feat: switch to implementing the Keypair trait

lumag · lumag · commit c28a2c128d84 · 2022-10-31T19:35:30.000+03:00
Drop the hand-crafted From traits, replacing them with the
implementation of the Keypair trait.

Signed-off-by: Dmitry Baryshkov &lt;dmitry.baryshkov@linaro.org&gt;
diff --git a/src/lib.rs b/src/lib.rs
@@ -52,14 +52,14 @@
 //! use rsa::RsaPrivateKey;
 //! use rsa::pkcs1v15::{SigningKey, VerifyingKey};
 //! use sha2::{Digest, Sha256};
-//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
+//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
 //!
 //! let mut rng = rand::thread_rng();
 //!
 //! let bits = 2048;
 //! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
 //! let signing_key = SigningKey::<Sha256>::new_with_prefix(private_key);
-//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
+//! let verifying_key = signing_key.verifying_key();
 //!
 //! // Sign
 //! let data = b"hello world";
@@ -75,14 +75,14 @@
 //! use rsa::RsaPrivateKey;
 //! use rsa::pss::{BlindedSigningKey, VerifyingKey};
 //! use sha2::{Digest, Sha256};
-//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
+//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
 //!
 //! let mut rng = rand::thread_rng();
 //!
 //! let bits = 2048;
 //! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
 //! let signing_key = BlindedSigningKey::<Sha256>::new(private_key);
-//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
+//! let verifying_key = signing_key.verifying_key();
 //!
 //! // Sign
 //! let data = b"hello world";
diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs
@@ -8,8 +8,8 @@ use rand_core::{CryptoRng, RngCore};
 #[cfg(feature = "hazmat")]
 use signature::hazmat::{PrehashSigner, PrehashVerifier};
 use signature::{
-    DigestSigner, DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding,
-    Signer, Verifier,
+    DigestSigner, DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner,
+    SignatureEncoding, Signer, Verifier,
 };
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
 use zeroize::Zeroizing;
@@ -310,10 +310,6 @@ impl<D> SigningKey<D>
 where
     D: Digest,
 {
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
-
     pub(crate) fn prefix(&self) -> Vec<u8> {
         self.prefix.clone()
     }
@@ -445,7 +441,7 @@ where
     }
 }
 
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 pub struct VerifyingKey<D>
 where
     D: Digest,
@@ -455,6 +451,20 @@ where
     phantom: PhantomData<D>,
 }
 
+/* Implemented manually so we don't have to bind D with Clone */
+impl<D> Clone for VerifyingKey<D>
+where
+    D: Digest,
+{
+    fn clone(&self) -> Self {
+        Self {
+            inner: self.inner.clone(),
+            prefix: self.prefix.clone(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> VerifyingKey<D>
 where
     D: Digest,
@@ -508,27 +518,15 @@ where
     }
 }
 
-impl<D> From<SigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            prefix: key.prefix(),
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<&SigningKey<D>> for VerifyingKey<D>
+impl<D> Keypair for SigningKey<D>
 where
     D: Digest,
 {
-    fn from(key: &SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            prefix: key.prefix(),
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            prefix: self.prefix(),
             phantom: Default::default(),
         }
     }
@@ -968,9 +966,12 @@ mod tests {
         let sig = signing_key.sign_prehash(msg).expect("Failure during sign");
         assert_eq!(sig.as_ref(), expected_sig);
 
-        let verifying_key: VerifyingKey<_> = (&signing_key).into();
+        let verifying_key = signing_key.verifying_key();
         verifying_key
-            .verify_prehash(msg, &Signature::from_bytes(&expected_sig.into_boxed_slice()).unwrap())
+            .verify_prehash(
+                msg,
+                &Signature::from_bytes(&expected_sig.into_boxed_slice()).unwrap(),
+            )
             .expect("failed to verify");
     }
 }
diff --git a/src/pss.rs b/src/pss.rs
@@ -9,7 +9,7 @@ use rand_core::{CryptoRng, RngCore};
 #[cfg(feature = "hazmat")]
 use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
 use signature::{
-    DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
+    DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
 };
 use subtle::ConstantTimeEq;
 
@@ -526,10 +526,6 @@ impl<D> SigningKey<D>
 where
     D: Digest,
 {
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
-
     pub fn new(key: RsaPrivateKey) -> Self {
         Self {
             inner: key,
@@ -574,6 +570,19 @@ where
     }
 }
 
+impl<D> Keypair for SigningKey<D>
+where
+    D: Digest,
+{
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> RandomizedSigner<Signature> for SigningKey<D>
 where
     D: Digest + FixedOutputReset,
@@ -649,10 +658,6 @@ impl<D> BlindedSigningKey<D>
 where
     D: Digest,
 {
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
-
     pub fn new(key: RsaPrivateKey) -> Self {
         Self {
             inner: key,
@@ -697,6 +702,19 @@ where
     }
 }
 
+impl<D> Keypair for BlindedSigningKey<D>
+where
+    D: Digest,
+{
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> RandomizedSigner<Signature> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
@@ -758,7 +776,7 @@ where
     }
 }
 
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 pub struct VerifyingKey<D>
 where
     D: Digest,
@@ -767,81 +785,46 @@ where
     phantom: PhantomData<D>,
 }
 
-impl<D> VerifyingKey<D>
-where
-    D: Digest,
-{
-    pub fn new(key: RsaPublicKey) -> Self {
-        Self {
-            inner: key,
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<RsaPublicKey> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: RsaPublicKey) -> Self {
-        Self::new(key)
-    }
-}
-
-impl<D> From<VerifyingKey<D>> for RsaPublicKey
-where
-    D: Digest,
-{
-    fn from(key: VerifyingKey<D>) -> Self {
-        key.inner
-    }
-}
-
-impl<D> From<SigningKey<D>> for VerifyingKey<D>
+/* Implemented manually so we don't have to bind D with Clone */
+impl<D> Clone for VerifyingKey<D>
 where
     D: Digest,
 {
-    fn from(key: SigningKey<D>) -> Self {
+    fn clone(&self) -> Self {
         Self {
-            inner: key.key().into(),
+            inner: self.inner.clone(),
             phantom: Default::default(),
         }
     }
 }
 
-impl<D> From<&SigningKey<D>> for VerifyingKey<D>
+impl<D> VerifyingKey<D>
 where
     D: Digest,
 {
-    fn from(key: &SigningKey<D>) -> Self {
+    pub fn new(key: RsaPublicKey) -> Self {
         Self {
-            inner: key.key().into(),
+            inner: key,
             phantom: Default::default(),
         }
     }
 }
 
-impl<D> From<BlindedSigningKey<D>> for VerifyingKey<D>
+impl<D> From<RsaPublicKey> for VerifyingKey<D>
 where
     D: Digest,
 {
-    fn from(key: BlindedSigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
+    fn from(key: RsaPublicKey) -> Self {
+        Self::new(key)
     }
 }
 
-impl<D> From<&BlindedSigningKey<D>> for VerifyingKey<D>
+impl<D> From<VerifyingKey<D>> for RsaPublicKey
 where
     D: Digest,
 {
-    fn from(key: &BlindedSigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
+    fn from(key: VerifyingKey<D>) -> Self {
+        key.inner
     }
 }
 
@@ -905,7 +888,7 @@ mod test {
     use sha1::{Digest, Sha1};
     #[cfg(feature = "hazmat")]
     use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
-    use signature::{DigestVerifier, RandomizedDigestSigner, RandomizedSigner, Verifier};
+    use signature::{DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, Verifier};
 
     fn get_private_key() -> RsaPrivateKey {
         // In order to generate new test vectors you'll need the PEM form of this key:
@@ -1089,7 +1072,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
@@ -1106,7 +1089,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
@@ -1123,7 +1106,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let mut digest = Sha1::new();
@@ -1145,7 +1128,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let mut digest = Sha1::new();
@@ -1206,7 +1189,7 @@ mod test {
         let tests = [Sha1::digest("test\n")];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key
@@ -1226,7 +1209,7 @@ mod test {
         let tests = [Sha1::digest("test\n")];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key
