Start with RSA signing! Looks like it works against Haskell RSA test vectors.

2018-04-30 13:05:57 -07:00
parent 2eacea8ff9
commit d9df506920
6 changed files with 10218 additions and 3 deletions
--- a/src/rsa/gold_tests.rs
+++ b/src/rsa/gold_tests.rs
@@ -0,0 +1,37 @@
+use rsa::*;
+use testing::{make_unsigned,run_test};
+
+fn get_signing_hash(s: usize) -> &'static SigningHash {
+    match s {
+        0x1   => &SIGNING_HASH_SHA1,
+        0x224 => &SIGNING_HASH_SHA224,
+        0x256 => &SIGNING_HASH_SHA256,
+        0x384 => &SIGNING_HASH_SHA384,
+        0x512 => &SIGNING_HASH_SHA512,
+        _     => panic!("Unacceptable hash")
+    }
+}
+
+#[test]
+fn rsa_signature_tests()
+{
+    run_test("tests/rsa/signature.test", 7, |case| {
+        let (neg0, dbytes) = case.get("d").unwrap();
+        let (neg1, nbytes) = case.get("n").unwrap();
+        let (neg2, hbytes) = case.get("h").unwrap();
+        let (neg2, kbytes) = case.get("k").unwrap();
+        let (neg3, msg)    = case.get("m").unwrap();
+        let (neg4, sig)    = case.get("s").unwrap();
+
+        assert!(!neg0 & !neg1 & !neg2 & !neg3 & !neg4);
+        let hash = get_signing_hash(usize::from(UCN::from_bytes(hbytes)));
+        let size = usize::from(UCN::from_bytes(kbytes));
+        let key  = RSAPrivate::new(UCN::from_bytes(nbytes),
+                                   UCN::from_bytes(dbytes));
+
+        assert!(size % 8 == 0);
+        assert_eq!(key.byte_len * 8, size);
+        let sig2 = key.sign(hash, &msg);
+        assert_eq!(*sig, sig2);
+    });
+}
--- a/src/rsa/mod.rs
+++ b/src/rsa/mod.rs
@@ -1,5 +1,7 @@
 mod core;
 mod errors;
+#[cfg(test)]
+mod gold_tests;
 mod public;
 mod private;
 mod signing_hashes;
--- a/src/rsa/private.rs
+++ b/src/rsa/private.rs
@@ -50,7 +50,7 @@ impl RSAPrivate {
        let len = n.bits();

        for &(valid_bits, _) in ACCEPTABLE_KEY_SIZES.iter() {
-            if valid_bits > len {
+            if valid_bits >= len {
                return RSAPrivate {
                    byte_len: valid_bits / 8,
                    n: n.clone(),
@@ -61,4 +61,14 @@ impl RSAPrivate {
        }
        panic!("Invalid RSA key size in new()")
    }
+
+    /// Sign a message using the given hash.
+    pub fn sign(&self, sighash: &SigningHash, msg: &[u8]) -> Vec<u8> {
+        let hash = (sighash.run)(msg);
+        let em   = pkcs1_pad(&sighash.ident, &hash, self.byte_len);
+        let m    = UCN::from_bytes(&em);
+        let s    = sp1(&self.nu, &self.d, &m);
+        let sig  = s.to_bytes(self.byte_len);
+        sig
+    }
 }