src/algorithms/oaep.rs +++ b/src/algorithms/oaep.rs @@ -3,7 +3,7 @@ use alloc::boxed::Box; use alloc::vec::Vec; -use digest::{Digest, DynDigest, FixedOutputReset}; +use digest::{Digest, FixedOutputReset}; use rand_core::TryCryptoRng; use subtle::{Choice, ConditionallySelectable, ConstantTimeEq, CtOption}; use zeroize::Zeroizing; @@ -57,22 +57,27 @@ fn encrypt_internal( /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -pub(crate) fn oaep_encrypt( +pub(crate) fn oaep_encrypt( rng: &mut R, msg: &[u8], - digest: &mut dyn DynDigest, - mgf_digest: &mut dyn DynDigest, + digest: &mut D, + mgf_digest: &mut MGD, label: Option>, k: usize, -) -> Result>> { - let h_size = digest.output_size(); +) -> Result>> +where + R: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ + let h_size = ::output_size(); let label = label.unwrap_or_default(); if label.len() as u64 >= MAX_LABEL_LEN { return Err(Error::LabelTooLong); } - digest.update(&label); + Digest::update(digest, &label); let p_hash = digest.finalize_reset(); encrypt_internal(rng, msg, &p_hash, h_size, k, |seed, db| { @@ -89,16 +94,17 @@ pub(crate) fn oaep_encrypt( /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -pub(crate) fn oaep_encrypt_digest< - R: TryCryptoRng + ?Sized, - D: Digest, - MGD: Digest + FixedOutputReset, ->( +pub(crate) fn oaep_encrypt_digest( rng: &mut R, msg: &[u8], label: Option>, k: usize, -) -> Result>> { +) -> Result>> +where + R: TryCryptoRng + ?Sized, + D: Digest, + MGD: Digest + FixedOutputReset, +{ let h_size = ::output_size(); let label = label.unwrap_or_default(); @@ -126,21 +132,25 @@ pub(crate) fn oaep_encrypt_digest< /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -pub(crate) fn oaep_decrypt( +pub(crate) fn oaep_decrypt( em: &mut [u8], - digest: &mut dyn DynDigest, - mgf_digest: &mut dyn DynDigest, + digest: &mut D, + mgf_digest: &mut MGD, label: Option>, k: usize, -) -> Result> { - let h_size = digest.output_size(); +) -> Result> +where + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ + let h_size = ::output_size(); let label = label.unwrap_or_default(); if label.len() as u64 >= MAX_LABEL_LEN { return Err(Error::Decryption); } - digest.update(&label); + Digest::update(digest, &label); let expected_p_hash = digest.finalize_reset(); @@ -168,11 +178,15 @@ pub(crate) fn oaep_decrypt( /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -pub(crate) fn oaep_decrypt_digest( +pub(crate) fn oaep_decrypt_digest( em: &mut [u8], label: Option>, k: usize, -) -> Result> { +) -> Result> +where + D: Digest, + MGD: Digest + FixedOutputReset, +{ let h_size = ::output_size(); let label = label.unwrap_or_default(); diff --git a/src/algorithms/pss.rs b/src/algorithms/pss.rs index 61780c6d..1ef482f8 100644 --- a/src/algorithms/pss.rs +++ b/src/algorithms/pss.rs @@ -10,20 +10,23 @@ //! [RFC8017 ยง 8.1]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.1 use alloc::vec::Vec; -use digest::{Digest, DynDigest, FixedOutputReset}; +use digest::{Digest, FixedOutputReset}; use subtle::{Choice, ConditionallySelectable, ConstantTimeEq}; use super::mgf::{mgf1_xor, mgf1_xor_digest}; use crate::errors::{Error, Result}; -pub(crate) fn emsa_pss_encode( +pub(crate) fn emsa_pss_encode( m_hash: &[u8], em_bits: usize, salt: &[u8], - hash: &mut dyn DynDigest, -) -> Result> { + hash: &mut D, +) -> Result> +where + D: Digest + FixedOutputReset, +{ // See [1], section 9.1.1 - let h_len = hash.output_size(); + let h_len = ::output_size(); let s_len = salt.len(); let em_len = em_bits.div_ceil(8); @@ -59,9 +62,9 @@ pub(crate) fn emsa_pss_encode( // 6. Let H = Hash(M'), an octet string of length h_len. let prefix = [0u8; 8]; - hash.update(&prefix); - hash.update(m_hash); - hash.update(salt); + Digest::update(hash, prefix); + Digest::update(hash, m_hash); + Digest::update(hash, salt); let hashed = hash.finalize_reset(); h.copy_from_slice(&hashed); @@ -267,17 +270,20 @@ fn emsa_pss_get_salt_len(db: &[u8], em_len: usize, h_len: usize) -> (usize, Choi (result_len as usize, final_valid) } -pub(crate) fn emsa_pss_verify( +pub(crate) fn emsa_pss_verify( m_hash: &[u8], em: &mut [u8], s_len: Option, - hash: &mut dyn DynDigest, + hash: &mut D, key_bits: usize, -) -> Result<()> { +) -> Result<()> +where + D: Digest + FixedOutputReset, +{ let em_bits = key_bits - 1; let em_len = em_bits.div_ceil(8); let key_len = key_bits.div_ceil(8); - let h_len = hash.output_size(); + let h_len = ::output_size(); let em = &mut em[key_len - em_len..]; @@ -308,13 +314,13 @@ pub(crate) fn emsa_pss_verify( // 13. Let H' = Hash(M'), an octet string of length hLen. let prefix = [0u8; 8]; - hash.update(&prefix[..]); - hash.update(m_hash); - hash.update(salt); + Digest::update(hash, &prefix[..]); + Digest::update(hash, m_hash); + Digest::update(hash, salt); let h0 = hash.finalize_reset(); // 14. If H = H', output "consistent." Otherwise, output "inconsistent." - if (salt_valid & h0.ct_eq(h)).into() { + if (salt_valid & h0.as_slice().ct_eq(h)).into() { Ok(()) } else { Err(Error::Verification) diff --git a/src/lib.rs b/src/lib.rs index 91030abf..83796091 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -34,12 +34,12 @@ //! //! // Encrypt //! let data = b"hello world"; -//! let padding = Oaep::new::(); +//! let padding = Oaep::::new(); //! let enc_data = public_key.encrypt(&mut rng, padding, &data[..]).expect("failed to encrypt"); //! assert_ne!(&data[..], &enc_data[..]); //! //! // Decrypt -//! let padding = Oaep::new::(); +//! let padding = Oaep::::new(); //! let dec_data = private_key.decrypt(padding, &enc_data).expect("failed to decrypt"); //! assert_eq!(&data[..], &dec_data[..]); //! ``` diff --git a/src/oaep.rs b/src/oaep.rs index cc71d043..c3bf49e5 100644 --- a/src/oaep.rs +++ b/src/oaep.rs @@ -14,7 +14,7 @@ use alloc::vec::Vec; use core::fmt; use crypto_bigint::BoxedUint; -use digest::{Digest, DynDigest, FixedOutputReset}; +use digest::{Digest, FixedOutputReset}; use rand_core::TryCryptoRng; use crate::algorithms::oaep::*; @@ -35,18 +35,30 @@ use crate::traits::{PaddingScheme, PublicKeyParts}; /// /// A prominent example is the [`AndroidKeyStore`](https://developer.android.com/guide/topics/security/cryptography#oaep-mgf1-digest). /// It uses SHA-1 for `mgf_digest` and a user-chosen SHA flavour for `digest`. -pub struct Oaep { +pub struct Oaep { /// Digest type to use. - pub digest: Box, + pub digest: D, /// Digest to use for Mask Generation Function (MGF). - pub mgf_digest: Box, + pub mgf_digest: MGD, /// Optional label. pub label: Option>, } -impl Oaep { +impl Default for Oaep +where + D: Digest + FixedOutputReset, +{ + fn default() -> Self { + Self::new() + } +} + +impl Oaep +where + D: Digest + FixedOutputReset, +{ /// Create a new OAEP `PaddingScheme`, using `T` as the hash function for both the default (empty) label and for MGF1. /// /// # Example @@ -64,28 +76,32 @@ impl Oaep { /// /// let mut rng = rand::thread_rng(); /// let key = RsaPublicKey::new(n, e).unwrap(); - /// let padding = Oaep::new::(); + /// let padding = Oaep::::new(); /// let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap(); /// ``` - pub fn new() -> Self { + pub fn new() -> Self { Self { - digest: Box::new(T::new()), - mgf_digest: Box::new(T::new()), + digest: D::new(), + mgf_digest: D::new(), label: None, } } /// Create a new OAEP `PaddingScheme` with an associated `label`, using `T` as the hash function for both the label and for MGF1. - pub fn new_with_label>>( - label: S, - ) -> Self { + pub fn new_with_label>>(label: S) -> Self { Self { - digest: Box::new(T::new()), - mgf_digest: Box::new(T::new()), + digest: D::new(), + mgf_digest: D::new(), label: Some(label.into()), } } +} +impl Oaep +where + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ /// Create a new OAEP `PaddingScheme`, using `T` as the hash function for the default (empty) label, and `U` as the hash function for MGF1. /// If a label is needed use `PaddingScheme::new_oaep_with_label` or `PaddingScheme::new_oaep_with_mgf_hash_with_label`. /// @@ -104,37 +120,32 @@ impl Oaep { /// /// let mut rng = rand::thread_rng(); /// let key = RsaPublicKey::new(n, e).unwrap(); - /// let padding = Oaep::new_with_mgf_hash::(); + /// let padding = Oaep::::new_with_mgf_hash(); /// let encrypted_data = key.encrypt(&mut rng, padding, b"secret").unwrap(); /// ``` - pub fn new_with_mgf_hash< - T: 'static + Digest + DynDigest + Send + Sync, - U: 'static + Digest + DynDigest + Send + Sync, - >() -> Self { + pub fn new_with_mgf_hash() -> Self { Self { - digest: Box::new(T::new()), - mgf_digest: Box::new(U::new()), + digest: D::new(), + mgf_digest: MGD::new(), label: None, } } /// Create a new OAEP `PaddingScheme` with an associated `label`, using `T` as the hash function for the label, and `U` as the hash function for MGF1. - pub fn new_with_mgf_hash_and_label< - T: 'static + Digest + DynDigest + Send + Sync, - U: 'static + Digest + DynDigest + Send + Sync, - S: Into>, - >( - label: S, - ) -> Self { + pub fn new_with_mgf_hash_and_label>>(label: S) -> Self { Self { - digest: Box::new(T::new()), - mgf_digest: Box::new(U::new()), + digest: D::new(), + mgf_digest: MGD::new(), label: Some(label.into()), } } } -impl PaddingScheme for Oaep { +impl PaddingScheme for Oaep +where + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ fn decrypt( mut self, rng: Option<&mut Rng>, @@ -145,8 +156,8 @@ impl PaddingScheme for Oaep { rng, priv_key, ciphertext, - &mut *self.digest, - &mut *self.mgf_digest, + &mut self.digest, + &mut self.mgf_digest, self.label, ) } @@ -161,14 +172,14 @@ impl PaddingScheme for Oaep { rng, pub_key, msg, - &mut *self.digest, - &mut *self.mgf_digest, + &mut self.digest, + &mut self.mgf_digest, self.label, ) } } -impl fmt::Debug for Oaep { +impl fmt::Debug for Oaep { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { f.debug_struct("OAEP") .field("digest", &"...") @@ -186,14 +197,19 @@ impl fmt::Debug for Oaep { /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -fn encrypt( +fn encrypt( rng: &mut R, pub_key: &RsaPublicKey, msg: &[u8], - digest: &mut dyn DynDigest, - mgf_digest: &mut dyn DynDigest, + digest: &mut D, + mgf_digest: &mut MGD, label: Option>, -) -> Result> { +) -> Result> +where + R: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ key::check_public(pub_key)?; let em = oaep_encrypt(rng, msg, digest, mgf_digest, label, pub_key.size())?; @@ -209,12 +225,17 @@ fn encrypt( /// `2 + (2 * hash.size())`. /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 -fn encrypt_digest( +fn encrypt_digest( rng: &mut R, pub_key: &RsaPublicKey, msg: &[u8], label: Option>, -) -> Result> { +) -> Result> +where + R: TryCryptoRng + ?Sized, + D: Digest, + MGD: Digest + FixedOutputReset, +{ key::check_public(pub_key)?; let em = oaep_encrypt_digest::<_, D, MGD>(rng, msg, label, pub_key.size())?; @@ -236,14 +257,19 @@ fn encrypt_digest( +fn decrypt( rng: Option<&mut R>, priv_key: &RsaPrivateKey, ciphertext: &[u8], - digest: &mut dyn DynDigest, - mgf_digest: &mut dyn DynDigest, + digest: &mut D, + mgf_digest: &mut MGD, label: Option>, -) -> Result> { +) -> Result> +where + R: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, + MGD: Digest + FixedOutputReset, +{ if ciphertext.len() != priv_key.size() { return Err(Error::Decryption); } @@ -269,12 +295,17 @@ fn decrypt( /// /// [PKCS#1 OAEP]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1 #[inline] -fn decrypt_digest( +fn decrypt_digest( rng: Option<&mut R>, priv_key: &RsaPrivateKey, ciphertext: &[u8], label: Option>, -) -> Result> { +) -> Result> +where + R: TryCryptoRng + ?Sized, + D: Digest, + MGD: Digest + FixedOutputReset, +{ key::check_public(priv_key)?; if ciphertext.len() != priv_key.size() { @@ -296,7 +327,7 @@ mod tests { use crate::traits::{Decryptor, RandomizedDecryptor, RandomizedEncryptor}; use crypto_bigint::BoxedUint; - use digest::{Digest, DynDigest, FixedOutputReset}; + use digest::{Digest, FixedOutputReset}; use rand_chacha::{ rand_core::{RngCore, SeedableRng}, ChaCha8Rng, @@ -378,9 +409,7 @@ mod tests { } } - fn do_test_encrypt_decrypt_oaep( - prk: &RsaPrivateKey, - ) { + fn do_test_encrypt_decrypt_oaep(prk: &RsaPrivateKey) { let mut rng = ChaCha8Rng::from_seed([42; 32]); let k = prk.size(); @@ -397,10 +426,10 @@ mod tests { let pub_key: RsaPublicKey = prk.into(); let ciphertext = if let Some(ref label) = label { - let padding = Oaep::new_with_label::(label.clone()); + let padding = Oaep::::new_with_label(label.clone()); pub_key.encrypt(&mut rng, padding, &input).unwrap() } else { - let padding = Oaep::new::(); + let padding = Oaep::::new(); pub_key.encrypt(&mut rng, padding, &input).unwrap() }; @@ -408,9 +437,9 @@ mod tests { let blind: bool = rng.next_u32() < (1 << 31); let padding = if let Some(label) = label { - Oaep::new_with_label::>(label) + Oaep::::new_with_label::>(label) } else { - Oaep::new::() + Oaep::::new() }; let plaintext = if blind { @@ -424,8 +453,8 @@ mod tests { } fn do_test_oaep_with_different_hashes< - D: 'static + Digest + DynDigest + Send + Sync, - U: 'static + Digest + DynDigest + Send + Sync, + D: Digest + FixedOutputReset, + U: Digest + FixedOutputReset, >( prk: &RsaPrivateKey, ) { @@ -445,10 +474,10 @@ mod tests { let pub_key: RsaPublicKey = prk.into(); let ciphertext = if let Some(ref label) = label { - let padding = Oaep::new_with_mgf_hash_and_label::(label.clone()); + let padding = Oaep::::new_with_mgf_hash_and_label::<_>(label.clone()); pub_key.encrypt(&mut rng, padding, &input).unwrap() } else { - let padding = Oaep::new_with_mgf_hash::(); + let padding = Oaep::::new_with_mgf_hash(); pub_key.encrypt(&mut rng, padding, &input).unwrap() }; @@ -456,9 +485,9 @@ mod tests { let blind: bool = rng.next_u32() < (1 << 31); let padding = if let Some(label) = label { - Oaep::new_with_mgf_hash_and_label::(label) + Oaep::::new_with_mgf_hash_and_label::<_>(label) } else { - Oaep::new_with_mgf_hash::() + Oaep::::new_with_mgf_hash() }; let plaintext = if blind { @@ -477,13 +506,13 @@ mod tests { let priv_key = get_private_key(); let pub_key: RsaPublicKey = (&priv_key).into(); let ciphertext = pub_key - .encrypt(&mut rng, Oaep::new::(), "a_plain_text".as_bytes()) + .encrypt(&mut rng, Oaep::::new(), "a_plain_text".as_bytes()) .unwrap(); assert!( priv_key .decrypt_blinded( &mut rng, - Oaep::new_with_label::("label".as_bytes()), + Oaep::::new_with_label::<_>("label".as_bytes()), &ciphertext, ) .is_err(), diff --git a/src/pss.rs b/src/pss.rs index d27dc1ab..3a967c9d 100644 --- a/src/pss.rs +++ b/src/pss.rs @@ -19,11 +19,11 @@ pub use self::{ verifying_key::VerifyingKey, }; -use alloc::{boxed::Box, vec::Vec}; +use alloc::vec::Vec; use core::fmt::{self, Debug}; use crypto_bigint::BoxedUint; -use digest::{Digest, DynDigest, FixedOutputReset}; +use digest::{Digest, FixedOutputReset}; use rand_core::TryCryptoRng; use crate::algorithms::pad::{uint_to_be_pad, uint_to_zeroizing_be_pad}; @@ -43,54 +43,67 @@ use { }; /// Digital signatures using PSS padding. -pub struct Pss { +pub struct Pss { /// Create blinded signatures. pub blinded: bool, /// Digest type to use. - pub digest: Box, + pub digest: D, /// Salt length. /// Required for signing, optional for verifying. pub salt_len: Option, } -impl Pss { +impl Default for Pss +where + D: Digest, +{ + fn default() -> Self { + Self::new() + } +} + +impl Pss +where + D: Digest, +{ /// New PSS padding for the given digest. /// Digest output size is used as a salt length. - pub fn new() -> Self { - Self::new_with_salt::(::output_size()) + pub fn new() -> Self { + Self::new_with_salt(::output_size()) } /// New PSS padding for the given digest with a salt value of the given length. - pub fn new_with_salt(len: usize) -> Self { + pub fn new_with_salt(len: usize) -> Self { Self { blinded: false, - digest: Box::new(T::new()), + digest: D::new(), salt_len: Some(len), } } /// New PSS padding for blinded signatures (RSA-BSSA) for the given digest. /// Digest output size is used as a salt length. - pub fn new_blinded() -> Self { - Self::new_blinded_with_salt::(::output_size()) + pub fn new_blinded() -> Self { + Self::new_blinded_with_salt(::output_size()) } /// New PSS padding for blinded signatures (RSA-BSSA) for the given digest /// with a salt value of the given length. - pub fn new_blinded_with_salt( - len: usize, - ) -> Self { + pub fn new_blinded_with_salt(len: usize) -> Self { Self { blinded: true, - digest: Box::new(T::new()), + digest: D::new(), salt_len: Some(len), } } } -impl SignatureScheme for Pss { +impl SignatureScheme for Pss +where + D: Digest + FixedOutputReset, +{ fn sign( mut self, rng: Option<&mut Rng>, @@ -103,7 +116,7 @@ impl SignatureScheme for Pss { priv_key, hashed, self.salt_len.expect("salt_len to be Some"), - &mut *self.digest, + &mut self.digest, ) } @@ -113,13 +126,13 @@ impl SignatureScheme for Pss { hashed, &BoxedUint::from_be_slice_vartime(sig), sig.len(), - &mut *self.digest, + &mut self.digest, self.salt_len, ) } } -impl Debug for Pss { +impl Debug for Pss { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { f.debug_struct("PSS") .field("blinded", &self.blinded) @@ -129,14 +142,17 @@ impl Debug for Pss { } } -pub(crate) fn verify( +pub(crate) fn verify( pub_key: &RsaPublicKey, hashed: &[u8], sig: &BoxedUint, sig_len: usize, - digest: &mut dyn DynDigest, + digest: &mut D, salt_len: Option, -) -> Result<()> { +) -> Result<()> +where + D: Digest + FixedOutputReset, +{ if sig_len != pub_key.size() { return Err(Error::Verification); } @@ -170,27 +186,35 @@ where /// Note that hashed must be the result of hashing the input message using the /// given hash function. The opts argument may be nil, in which case sensible /// defaults are used. -pub(crate) fn sign( +pub(crate) fn sign( rng: &mut T, blind: bool, priv_key: &RsaPrivateKey, hashed: &[u8], salt_len: usize, - digest: &mut dyn DynDigest, -) -> Result> { + digest: &mut D, +) -> Result> +where + T: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, +{ let mut salt = vec![0; salt_len]; rng.try_fill_bytes(&mut salt[..]).map_err(|_| Error::Rng)?; sign_pss_with_salt(blind.then_some(rng), priv_key, hashed, &salt, digest) } -pub(crate) fn sign_digest( +pub(crate) fn sign_digest( rng: &mut T, blind: bool, priv_key: &RsaPrivateKey, hashed: &[u8], salt_len: usize, -) -> Result> { +) -> Result> +where + T: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, +{ let mut salt = vec![0; salt_len]; rng.try_fill_bytes(&mut salt[..]).map_err(|_| Error::Rng)?; @@ -202,13 +226,17 @@ pub(crate) fn sign_digest( +fn sign_pss_with_salt( blind_rng: Option<&mut T>, priv_key: &RsaPrivateKey, hashed: &[u8], salt: &[u8], - digest: &mut dyn DynDigest, -) -> Result> { + digest: &mut D, +) -> Result> +where + T: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, +{ let em_bits = priv_key.n().bits() - 1; let em = emsa_pss_encode(hashed, em_bits as _, salt, digest)?; @@ -218,12 +246,16 @@ fn sign_pss_with_salt( uint_to_zeroizing_be_pad(raw, priv_key.size()) } -fn sign_pss_with_salt_digest( +fn sign_pss_with_salt_digest( blind_rng: Option<&mut T>, priv_key: &RsaPrivateKey, hashed: &[u8], salt: &[u8], -) -> Result> { +) -> Result> +where + T: TryCryptoRng + ?Sized, + D: Digest + FixedOutputReset, +{ let em_bits = priv_key.n().bits() - 1; let em = emsa_pss_encode_digest::(hashed, em_bits as _, salt)?; @@ -319,7 +351,7 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let pub_key: RsaPublicKey = priv_key.into(); let digest = Sha1::digest(text.as_bytes()).to_vec(); - let result = pub_key.verify(Pss::new::(), &digest, &sig); + let result = pub_key.verify(Pss::::new(), &digest, &sig); match expected { true => result.expect("failed to verify"), @@ -413,12 +445,12 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let digest = Sha1::digest(test.as_bytes()).to_vec(); let sig = priv_key - .sign_with_rng(&mut rng.clone(), Pss::new::(), &digest) + .sign_with_rng(&mut rng.clone(), Pss::::new(), &digest) .expect("failed to sign"); priv_key .to_public_key() - .verify(Pss::new::(), &digest, &sig) + .verify(Pss::::new(), &digest, &sig) .expect("failed to verify"); } @@ -431,12 +463,12 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let digest = Sha1::digest(test.as_bytes()).to_vec(); let sig = priv_key - .sign_with_rng(&mut rng.clone(), Pss::new_blinded::(), &digest) + .sign_with_rng(&mut rng.clone(), Pss::::new_blinded(), &digest) .expect("failed to sign"); priv_key .to_public_key() - .verify(Pss::new::(), &digest, &sig) + .verify(Pss::::new(), &digest, &sig) .expect("failed to verify"); } @@ -597,12 +629,12 @@ tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V let digest = Sha1::digest(plaintext.as_bytes()).to_vec(); let sig = priv_key - .sign_with_rng(&mut rng, Pss::new::(), &digest) + .sign_with_rng(&mut rng, Pss::::new(), &digest) .expect("failed to sign"); priv_key .to_public_key() - .verify(Pss::new::(), &digest, &sig) + .verify(Pss::::new(), &digest, &sig) .expect("failed to verify"); } }