feat: switch to implementing the Keypair trait

lumag · lumag · commit c51270808b50 · 2022-11-01T00:19:06.000+03:00
Drop the hand-crafted From traits, replacing them with the
implementation of the Keypair trait.

Signed-off-by: Dmitry Baryshkov &lt;dmitry.baryshkov@linaro.org&gt;
diff --git a/src/lib.rs b/src/lib.rs
@@ -60,14 +60,14 @@
 //! use rsa::RsaPrivateKey;
 //! use rsa::pkcs1v15::{SigningKey, VerifyingKey};
 //! use sha2::{Digest, Sha256};
-//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
+//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
 //!
 //! let mut rng = rand::thread_rng();
 //!
 //! let bits = 2048;
 //! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
 //! let signing_key = SigningKey::<Sha256>::new_with_prefix(private_key);
-//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
+//! let verifying_key = signing_key.verifying_key();
 //!
 //! // Sign
 //! let data = b"hello world";
@@ -83,14 +83,14 @@
 //! use rsa::RsaPrivateKey;
 //! use rsa::pss::{BlindedSigningKey, VerifyingKey};
 //! use sha2::{Digest, Sha256};
-//! use signature::{RandomizedSigner, SignatureEncoding, Verifier};
+//! use signature::{Keypair, RandomizedSigner, SignatureEncoding, Verifier};
 //!
 //! let mut rng = rand::thread_rng();
 //!
 //! let bits = 2048;
 //! let private_key = RsaPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
 //! let signing_key = BlindedSigningKey::<Sha256>::new(private_key);
-//! let verifying_key: VerifyingKey<_> = (&signing_key).into();
+//! let verifying_key = signing_key.verifying_key();
 //!
 //! // Sign
 //! let data = b"hello world";
diff --git a/src/pkcs1v15.rs b/src/pkcs1v15.rs
@@ -12,8 +12,8 @@ use rand_core::{CryptoRng, RngCore};
 #[cfg(feature = "hazmat")]
 use signature::hazmat::{PrehashSigner, PrehashVerifier};
 use signature::{
-    DigestSigner, DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding,
-    Signer, Verifier,
+    DigestSigner, DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner,
+    SignatureEncoding, Signer, Verifier,
 };
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};
 use zeroize::Zeroizing;
@@ -329,14 +329,6 @@ where
             phantom: Default::default(),
         }
     }
-
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
-
-    pub(crate) fn prefix(&self) -> Vec<u8> {
-        self.prefix.clone()
-    }
 }
 
 impl<D> From<RsaPrivateKey> for SigningKey<D>
@@ -461,7 +453,7 @@ where
 /// Verifying key for PKCS#1 v1.5 signatures as described in [RFC8017 § 8.2].
 ///
 /// [RFC8017 § 8.2]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.2
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 pub struct VerifyingKey<D>
 where
     D: Digest,
@@ -471,6 +463,20 @@ where
     phantom: PhantomData<D>,
 }
 
+/* Implemented manually so we don't have to bind D with Clone */
+impl<D> Clone for VerifyingKey<D>
+where
+    D: Digest,
+{
+    fn clone(&self) -> Self {
+        Self {
+            inner: self.inner.clone(),
+            prefix: self.prefix.clone(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> VerifyingKey<D>
 where
     D: Digest,
@@ -526,27 +532,15 @@ where
     }
 }
 
-impl<D> From<SigningKey<D>> for VerifyingKey<D>
+impl<D> Keypair for SigningKey<D>
 where
     D: Digest,
 {
-    fn from(key: SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            prefix: key.prefix(),
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<&SigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: &SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            prefix: key.prefix(),
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            prefix: self.prefix.clone(),
             phantom: Default::default(),
         }
     }
@@ -559,7 +553,7 @@ where
     fn verify(&self, msg: &[u8], signature: &Signature) -> signature::Result<()> {
         verify(
             &self.inner,
-            &self.prefix,
+            &self.prefix.clone(),
             &D::digest(msg),
             signature.as_ref(),
         )
@@ -986,7 +980,7 @@ mod tests {
         let sig = signing_key.sign_prehash(msg).expect("Failure during sign");
         assert_eq!(sig.as_ref(), expected_sig);
 
-        let verifying_key: VerifyingKey<_> = (&signing_key).into();
+        let verifying_key = signing_key.verifying_key();
         verifying_key
             .verify_prehash(
                 msg,
diff --git a/src/pss.rs b/src/pss.rs
@@ -16,7 +16,7 @@ use rand_core::{CryptoRng, RngCore};
 #[cfg(feature = "hazmat")]
 use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
 use signature::{
-    DigestVerifier, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
+    DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, SignatureEncoding, Verifier,
 };
 use subtle::ConstantTimeEq;
 
@@ -559,10 +559,6 @@ where
             phantom: Default::default(),
         }
     }
-
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
 }
 
 impl<D> From<RsaPrivateKey> for SigningKey<D>
@@ -592,6 +588,19 @@ where
     }
 }
 
+impl<D> Keypair for SigningKey<D>
+where
+    D: Digest,
+{
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> RandomizedSigner<Signature> for SigningKey<D>
 where
     D: Digest + FixedOutputReset,
@@ -688,10 +697,6 @@ where
             phantom: Default::default(),
         }
     }
-
-    pub(crate) fn key(&self) -> &RsaPrivateKey {
-        &self.inner
-    }
 }
 
 impl<D> From<RsaPrivateKey> for BlindedSigningKey<D>
@@ -721,6 +726,19 @@ where
     }
 }
 
+impl<D> Keypair for BlindedSigningKey<D>
+where
+    D: Digest,
+{
+    type VerifyingKey = VerifyingKey<D>;
+    fn verifying_key(&self) -> Self::VerifyingKey {
+        VerifyingKey {
+            inner: self.inner.to_public_key(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> RandomizedSigner<Signature> for BlindedSigningKey<D>
 where
     D: Digest + FixedOutputReset,
@@ -786,7 +804,7 @@ where
 /// described in [RFC8017 § 8.1].
 ///
 /// [RFC8017 § 8.1]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.1
-#[derive(Debug, Clone)]
+#[derive(Debug)]
 pub struct VerifyingKey<D>
 where
     D: Digest,
@@ -795,6 +813,19 @@ where
     phantom: PhantomData<D>,
 }
 
+/* Implemented manually so we don't have to bind D with Clone */
+impl<D> Clone for VerifyingKey<D>
+where
+    D: Digest,
+{
+    fn clone(&self) -> Self {
+        Self {
+            inner: self.inner.clone(),
+            phantom: Default::default(),
+        }
+    }
+}
+
 impl<D> VerifyingKey<D>
 where
     D: Digest,
@@ -826,54 +857,6 @@ where
     }
 }
 
-impl<D> From<SigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<&SigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: &SigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<BlindedSigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: BlindedSigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
-    }
-}
-
-impl<D> From<&BlindedSigningKey<D>> for VerifyingKey<D>
-where
-    D: Digest,
-{
-    fn from(key: &BlindedSigningKey<D>) -> Self {
-        Self {
-            inner: key.key().into(),
-            phantom: Default::default(),
-        }
-    }
-}
-
 impl<D> Verifier<Signature> for VerifyingKey<D>
 where
     D: Digest + FixedOutputReset,
@@ -934,7 +917,7 @@ mod test {
     use sha1::{Digest, Sha1};
     #[cfg(feature = "hazmat")]
     use signature::hazmat::{PrehashVerifier, RandomizedPrehashSigner};
-    use signature::{DigestVerifier, RandomizedDigestSigner, RandomizedSigner, Verifier};
+    use signature::{DigestVerifier, Keypair, RandomizedDigestSigner, RandomizedSigner, Verifier};
 
     fn get_private_key() -> RsaPrivateKey {
         // In order to generate new test vectors you'll need the PEM form of this key:
@@ -1118,7 +1101,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
@@ -1135,7 +1118,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key.sign_with_rng(&mut rng, test.as_bytes());
@@ -1152,7 +1135,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let mut digest = Sha1::new();
@@ -1174,7 +1157,7 @@ mod test {
         let tests = ["test\n"];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let mut digest = Sha1::new();
@@ -1235,7 +1218,7 @@ mod test {
         let tests = [Sha1::digest("test\n")];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = SigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key
@@ -1255,7 +1238,7 @@ mod test {
         let tests = [Sha1::digest("test\n")];
         let mut rng = ChaCha8Rng::from_seed([42; 32]);
         let signing_key = BlindedSigningKey::<Sha1>::new(priv_key);
-        let verifying_key = VerifyingKey::from(&signing_key);
+        let verifying_key = signing_key.verifying_key();
 
         for test in &tests {
             let sig = signing_key
