rsa: Fix method receivers, add DSSE test

Signed-off-by: Aditya Sirish <[email protected]>

Author: adityasaky

signerverifier/rsa.go

@@ -65,7 +65,7 @@ func (sv *RSAPSSSignerVerifier) Sign(ctx context.Context, data []byte) ([]byte,
 	return rsa.SignPSS(rand.Reader, sv.private, crypto.SHA256, hashedData, &rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256})
 }
 
-func (sv RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error {
+func (sv *RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []byte) error {
 	hashedData := hashBeforeSigning(data, sha256.New())
 
 	if err := rsa.VerifyPSS(sv.public, crypto.SHA256, hashedData, sig, &rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256}); err != nil {
@@ -75,11 +75,11 @@ func (sv RSAPSSSignerVerifier) Verify(ctx context.Context, data []byte, sig []by
 	return nil
 }
 
-func (sv RSAPSSSignerVerifier) KeyID() (string, error) {
+func (sv *RSAPSSSignerVerifier) KeyID() (string, error) {
 	return sv.keyID, nil
 }
 
-func (sv RSAPSSSignerVerifier) Public() crypto.PublicKey {
+func (sv *RSAPSSSignerVerifier) Public() crypto.PublicKey {
 	return sv.public
 }
 

signerverifier/rsa_test.go

@@ -6,6 +6,7 @@ import (
 	"path/filepath"
 	"testing"
 
+	"github.com/secure-systems-lab/go-securesystemslib/dsse"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -67,3 +68,52 @@ func TestRSAPSSSignerVerifierSignAndVerify(t *testing.T) {
 		assert.ErrorIs(t, err, ErrNotPrivateKey)
 	})
 }
+
+func TestRSAPSSSignerVerifierWithDSSEEnvelope(t *testing.T) {
+	key, err := LoadRSAPSSKeyFromFile(filepath.Join("test-data", "rsa-test-key"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sv, err := NewRSAPSSSignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	payloadType := "application/vnd.dsse+json"
+	payload := []byte("test message")
+
+	es, err := dsse.NewEnvelopeSigner(sv)
+	if err != nil {
+		t.Error(err)
+	}
+
+	env, err := es.SignPayload(context.Background(), payloadType, payload)
+	if err != nil {
+		t.Error(err)
+	}
+
+	assert.Equal(t, "966c5d84ba73ccded42eb473c939d77336e4def253ffaf6739f8e983ef73dad8", env.Signatures[0].KeyID)
+	envPayload, err := env.DecodeB64Payload()
+	assert.Equal(t, payload, envPayload)
+	assert.Nil(t, err)
+
+	key, err = LoadRSAPSSKeyFromFile(filepath.Join("test-data", "rsa-test-key.pub"))
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	sv, err = NewRSAPSSSignerVerifierFromSSLibKey(key)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	ev, err := dsse.NewEnvelopeVerifier(sv)
+	if err != nil {
+		t.Error(err)
+	}
+
+	acceptedKeys, err := ev.Verify(context.Background(), env)
+	assert.Nil(t, err)
+	assert.Equal(t, "966c5d84ba73ccded42eb473c939d77336e4def253ffaf6739f8e983ef73dad8", acceptedKeys[0].KeyID)
+}