From 28ed65682257d9b7af2de577f54e31de30ad0577 Mon Sep 17 00:00:00 2001 From: LWEdslev <202010638@post.au.dk> Date: Tue, 26 Mar 2024 20:34:39 +0100 Subject: [PATCH] use built-in serialization --- src/pkcs1v15/signature.rs | 12 +++--------- src/pkcs1v15/signing_key.rs | 11 ++++------- src/pkcs1v15/verifying_key.rs | 8 +++----- src/pss/blinded_signing_key.rs | 21 ++++++++++++++------- src/pss/signature.rs | 17 +++++++---------- src/pss/signing_key.rs | 21 ++++++++++++++------- src/pss/verifying_key.rs | 23 +++++++++++++++-------- 7 files changed, 60 insertions(+), 53 deletions(-) diff --git a/src/pkcs1v15/signature.rs b/src/pkcs1v15/signature.rs index f263741c..d8fd2708 100644 --- a/src/pkcs1v15/signature.rs +++ b/src/pkcs1v15/signature.rs @@ -4,7 +4,7 @@ use crate::algorithms::pad::uint_to_be_pad; use ::signature::SignatureEncoding; use alloc::{boxed::Box, string::ToString}; #[cfg(feature = "serde")] -use serdect::serde::{Deserialize, Serialize}; +use serdect::serde::{de, Deserialize, Serialize}; use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex}; use num_bigint::BigUint; use spki::{ @@ -88,7 +88,7 @@ impl Serialize for Signature { where S: serdect::serde::Serializer, { - serdect::slice::serialize_hex_lower_or_bin(&self.inner.to_bytes_be(), serializer) + serdect::slice::serialize_hex_lower_or_bin(&self.to_bytes(), serializer) } } @@ -98,13 +98,7 @@ impl<'de> Deserialize<'de> for Signature { where D: serdect::serde::Deserializer<'de>, { - let bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let inner = BigUint::from_bytes_be(&bytes); - - Ok(Self { - inner, - len: bytes.len(), - }) + serdect::slice::deserialize_hex_or_bin_vec(deserializer)?.as_slice().try_into().map_err(de::Error::custom) } } diff --git a/src/pkcs1v15/signing_key.rs b/src/pkcs1v15/signing_key.rs index d8d4bc33..c5179803 100644 --- a/src/pkcs1v15/signing_key.rs +++ b/src/pkcs1v15/signing_key.rs @@ -7,15 +7,13 @@ use pkcs8::{ spki::{ der::AnyRef, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier, SignatureAlgorithmIdentifier, - }, - AssociatedOid, EncodePrivateKey, SecretDocument, + }, AssociatedOid, EncodePrivateKey, SecretDocument }; use rand_core::CryptoRngCore; #[cfg(feature = "serde")] use { - pkcs8::PrivateKeyInfo, + pkcs8::DecodePrivateKey, serdect::serde::{de, ser, Deserialize, Serialize}, - spki::der::Decode, }; use signature::{ @@ -276,7 +274,7 @@ where where S: serdect::serde::Serializer, { - let der = self.inner.to_pkcs8_der().map_err(ser::Error::custom)?; + let der = self.to_pkcs8_der().map_err(ser::Error::custom)?; serdect::slice::serialize_hex_lower_or_bin(&der.as_bytes(), serializer) } } @@ -291,8 +289,7 @@ where De: serdect::serde::Deserializer<'de>, { let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let pki = PrivateKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?; - Self::try_from(pki).map_err(de::Error::custom) + Self::from_pkcs8_der(&der_bytes).map_err(de::Error::custom) } } diff --git a/src/pkcs1v15/verifying_key.rs b/src/pkcs1v15/verifying_key.rs index ba88a11d..a0a217ad 100644 --- a/src/pkcs1v15/verifying_key.rs +++ b/src/pkcs1v15/verifying_key.rs @@ -13,9 +13,8 @@ use pkcs8::{ #[cfg(feature = "serde")] use { - pkcs8::SubjectPublicKeyInfo, serdect::serde::{de, ser, Deserialize, Serialize}, - spki::der::Decode, + spki::DecodePublicKey, }; use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier}; @@ -229,7 +228,7 @@ where where S: serde::Serializer, { - let der = self.inner.to_public_key_der().map_err(ser::Error::custom)?; + let der = self.to_public_key_der().map_err(ser::Error::custom)?; serdect::slice::serialize_hex_lower_or_bin(&der, serializer) } } @@ -244,8 +243,7 @@ where De: serde::Deserializer<'de>, { let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let spki = SubjectPublicKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?; - Self::try_from(spki).map_err(de::Error::custom) + Self::from_public_key_der(&der_bytes).map_err(de::Error::custom) } } diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs index b17d84b1..5d46d5a8 100644 --- a/src/pss/blinded_signing_key.rs +++ b/src/pss/blinded_signing_key.rs @@ -17,9 +17,8 @@ use signature::{ use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] use { - pkcs8::PrivateKeyInfo, serdect::serde::{de, ser, Deserialize, Serialize}, - spki::der::Decode, + pkcs8::DecodePrivateKey, }; /// Signing key for producing "blinded" RSASSA-PSS signatures as described in /// [draft-irtf-cfrg-rsa-blind-signatures](https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/). @@ -202,6 +201,17 @@ where } } +impl TryFrom> for BlindedSigningKey +where + D: Digest + AssociatedOid, +{ + type Error = pkcs8::Error; + + fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + RsaPrivateKey::try_from(private_key_info).map(Self::new) + } +} + impl ZeroizeOnDrop for BlindedSigningKey where D: Digest {} impl PartialEq for BlindedSigningKey @@ -222,7 +232,7 @@ where where S: serde::Serializer, { - let der = self.inner.to_pkcs8_der().map_err(ser::Error::custom)?; + let der = self.to_pkcs8_der().map_err(ser::Error::custom)?; serdect::slice::serialize_hex_lower_or_bin(&der.as_bytes(), serializer) } } @@ -237,10 +247,7 @@ where De: serde::Deserializer<'de>, { let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let pki = PrivateKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?; - RsaPrivateKey::try_from(pki) - .map_err(de::Error::custom) - .map(Self::new) + Self::from_pkcs8_der(&der_bytes).map_err(de::Error::custom) } } diff --git a/src/pss/signature.rs b/src/pss/signature.rs index 05ede8bb..d7d32ae8 100644 --- a/src/pss/signature.rs +++ b/src/pss/signature.rs @@ -3,10 +3,10 @@ use crate::algorithms::pad::uint_to_be_pad; use ::signature::SignatureEncoding; use alloc::{boxed::Box, string::ToString}; -#[cfg(feature = "serde")] -use serdect::serde::{Deserialize, Serialize}; use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex}; use num_bigint::BigUint; +#[cfg(feature = "serde")] +use serdect::serde::{de, Deserialize, Serialize}; use spki::{ der::{asn1::BitString, Result as DerResult}, SignatureBitStringEncoding, @@ -82,7 +82,7 @@ impl Serialize for Signature { where S: serdect::serde::Serializer, { - serdect::slice::serialize_hex_lower_or_bin(&self.inner.to_bytes_be(), serializer) + serdect::slice::serialize_hex_lower_or_bin(&self.to_bytes(), serializer) } } @@ -92,13 +92,10 @@ impl<'de> Deserialize<'de> for Signature { where D: serdect::serde::Deserializer<'de>, { - let bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let inner = BigUint::from_bytes_be(&bytes); - - Ok(Self { - inner, - len: bytes.len(), - }) + serdect::slice::deserialize_hex_or_bin_vec(deserializer)? + .as_slice() + .try_into() + .map_err(de::Error::custom) } } diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs index 7a5e1eca..e3a38c2e 100644 --- a/src/pss/signing_key.rs +++ b/src/pss/signing_key.rs @@ -17,9 +17,8 @@ use signature::{ use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] use { - pkcs8::PrivateKeyInfo, + pkcs8::DecodePrivateKey, serdect::serde::{de, ser, Deserialize, Serialize}, - spki::der::Decode, }; #[cfg(feature = "getrandom")] @@ -225,6 +224,17 @@ where } } +impl TryFrom> for SigningKey +where + D: Digest + AssociatedOid, +{ + type Error = pkcs8::Error; + + fn try_from(private_key_info: pkcs8::PrivateKeyInfo<'_>) -> pkcs8::Result { + RsaPrivateKey::try_from(private_key_info).map(Self::new) + } +} + impl ZeroizeOnDrop for SigningKey where D: Digest {} impl PartialEq for SigningKey @@ -245,7 +255,7 @@ where where S: serdect::serde::Serializer, { - let der = self.inner.to_pkcs8_der().map_err(ser::Error::custom)?; + let der = self.to_pkcs8_der().map_err(ser::Error::custom)?; serdect::slice::serialize_hex_lower_or_bin(&der.as_bytes(), serializer) } } @@ -260,10 +270,7 @@ where De: serdect::serde::Deserializer<'de>, { let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let pki = PrivateKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?; - RsaPrivateKey::try_from(pki) - .map_err(de::Error::custom) - .map(Self::new) + Self::from_pkcs8_der(&der_bytes).map_err(de::Error::custom) } } diff --git a/src/pss/verifying_key.rs b/src/pss/verifying_key.rs index 9e93df5e..a4a7612b 100644 --- a/src/pss/verifying_key.rs +++ b/src/pss/verifying_key.rs @@ -4,14 +4,13 @@ use core::marker::PhantomData; use digest::{Digest, FixedOutputReset}; use pkcs8::{ spki::{der::AnyRef, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier}, - Document, EncodePublicKey, + Document, EncodePublicKey, AssociatedOid, }; use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier}; #[cfg(feature = "serde")] use { - pkcs8::{AssociatedOid, SubjectPublicKeyInfo}, serdect::serde::{de, ser, Deserialize, Serialize}, - spki::der::Decode, + spki::DecodePublicKey, }; /// Verifying key for checking the validity of RSASSA-PSS signatures as @@ -163,6 +162,17 @@ where } } +impl TryFrom> for VerifyingKey +where + D: Digest + AssociatedOid, +{ + type Error = pkcs8::spki::Error; + + fn try_from(spki: pkcs8::SubjectPublicKeyInfoRef<'_>) -> pkcs8::spki::Result { + RsaPublicKey::try_from(spki).map(Self::new) + } +} + impl PartialEq for VerifyingKey where D: Digest, @@ -181,7 +191,7 @@ where where S: serde::Serializer, { - let der = self.inner.to_public_key_der().map_err(ser::Error::custom)?; + let der = self.to_public_key_der().map_err(ser::Error::custom)?; serdect::slice::serialize_hex_lower_or_bin(&der, serializer) } } @@ -196,10 +206,7 @@ where De: serde::Deserializer<'de>, { let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?; - let spki = SubjectPublicKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?; - RsaPublicKey::try_from(spki) - .map_err(de::Error::custom) - .map(Self::new) + Self::from_public_key_der(&der_bytes).map_err(de::Error::custom) } }