From 390ad378d4c7069d881269c2c9c4e1cf90c99ae5 Mon Sep 17 00:00:00 2001 From: Tony Arcieri Date: Thu, 27 Apr 2023 08:25:33 -0600 Subject: [PATCH] Replace `Deref` impl on `RsaPrivateKey` with `AsRef` The `RsaPrivateKey` type previously had a `Deref` impl providing access to the associated `RsaPublicKey`. `Deref` is intended for "smart pointer types", i.e. container types which manage a (typically generic) inner type in some way. This doesn't seem like one of those cases. `AsRef`, on the other hand, is for cheap reference conversions, which is exactly what's happening here, so it's a better fit and provides the same functionality (albeit explicitly rather than via deref coercion). --- src/key.rs | 31 +++++++++++++------------------ src/pss.rs | 3 +++ 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/src/key.rs b/src/key.rs index 2a6c7885..b9cfd86e 100644 --- a/src/key.rs +++ b/src/key.rs @@ -1,8 +1,5 @@ use alloc::vec::Vec; -use core::{ - hash::{Hash, Hasher}, - ops::Deref, -}; +use core::hash::{Hash, Hasher}; use num_bigint::traits::ModInverse; use num_bigint::Sign::Plus; use num_bigint::{BigInt, BigUint}; @@ -57,6 +54,12 @@ impl PartialEq for RsaPrivateKey { } } +impl AsRef for RsaPrivateKey { + fn as_ref(&self) -> &RsaPublicKey { + &self.pubkey_components + } +} + impl Hash for RsaPrivateKey { fn hash(&self, state: &mut H) { // Domain separator for RSA private keys @@ -73,13 +76,6 @@ impl Drop for RsaPrivateKey { } } -impl Deref for RsaPrivateKey { - type Target = RsaPublicKey; - fn deref(&self) -> &RsaPublicKey { - &self.pubkey_components - } -} - impl ZeroizeOnDrop for RsaPrivateKey {} #[derive(Debug, Clone)] @@ -124,9 +120,8 @@ impl From for RsaPublicKey { impl From<&RsaPrivateKey> for RsaPublicKey { fn from(private_key: &RsaPrivateKey) -> Self { - let n = private_key.n.clone(); - let e = private_key.e.clone(); - + let n = private_key.n().clone(); + let e = private_key.e().clone(); RsaPublicKey { n, e } } } @@ -201,11 +196,11 @@ impl RsaPublicKey { impl PublicKeyParts for RsaPrivateKey { fn n(&self) -> &BigUint { - &self.n + &self.pubkey_components.n } fn e(&self) -> &BigUint { - &self.e + &self.pubkey_components.e } } @@ -336,7 +331,7 @@ impl RsaPrivateKey { } m *= prime; } - if m != self.n { + if m != self.pubkey_components.n { return Err(Error::InvalidModulus); } @@ -345,7 +340,7 @@ impl RsaPrivateKey { // inverse. Therefore e is coprime to lcm(p-1,q-1,r-1,...) = // exponent(ℤ/nℤ). It also implies that a^de ≡ a mod p as a^(p-1) ≡ 1 // mod p. Thus a^de ≡ a mod n for all a coprime to n, as required. - let mut de = self.e.clone(); + let mut de = self.e().clone(); de *= self.d.clone(); for prime in &self.primes { let congruence: BigUint = &de % (prime - BigUint::one()); diff --git a/src/pss.rs b/src/pss.rs index 1bb6c410..dd6ebcc1 100644 --- a/src/pss.rs +++ b/src/pss.rs @@ -405,6 +405,7 @@ mod test { .expect("failed to sign"); priv_key + .to_public_key() .verify(Pss::new::(), &digest, &sig) .expect("failed to verify"); } @@ -424,6 +425,7 @@ mod test { .expect("failed to sign"); priv_key + .to_public_key() .verify(Pss::new::(), &digest, &sig) .expect("failed to verify"); } @@ -595,6 +597,7 @@ mod test { .expect("failed to sign"); priv_key + .to_public_key() .verify(Pss::new::(), &digest, &sig) .expect("failed to verify"); }