From 22a4bd91432f09923dbed8327b94bb617a4de9cf Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Wed, 23 Apr 2025 14:43:23 -0700 Subject: [PATCH] chore(deps): bump `signature` to `3.0.0-pre` --- Cargo.lock | 4 +- Cargo.toml | 4 +- src/pkcs1v15/signature.rs | 68 +++++++++++++++++++++++++++------- src/pkcs1v15/signing_key.rs | 42 ++++----------------- src/pkcs1v15/verifying_key.rs | 25 +++---------- src/pss/blinded_signing_key.rs | 27 +++----------- src/pss/signature.rs | 68 +++++++++++++++++++++++++++------- src/pss/signing_key.rs | 44 ++++------------------ src/pss/verifying_key.rs | 25 +++---------- tests/wycheproof.rs | 18 ++++++++- 10 files changed, 158 insertions(+), 167 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 7ccfc9ad..c73bbcb7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -723,8 +723,8 @@ dependencies = [ [[package]] name = "signature" -version = "2.3.0-pre.6" -source = "git+https://github.com/RustCrypto/traits.git#7b82f397511d68f823d06a0fe50867e9011dd0f0" +version = "3.0.0-pre" +source = "git+https://github.com/RustCrypto/traits.git#5d3e03178b822f13e85ce46316e1f524ed7921c4" dependencies = [ "digest", "rand_core 0.9.3", diff --git a/Cargo.toml b/Cargo.toml index 930efb25..5015b8b2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,7 +19,7 @@ subtle = { version = "2.6.1", default-features = false } digest = { version = "=0.11.0-pre.10", default-features = false, features = ["alloc", "oid"] } pkcs1 = { version = "0.8.0-rc.1", default-features = false, features = ["alloc", "pkcs8"] } pkcs8 = { version = "0.11.0-rc.2", default-features = false, features = ["alloc"] } -signature = { version = "=2.3.0-pre.6", default-features = false, features = ["alloc", "digest", "rand_core"] } +signature = { version = "=3.0.0-pre", default-features = false, features = ["alloc", "digest", "rand_core"] } spki = { version = "0.8.0-rc.1", default-features = false, features = ["alloc"] } zeroize = { version = "1.5", features = ["alloc"] } crypto-bigint = { version = "0.7.0-pre", default-features = false, features = ["zeroize", "alloc"] } @@ -57,7 +57,7 @@ os_rng = ["rand_core/os_rng", "crypto-bigint/rand_core"] serde = ["dep:serde", "dep:serdect", "crypto-bigint/serde"] pem = ["pkcs1/pem", "pkcs8/pem"] pkcs5 = ["pkcs8/encryption"] -std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "signature/std", "crypto-bigint/rand"] +std = ["digest/std", "pkcs1/std", "pkcs8/std", "rand_core/std", "crypto-bigint/rand"] [package.metadata.docs.rs] diff --git a/src/pkcs1v15/signature.rs b/src/pkcs1v15/signature.rs index 3200b0a4..992b13c2 100644 --- a/src/pkcs1v15/signature.rs +++ b/src/pkcs1v15/signature.rs @@ -2,11 +2,16 @@ use ::signature::SignatureEncoding; use alloc::boxed::Box; -use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex}; +use core::{ + fmt::{self, Debug, Display, Formatter, LowerHex, UpperHex}, + marker::PhantomData, +}; use crypto_bigint::BoxedUint; +use digest::Digest; #[cfg(feature = "serde")] use serdect::serde::{de, Deserialize, Serialize}; +use signature::PrehashSignature; use spki::{ der::{asn1::BitString, Result as DerResult}, SignatureBitStringEncoding, @@ -15,22 +20,46 @@ use spki::{ /// `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2]. /// /// [RFC8017 § 8.2]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.2 -#[derive(Debug, Clone, PartialEq, Eq)] -pub struct Signature { +#[derive(Eq)] +pub struct Signature { pub(super) inner: BoxedUint, + _digest: PhantomData, +} + +impl Debug for Signature { + fn fmt(&self, f: &mut Formatter) -> fmt::Result { + f.debug_struct("Signature") + .field("inner", &self.inner) + .finish() + } } -impl SignatureEncoding for Signature { +impl Clone for Signature { + fn clone(&self) -> Self { + Self { + inner: self.inner.clone(), + _digest: PhantomData, + } + } +} + +impl PartialEq for Signature { + fn eq(&self, other: &Self) -> bool { + self.inner.eq(&other.inner) + } +} + +impl SignatureEncoding for Signature { type Repr = Box<[u8]>; } -impl SignatureBitStringEncoding for Signature { +impl SignatureBitStringEncoding for Signature { fn to_bitstring(&self) -> DerResult { BitString::new(0, self.to_vec()) } } -impl TryFrom<&[u8]> for Signature { +impl TryFrom<&[u8]> for Signature { type Error = signature::Error; fn try_from(bytes: &[u8]) -> signature::Result { @@ -42,17 +71,20 @@ impl TryFrom<&[u8]> for Signature { #[cfg(not(feature = "std"))] let inner = inner.map_err(|_| signature::Error::new())?; - Ok(Self { inner }) + Ok(Self { + inner, + _digest: PhantomData, + }) } } -impl From for Box<[u8]> { - fn from(signature: Signature) -> Box<[u8]> { +impl From> for Box<[u8]> { + fn from(signature: Signature) -> Box<[u8]> { signature.inner.to_be_bytes() } } -impl LowerHex for Signature { +impl LowerHex for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { for byte in self.to_bytes().iter() { write!(f, "{:02x}", byte)?; @@ -61,7 +93,7 @@ impl LowerHex for Signature { } } -impl UpperHex for Signature { +impl UpperHex for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { for byte in self.to_bytes().iter() { write!(f, "{:02X}", byte)?; @@ -70,14 +102,14 @@ impl UpperHex for Signature { } } -impl Display for Signature { +impl Display for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { write!(f, "{:X}", self) } } #[cfg(feature = "serde")] -impl Serialize for Signature { +impl Serialize for Signature { fn serialize(&self, serializer: S) -> core::result::Result where S: serdect::serde::Serializer, @@ -87,7 +119,7 @@ impl Serialize for Signature { } #[cfg(feature = "serde")] -impl<'de> Deserialize<'de> for Signature { +impl<'de, Di> Deserialize<'de> for Signature { fn deserialize(deserializer: D) -> core::result::Result where D: serdect::serde::Deserializer<'de>, @@ -99,6 +131,13 @@ impl<'de> Deserialize<'de> for Signature { } } +impl PrehashSignature for Signature +where + D: Digest, +{ + type Digest = D; +} + #[cfg(test)] mod tests { #[test] @@ -108,6 +147,7 @@ mod tests { use serde_test::{assert_tokens, Configure, Token}; let signature = Signature { inner: BoxedUint::from(42u32), + _digest: PhantomData::<()>, }; let tokens = [Token::Str("000000000000002a")]; diff --git a/src/pkcs1v15/signing_key.rs b/src/pkcs1v15/signing_key.rs index badef88b..31cb32bb 100644 --- a/src/pkcs1v15/signing_key.rs +++ b/src/pkcs1v15/signing_key.rs @@ -17,9 +17,7 @@ use { serdect::serde::{de, ser, Deserialize, Serialize}, }; -use signature::{ - hazmat::PrehashSigner, DigestSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, Signer, -}; +use signature::{hazmat::PrehashSigner, DigestSigner, Keypair, RandomizedDigestSigner}; use zeroize::ZeroizeOnDrop; /// Signing key for `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2]. @@ -101,29 +99,29 @@ where // `*Signer` trait impls // -impl DigestSigner for SigningKey +impl DigestSigner> for SigningKey where D: Digest, { - fn try_sign_digest(&self, digest: D) -> signature::Result { + fn try_sign_digest(&self, digest: D) -> signature::Result> { sign::(None, &self.inner, &self.prefix, &digest.finalize())? .as_slice() .try_into() } } -impl PrehashSigner for SigningKey +impl PrehashSigner> for SigningKey where D: Digest, { - fn sign_prehash(&self, prehash: &[u8]) -> signature::Result { + fn sign_prehash(&self, prehash: &[u8]) -> signature::Result> { sign::(None, &self.inner, &self.prefix, prehash)? .as_slice() .try_into() } } -impl RandomizedDigestSigner for SigningKey +impl RandomizedDigestSigner> for SigningKey where D: Digest, { @@ -131,39 +129,13 @@ where &self, rng: &mut R, digest: D, - ) -> signature::Result { + ) -> signature::Result> { sign(Some(rng), &self.inner, &self.prefix, &digest.finalize())? .as_slice() .try_into() } } -impl RandomizedSigner for SigningKey -where - D: Digest, -{ - fn try_sign_with_rng( - &self, - rng: &mut R, - msg: &[u8], - ) -> signature::Result { - sign(Some(rng), &self.inner, &self.prefix, &D::digest(msg))? - .as_slice() - .try_into() - } -} - -impl Signer for SigningKey -where - D: Digest, -{ - fn try_sign(&self, msg: &[u8]) -> signature::Result { - sign::(None, &self.inner, &self.prefix, &D::digest(msg))? - .as_slice() - .try_into() - } -} - // // Other trait impls // diff --git a/src/pkcs1v15/verifying_key.rs b/src/pkcs1v15/verifying_key.rs index ed58fa6e..5a366df8 100644 --- a/src/pkcs1v15/verifying_key.rs +++ b/src/pkcs1v15/verifying_key.rs @@ -17,7 +17,7 @@ use { spki::DecodePublicKey, }; -use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier}; +use signature::{hazmat::PrehashVerifier, DigestVerifier}; use spki::{Document, EncodePublicKey}; /// Verifying key for `RSASSA-PKCS1-v1_5` signatures as described in [RFC8017 § 8.2]. @@ -75,11 +75,11 @@ where // `*Verifier` trait impls // -impl DigestVerifier for VerifyingKey +impl DigestVerifier> for VerifyingKey where D: Digest, { - fn verify_digest(&self, digest: D, signature: &Signature) -> signature::Result<()> { + fn verify_digest(&self, digest: D, signature: &Signature) -> signature::Result<()> { verify( &self.inner, &self.prefix, @@ -90,30 +90,15 @@ where } } -impl PrehashVerifier for VerifyingKey +impl PrehashVerifier> for VerifyingKey where D: Digest, { - fn verify_prehash(&self, prehash: &[u8], signature: &Signature) -> signature::Result<()> { + fn verify_prehash(&self, prehash: &[u8], signature: &Signature) -> signature::Result<()> { verify(&self.inner, &self.prefix, prehash, &signature.inner).map_err(|e| e.into()) } } -impl Verifier for VerifyingKey -where - D: Digest, -{ - fn verify(&self, msg: &[u8], signature: &Signature) -> signature::Result<()> { - verify( - &self.inner, - &self.prefix.clone(), - &D::digest(msg), - &signature.inner, - ) - .map_err(|e| e.into()) - } -} - // // Other trait impls // diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs index bf498a61..4d063d2c 100644 --- a/src/pss/blinded_signing_key.rs +++ b/src/pss/blinded_signing_key.rs @@ -11,9 +11,7 @@ use pkcs8::{ EncodePrivateKey, SecretDocument, }; use rand_core::{CryptoRng, TryCryptoRng}; -use signature::{ - hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, -}; +use signature::{hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner}; use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] use { @@ -84,22 +82,7 @@ where // `*Signer` trait impls // -impl RandomizedSigner for BlindedSigningKey -where - D: Digest + FixedOutputReset, -{ - fn try_sign_with_rng( - &self, - rng: &mut R, - msg: &[u8], - ) -> signature::Result { - sign_digest::<_, D>(rng, true, &self.inner, &D::digest(msg), self.salt_len)? - .as_slice() - .try_into() - } -} - -impl RandomizedDigestSigner for BlindedSigningKey +impl RandomizedDigestSigner> for BlindedSigningKey where D: Digest + FixedOutputReset, { @@ -107,14 +90,14 @@ where &self, rng: &mut R, digest: D, - ) -> signature::Result { + ) -> signature::Result> { sign_digest::<_, D>(rng, true, &self.inner, &digest.finalize(), self.salt_len)? .as_slice() .try_into() } } -impl RandomizedPrehashSigner for BlindedSigningKey +impl RandomizedPrehashSigner> for BlindedSigningKey where D: Digest + FixedOutputReset, { @@ -122,7 +105,7 @@ where &self, rng: &mut R, prehash: &[u8], - ) -> signature::Result { + ) -> signature::Result> { sign_digest::<_, D>(rng, true, &self.inner, prehash, self.salt_len)? .as_slice() .try_into() diff --git a/src/pss/signature.rs b/src/pss/signature.rs index a95ecfbc..97e1f9df 100644 --- a/src/pss/signature.rs +++ b/src/pss/signature.rs @@ -2,11 +2,16 @@ use ::signature::SignatureEncoding; use alloc::boxed::Box; -use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex}; +use core::{ + fmt::{self, Debug, Display, Formatter, LowerHex, UpperHex}, + marker::PhantomData, +}; use crypto_bigint::BoxedUint; +use digest::Digest; #[cfg(feature = "serde")] use serdect::serde::{de, Deserialize, Serialize}; +use signature::PrehashSignature; use spki::{ der::{asn1::BitString, Result as DerResult}, SignatureBitStringEncoding, @@ -15,22 +20,46 @@ use spki::{ /// `RSASSA-PSS` signatures as described in [RFC8017 § 8.1]. /// /// [RFC8017 § 8.1]: https://datatracker.ietf.org/doc/html/rfc8017#section-8.1 -#[derive(Debug, Clone, PartialEq, Eq)] -pub struct Signature { +#[derive(Eq)] +pub struct Signature { pub(super) inner: BoxedUint, + _digest: PhantomData, +} + +impl Debug for Signature { + fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { + f.debug_struct("Signature") + .field("inner", &self.inner) + .finish() + } +} + +impl Clone for Signature { + fn clone(&self) -> Self { + Self { + inner: self.inner.clone(), + _digest: PhantomData, + } + } +} + +impl PartialEq for Signature { + fn eq(&self, other: &Self) -> bool { + self.inner.eq(&other.inner) + } } -impl SignatureEncoding for Signature { +impl SignatureEncoding for Signature { type Repr = Box<[u8]>; } -impl SignatureBitStringEncoding for Signature { +impl SignatureBitStringEncoding for Signature { fn to_bitstring(&self) -> DerResult { BitString::new(0, self.to_vec()) } } -impl TryFrom<&[u8]> for Signature { +impl TryFrom<&[u8]> for Signature { type Error = signature::Error; fn try_from(bytes: &[u8]) -> signature::Result { @@ -43,36 +72,39 @@ impl TryFrom<&[u8]> for Signature { #[cfg(not(feature = "std"))] let inner = inner.map_err(|_| signature::Error::new())?; - Ok(Self { inner }) + Ok(Self { + inner, + _digest: PhantomData, + }) } } -impl From for Box<[u8]> { - fn from(signature: Signature) -> Box<[u8]> { +impl From> for Box<[u8]> { + fn from(signature: Signature) -> Box<[u8]> { signature.inner.to_be_bytes() } } -impl LowerHex for Signature { +impl LowerHex for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { write!(f, "{:x}", &self.inner) } } -impl UpperHex for Signature { +impl UpperHex for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { write!(f, "{:X}", &self.inner) } } -impl Display for Signature { +impl Display for Signature { fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result { write!(f, "{:X}", self) } } #[cfg(feature = "serde")] -impl Serialize for Signature { +impl Serialize for Signature { fn serialize(&self, serializer: S) -> core::result::Result where S: serdect::serde::Serializer, @@ -82,7 +114,7 @@ impl Serialize for Signature { } #[cfg(feature = "serde")] -impl<'de> Deserialize<'de> for Signature { +impl<'de, Di> Deserialize<'de> for Signature { fn deserialize(deserializer: D) -> core::result::Result where D: serdect::serde::Deserializer<'de>, @@ -94,6 +126,13 @@ impl<'de> Deserialize<'de> for Signature { } } +impl PrehashSignature for Signature +where + D: Digest, +{ + type Digest = D; +} + #[cfg(test)] mod tests { #[test] @@ -103,6 +142,7 @@ mod tests { use serde_test::{assert_tokens, Configure, Token}; let signature = Signature { inner: BoxedUint::from(42u32), + _digest: PhantomData::<()>, }; let tokens = [Token::Str("000000000000002a")]; diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs index eaddec2e..426e8428 100644 --- a/src/pss/signing_key.rs +++ b/src/pss/signing_key.rs @@ -12,9 +12,7 @@ use pkcs8::{ EncodePrivateKey, SecretDocument, }; use rand_core::{CryptoRng, TryCryptoRng}; -use signature::{ - hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner, -}; +use signature::{hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner}; use zeroize::ZeroizeOnDrop; #[cfg(feature = "serde")] use { @@ -23,10 +21,7 @@ use { }; #[cfg(feature = "os_rng")] -use { - rand_core::OsRng, - signature::{hazmat::PrehashSigner, Signer}, -}; +use {rand_core::OsRng, signature::hazmat::PrehashSigner}; /// Signing key for producing RSASSA-PSS signatures as described in /// [RFC8017 § 8.1]. @@ -90,7 +85,7 @@ where // `*Signer` trait impls // -impl RandomizedDigestSigner for SigningKey +impl RandomizedDigestSigner> for SigningKey where D: Digest + FixedOutputReset, { @@ -98,27 +93,14 @@ where &self, rng: &mut R, digest: D, - ) -> signature::Result { + ) -> signature::Result> { sign_digest::<_, D>(rng, false, &self.inner, &digest.finalize(), self.salt_len)? .as_slice() .try_into() } } -impl RandomizedSigner for SigningKey -where - D: Digest + FixedOutputReset, -{ - fn try_sign_with_rng( - &self, - rng: &mut R, - msg: &[u8], - ) -> signature::Result { - self.try_sign_digest_with_rng(rng, D::new_with_prefix(msg)) - } -} - -impl RandomizedPrehashSigner for SigningKey +impl RandomizedPrehashSigner> for SigningKey where D: Digest + FixedOutputReset, { @@ -126,7 +108,7 @@ where &self, rng: &mut R, prehash: &[u8], - ) -> signature::Result { + ) -> signature::Result> { sign_digest::<_, D>(rng, false, &self.inner, prehash, self.salt_len)? .as_slice() .try_into() @@ -134,25 +116,15 @@ where } #[cfg(feature = "os_rng")] -impl PrehashSigner for SigningKey +impl PrehashSigner> for SigningKey where D: Digest + FixedOutputReset, { - fn sign_prehash(&self, prehash: &[u8]) -> signature::Result { + fn sign_prehash(&self, prehash: &[u8]) -> signature::Result> { self.sign_prehash_with_rng(&mut OsRng, prehash) } } -#[cfg(feature = "os_rng")] -impl Signer for SigningKey -where - D: Digest + FixedOutputReset, -{ - fn try_sign(&self, msg: &[u8]) -> signature::Result { - self.try_sign_with_rng(&mut OsRng, msg) - } -} - // // Other trait impls // diff --git a/src/pss/verifying_key.rs b/src/pss/verifying_key.rs index 75bb6809..f20a89b0 100644 --- a/src/pss/verifying_key.rs +++ b/src/pss/verifying_key.rs @@ -7,7 +7,7 @@ use pkcs8::{ spki::{der::AnyRef, AlgorithmIdentifierRef, AssociatedAlgorithmIdentifier}, AssociatedOid, Document, EncodePublicKey, }; -use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier}; +use signature::{hazmat::PrehashVerifier, DigestVerifier}; #[cfg(feature = "serde")] use { serdect::serde::{de, ser, Deserialize, Serialize}, @@ -57,11 +57,11 @@ where // `*Verifier` trait impls // -impl DigestVerifier for VerifyingKey +impl DigestVerifier> for VerifyingKey where D: Digest + FixedOutputReset, { - fn verify_digest(&self, digest: D, signature: &Signature) -> signature::Result<()> { + fn verify_digest(&self, digest: D, signature: &Signature) -> signature::Result<()> { verify_digest::( &self.inner, &digest.finalize(), @@ -72,31 +72,16 @@ where } } -impl PrehashVerifier for VerifyingKey +impl PrehashVerifier> for VerifyingKey where D: Digest + FixedOutputReset, { - fn verify_prehash(&self, prehash: &[u8], signature: &Signature) -> signature::Result<()> { + fn verify_prehash(&self, prehash: &[u8], signature: &Signature) -> signature::Result<()> { verify_digest::(&self.inner, prehash, &signature.inner, self.salt_len) .map_err(|e| e.into()) } } -impl Verifier for VerifyingKey -where - D: Digest + FixedOutputReset, -{ - fn verify(&self, msg: &[u8], signature: &Signature) -> signature::Result<()> { - verify_digest::( - &self.inner, - &D::digest(msg), - &signature.inner, - self.salt_len, - ) - .map_err(|e| e.into()) - } -} - // // Other trait impls // diff --git a/tests/wycheproof.rs b/tests/wycheproof.rs index c36e538b..25eec683 100644 --- a/tests/wycheproof.rs +++ b/tests/wycheproof.rs @@ -165,17 +165,22 @@ fn test_rsa_pkcs1_verify() { for test in group.tests { summary.start(&test); - let sig = pkcs1v15::Signature::try_from(&test.sig[..]).expect("invalid signature"); let result = match group.sha.as_ref() { "SHA-256" => { + let sig = pkcs1v15::Signature::try_from(&test.sig[..]) + .expect("invalid signature"); let vk = pkcs1v15::VerifyingKey::::new(key.clone()); vk.verify(&test.msg, &sig) } "SHA-384" => { + let sig = pkcs1v15::Signature::try_from(&test.sig[..]) + .expect("invalid signature"); let vk = pkcs1v15::VerifyingKey::::new(key.clone()); vk.verify(&test.msg, &sig) } "SHA-512" => { + let sig = pkcs1v15::Signature::try_from(&test.sig[..]) + .expect("invalid signature"); let vk = pkcs1v15::VerifyingKey::::new(key.clone()); vk.verify(&test.msg, &sig) } @@ -228,9 +233,10 @@ fn test_rsa_pss_verify() { group.sha, group.mgf_sha, group.salt_len, )); } - let sig = pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let result = match group.sha.as_ref() { "SHA-1" => { + let sig = + pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let vk = pss::VerifyingKey::::new_with_salt_len( key.clone(), group.salt_len, @@ -238,6 +244,8 @@ fn test_rsa_pss_verify() { vk.verify(&test.msg, &sig) } "SHA-256" => { + let sig = + pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let vk = pss::VerifyingKey::::new_with_salt_len( key.clone(), group.salt_len, @@ -245,6 +253,8 @@ fn test_rsa_pss_verify() { vk.verify(&test.msg, &sig) } "SHA-224" => { + let sig = + pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let vk = pss::VerifyingKey::::new_with_salt_len( key.clone(), group.salt_len, @@ -252,6 +262,8 @@ fn test_rsa_pss_verify() { vk.verify(&test.msg, &sig) } "SHA-384" => { + let sig = + pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let vk = pss::VerifyingKey::::new_with_salt_len( key.clone(), group.salt_len, @@ -259,6 +271,8 @@ fn test_rsa_pss_verify() { vk.verify(&test.msg, &sig) } "SHA-512" => { + let sig = + pss::Signature::try_from(&test.sig[..]).expect("invalid signature"); let vk = pss::VerifyingKey::::new_with_salt_len( key.clone(), group.salt_len,