RSASSA-PKCS1 Signer Key Manager
PiperOrigin-RevId: 464581838
diff --git a/go/signature/BUILD.bazel b/go/signature/BUILD.bazel
index e09b533..81a1869 100644
--- a/go/signature/BUILD.bazel
+++ b/go/signature/BUILD.bazel
@@ -12,6 +12,8 @@
"ed25519_signer_key_manager.go",
"ed25519_verifier_key_manager.go",
"proto.go",
+ "rsa.go",
+ "rsassapkcs1_signer_key_manager.go",
"rsassapkcs1_verifier_key_manager.go",
"signature.go",
"signature_key_templates.go",
@@ -46,6 +48,7 @@
"ecdsa_verifier_key_manager_test.go",
"ed25519_signer_key_manager_test.go",
"ed25519_verifier_key_manager_test.go",
+ "rsassapkcs1_signer_key_manager_test.go",
"rsassapkcs1_verifier_key_manager_test.go",
"signature_factory_test.go",
"signature_key_templates_test.go",
@@ -66,7 +69,9 @@
"//subtle/random",
"//testkeyset",
"//testutil",
+ "@com_github_google_go_cmp//cmp",
"@org_golang_google_protobuf//proto",
+ "@org_golang_google_protobuf//testing/protocmp",
],
)
diff --git a/go/signature/rsa.go b/go/signature/rsa.go
new file mode 100644
index 0000000..bfaab5f
--- /dev/null
+++ b/go/signature/rsa.go
@@ -0,0 +1,42 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package signature
+
+import (
+ "math/big"
+
+ "github.com/google/tink/go/signature/internal"
+ commonpb "github.com/google/tink/go/proto/common_go_proto"
+)
+
+func bytesToBigInt(val []byte) *big.Int {
+ return new(big.Int).SetBytes(val)
+}
+
+func validateRSAPubKeyParams(h commonpb.HashType, modSizeBits int, pubExponent []byte) error {
+ if err := internal.HashSafeForSignature(hashName(h)); err != nil {
+ return err
+ }
+ if err := internal.RSAValidModulusSizeInBits(modSizeBits); err != nil {
+ return err
+ }
+ return internal.RSAValidPublicExponent(int(bytesToBigInt(pubExponent).Uint64()))
+}
+
+func hashName(h commonpb.HashType) string {
+ return commonpb.HashType_name[int32(h)]
+}
diff --git a/go/signature/rsassapkcs1_signer_key_manager.go b/go/signature/rsassapkcs1_signer_key_manager.go
new file mode 100644
index 0000000..8b90acf
--- /dev/null
+++ b/go/signature/rsassapkcs1_signer_key_manager.go
@@ -0,0 +1,192 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package signature
+
+import (
+ "crypto/rand"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "math/big"
+
+ "google.golang.org/protobuf/proto"
+ "github.com/google/tink/go/core/registry"
+ "github.com/google/tink/go/keyset"
+ "github.com/google/tink/go/signature/internal"
+ rsassapkcs1pb "github.com/google/tink/go/proto/rsa_ssa_pkcs1_go_proto"
+ tinkpb "github.com/google/tink/go/proto/tink_go_proto"
+)
+
+const (
+ rsaSSAPKCS1SignerKeyVersion = 0
+ rsaSSAPKCS1SignerTypeURL = "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey"
+)
+
+var (
+ errInvalidRSASSAPKCS1SignKey = errors.New("rsassapkcs1_signer_key_manager: invalid key")
+ errInvalidRSASSAPKCS1SignKeyFormat = errors.New("rsassapkcs1_signer_key_manager: invalid key format")
+)
+
+type rsaSSAPKCS1SignerKeyManager struct{}
+
+// NewRSASSAPKCS1SignerKeyManager returns a new signer key manager instance:
+// TODO(b/173082704): Delete in CL/463428483, only used for temporary testing to avoid test breakage.
+func NewRSASSAPKCS1SignerKeyManager() registry.KeyManager {
+ return &rsaSSAPKCS1SignerKeyManager{}
+}
+
+var _ registry.PrivateKeyManager = (*rsaSSAPKCS1SignerKeyManager)(nil)
+
+func (km *rsaSSAPKCS1SignerKeyManager) Primitive(serializedKey []byte) (interface{}, error) {
+ if false {
+ return nil, errInvalidRSASSAPKCS1SignKey
+ }
+ key := &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{}
+ if err := proto.Unmarshal(serializedKey, key); err != nil {
+ return nil, err
+ }
+ if err := keyset.ValidateKeyVersion(key.Version, rsaSSAPKCS1SignerKeyVersion); err != nil {
+ return nil, err
+ }
+ if len(key.GetD()) == 0 ||
+ len(key.GetPublicKey().GetN()) == 0 ||
+ len(key.GetPublicKey().GetE()) == 0 ||
+ len(key.GetP()) == 0 ||
+ len(key.GetQ()) == 0 ||
+ len(key.GetDp()) == 0 ||
+ len(key.GetDq()) == 0 ||
+ len(key.GetCrt()) == 0 {
+ return nil, errInvalidRSASSAPKCS1SignKey
+ }
+ e := bytesToBigInt(key.PublicKey.E)
+ if !e.IsInt64() {
+ return nil, fmt.Errorf("rsassapkcs1_signer_key_manager: public exponent can't fit in 64 bit number")
+ }
+ privKey := &rsa.PrivateKey{
+ D: bytesToBigInt(key.D),
+ PublicKey: rsa.PublicKey{
+ N: bytesToBigInt(key.PublicKey.N),
+ E: int(e.Uint64()),
+ },
+ Primes: []*big.Int{
+ bytesToBigInt(key.P),
+ bytesToBigInt(key.Q),
+ },
+ Precomputed: rsa.PrecomputedValues{
+ Dp: bytesToBigInt(key.Dp),
+ Dq: bytesToBigInt(key.Dq),
+ Qinv: bytesToBigInt(key.Crt),
+ },
+ }
+ return internal.New_RSA_SSA_PKCS1_Signer(hashName(key.PublicKey.Params.HashType), privKey)
+}
+
+func (km *rsaSSAPKCS1SignerKeyManager) NewKey(serializedKeyFormat []byte) (proto.Message, error) {
+ if len(serializedKeyFormat) == 0 {
+ return nil, errInvalidRSASSAPKCS1SignKeyFormat
+ }
+ keyFormat := &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{}
+ if err := proto.Unmarshal(serializedKeyFormat, keyFormat); err != nil {
+ return nil, err
+ }
+ if err := validateRSAPubKeyParams(
+ keyFormat.Params.HashType,
+ int(keyFormat.ModulusSizeInBits),
+ keyFormat.GetPublicExponent()); err != nil {
+ return nil, err
+ }
+ rsaKey, err := rsa.GenerateKey(rand.Reader, int(keyFormat.ModulusSizeInBits))
+ if err != nil {
+ return nil, fmt.Errorf("generating RSA key: %s", err)
+ }
+ pubKey := &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: rsaSSAPKCS1SignerKeyVersion,
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: keyFormat.Params.HashType,
+ },
+ N: rsaKey.PublicKey.N.Bytes(),
+ E: big.NewInt(int64(rsaKey.PublicKey.E)).Bytes(),
+ }
+ return &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: rsaSSAPKCS1SignerKeyVersion,
+ PublicKey: pubKey,
+ D: rsaKey.D.Bytes(),
+ P: rsaKey.Primes[0].Bytes(),
+ Q: rsaKey.Primes[1].Bytes(),
+ Dp: rsaKey.Precomputed.Dp.Bytes(),
+ Dq: rsaKey.Precomputed.Dq.Bytes(),
+ Crt: rsaKey.Precomputed.Qinv.Bytes(),
+ }, nil
+}
+
+func (km *rsaSSAPKCS1SignerKeyManager) NewKeyData(serializedKeyFormat []byte) (*tinkpb.KeyData, error) {
+ key, err := km.NewKey(serializedKeyFormat)
+ if err != nil {
+ return nil, err
+ }
+ serializedKey, err := proto.Marshal(key)
+ if err != nil {
+ return nil, errInvalidRSASSAPKCS1SignKeyFormat
+ }
+ return &tinkpb.KeyData{
+ TypeUrl: rsaSSAPKCS1SignerTypeURL,
+ Value: serializedKey,
+ KeyMaterialType: tinkpb.KeyData_ASYMMETRIC_PRIVATE,
+ }, nil
+}
+
+// PublicKeyData extracts the public key data from the private key.
+func (km *rsaSSAPKCS1SignerKeyManager) PublicKeyData(serializedPrivKey []byte) (*tinkpb.KeyData, error) {
+ privKey := &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{}
+ if err := proto.Unmarshal(serializedPrivKey, privKey); err != nil {
+ return nil, err
+ }
+ if privKey.GetPublicKey() == nil {
+ return nil, errInvalidRSASSAPKCS1SignKey
+ }
+ if err := keyset.ValidateKeyVersion(privKey.GetVersion(), rsaSSAPKCS1SignerKeyVersion); err != nil {
+ return nil, err
+ }
+ if err := keyset.ValidateKeyVersion(privKey.GetPublicKey().GetVersion(), rsaSSAPKCS1VerifierKeyVersion); err != nil {
+ return nil, err
+ }
+ if err := validateRSAPubKeyParams(
+ privKey.GetPublicKey().Params.HashType,
+ bytesToBigInt(privKey.GetPublicKey().GetN()).BitLen(),
+ privKey.GetPublicKey().GetE()); err != nil {
+ return nil, err
+ }
+ serializedPubKey, err := proto.Marshal(privKey.PublicKey)
+ if err != nil {
+ return nil, err
+ }
+ return &tinkpb.KeyData{
+ TypeUrl: rsaSSAPKCS1VerifierTypeURL,
+ Value: serializedPubKey,
+ KeyMaterialType: tinkpb.KeyData_ASYMMETRIC_PUBLIC,
+ }, nil
+}
+
+// DoesSupport indicates if this key manager supports the given key type.
+func (km *rsaSSAPKCS1SignerKeyManager) DoesSupport(typeURL string) bool {
+ return typeURL == rsaSSAPKCS1SignerTypeURL
+}
+
+// TypeURL returns the key type of keys managed by this key manager.
+func (km *rsaSSAPKCS1SignerKeyManager) TypeURL() string {
+ return rsaSSAPKCS1SignerTypeURL
+}
diff --git a/go/signature/rsassapkcs1_signer_key_manager_test.go b/go/signature/rsassapkcs1_signer_key_manager_test.go
new file mode 100644
index 0000000..e7b21b7
--- /dev/null
+++ b/go/signature/rsassapkcs1_signer_key_manager_test.go
@@ -0,0 +1,489 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+////////////////////////////////////////////////////////////////////////////////
+
+package signature_test
+
+import (
+ "math/big"
+ "testing"
+
+ "github.com/google/go-cmp/cmp"
+ "google.golang.org/protobuf/proto"
+ "google.golang.org/protobuf/testing/protocmp"
+ "github.com/google/tink/go/core/registry"
+ "github.com/google/tink/go/signature/internal"
+ "github.com/google/tink/go/signature"
+ "github.com/google/tink/go/subtle/random"
+ cpb "github.com/google/tink/go/proto/common_go_proto"
+ rsassapkcs1pb "github.com/google/tink/go/proto/rsa_ssa_pkcs1_go_proto"
+ tinkpb "github.com/google/tink/go/proto/tink_go_proto"
+)
+
+const (
+ rsaPKCS1PrivateKeyTypeURL = "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey"
+)
+
+func TestRSASSAPKCS1SignerKeyManagerDoesSupport(t *testing.T) {
+ // skm, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PrivateKeyTypeURL, err)
+ // }
+ skm := signature.NewRSASSAPKCS1SignerKeyManager()
+ if !skm.DoesSupport(rsaPKCS1PrivateKeyTypeURL) {
+ t.Errorf("DoesSupport(%q) = false, want true", rsaPKCS1PrivateKeyTypeURL)
+ }
+ if skm.DoesSupport("not.valid.type") {
+ t.Errorf("DoesSupport(%q) = true, want false", "not.valid.type")
+ }
+}
+
+func TestRSASSAPKCS1SignerTypeURL(t *testing.T) {
+ // skm, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PrivateKeyTypeURL, err)
+ // }
+ skm := signature.NewRSASSAPKCS1SignerKeyManager()
+ if skm.TypeURL() != rsaPKCS1PrivateKeyTypeURL {
+ t.Errorf("TypeURL() = %q, want %q", skm.TypeURL(), rsaPKCS1PrivateKeyTypeURL)
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPublicData(t *testing.T) {
+ // skm, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PrivateKeyTypeURL, err)
+ // }
+ skm := signature.NewRSASSAPKCS1SignerKeyManager()
+ privKey, err := makeValidRSAPKCS1Key()
+ if err != nil {
+ t.Fatalf("makeValidRSAPKCS1Key() err = %v, want nil", err)
+ }
+ serializedPrivate, err := proto.Marshal(privKey)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ serializedPublic, err := proto.Marshal(privKey.PublicKey)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ got, err := skm.(registry.PrivateKeyManager).PublicKeyData(serializedPrivate)
+ if err != nil {
+ t.Fatalf("PublicKeyData() err = %v, want nil", err)
+ }
+ want := &tinkpb.KeyData{
+ TypeUrl: rsaPKCS1PublicTypeURL,
+ KeyMaterialType: tinkpb.KeyData_ASYMMETRIC_PUBLIC,
+ Value: serializedPublic,
+ }
+ if !cmp.Equal(got, want, protocmp.Transform()) {
+ t.Errorf("got = %v, want = %v, with diff: %v", got, want, cmp.Diff(got, want, protocmp.Transform()))
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPublicDataFailsWithInvalidInput(t *testing.T) {
+ type testCase struct {
+ name string
+ pubKey *rsassapkcs1pb.RsaSsaPkcs1PublicKey
+ }
+ validPrivKey, err := makeValidRSAPKCS1Key()
+ if err != nil {
+ t.Fatalf("makeValidRSAPKCS1Key() err = %v, want nil", err)
+ }
+ // skm, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PrivateKeyTypeURL, err)
+ // }
+ skm := signature.NewRSASSAPKCS1SignerKeyManager()
+ for _, tc := range []testCase{
+ {
+ name: "nil public key",
+ pubKey: nil,
+ },
+ {
+ name: "invalid hash function",
+ pubKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetVersion(),
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA1,
+ },
+ N: validPrivKey.GetPublicKey().GetN(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ },
+ },
+ {
+ name: "invalid exponent",
+ pubKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetVersion(),
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ N: validPrivKey.GetPublicKey().GetN(),
+ E: []byte{0x08},
+ },
+ },
+ {
+ name: "invalid modulus",
+ pubKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetVersion(),
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ N: []byte{0x00, 0x00, 0x00},
+ E: validPrivKey.GetPublicKey().GetE(),
+ },
+ },
+ {
+ name: "invalid version",
+ pubKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetVersion() + 1,
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ N: validPrivKey.GetPublicKey().GetN(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ },
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ InvalidPub := validPrivKey
+ InvalidPub.PublicKey = tc.pubKey
+ serializedPrivateKey, err := proto.Marshal(InvalidPub)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err= %v, want nil", err)
+ }
+ if _, err := skm.(registry.PrivateKeyManager).PublicKeyData(serializedPrivateKey); err == nil {
+ t.Fatalf("PublicKeyData() err = nil, want error")
+ }
+ })
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPrimitiveSignVerify(t *testing.T) {
+ // skm, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Fatalf("registry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PrivateKeyTypeURL, err)
+ // }
+ skm := signature.NewRSASSAPKCS1SignerKeyManager()
+ privKey, err := makeValidRSAPKCS1Key()
+ if err != nil {
+ t.Fatalf("makeValidRSAPKCS1Key() err = %v, want nil", err)
+ }
+ serializedPrivate, err := proto.Marshal(privKey)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ p, err := skm.Primitive(serializedPrivate)
+ if err != nil {
+ t.Fatalf("Primitive() err = %v, want nil", err)
+ }
+ signer, ok := p.(*internal.RSA_SSA_PKCS1_Signer)
+ if !ok {
+ t.Fatalf("primitive is not of type RSA_SSA_PKCS1_Signer")
+ }
+ // vkm, err := registry.GetKeyManager(rsaPKCS1PublicTypeURL)
+ // if err != nil {
+ // t.Fatalf("regitry.GetKeyManager(%q) err = %v, want nil", rsaPKCS1PublicTypeURL, err)
+ // }
+ vkm := signature.NewRSASSAPKCS1VerifierKeyManager()
+ serializedPublic, err := proto.Marshal(privKey.PublicKey)
+ if err != nil {
+ t.Fatalf("Failed serializing public key proto: %v", err)
+ }
+ p, err = vkm.Primitive(serializedPublic)
+ if err != nil {
+ t.Fatalf("rsaSSAPKCS1VerifierKeyManager.Primitive() failed: %v", err)
+ }
+ v, ok := p.(*internal.RSA_SSA_PKCS1_Verifier)
+ if !ok {
+ t.Fatalf("primitve is not of type RSA_SSA_PKCS1_Verifier")
+ }
+ data := random.GetRandomBytes(1281)
+ signature, err := signer.Sign(data)
+ if err != nil {
+ t.Fatalf("Sign() err = %v, want nil", err)
+ }
+ if err := v.Verify(signature, data); err != nil {
+ t.Fatalf("Verify() err = %v, want nil", err)
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPrimitiveWithInvalidInputFails(t *testing.T) {
+ // km, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Errorf("cannot obtain RSASSAPKCS1Signer key manager: %s", err)
+ // }
+ km := signature.NewRSASSAPKCS1SignerKeyManager()
+ validPrivKey, err := makeValidRSAPKCS1Key()
+ if err != nil {
+ t.Fatalf("makeValidRSAPKCS1Key() err = %v, want nil", err)
+ }
+ type testCase struct {
+ name string
+ key *rsassapkcs1pb.RsaSsaPkcs1PrivateKey
+ }
+ for _, tc := range []testCase{
+ {
+ name: "empty key",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{},
+ },
+ {
+ name: "nil key",
+ key: nil,
+ },
+ {
+ name: "invalid version",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.GetVersion() + 1,
+ PublicKey: validPrivKey.GetPublicKey(),
+ D: validPrivKey.GetD(),
+ P: validPrivKey.GetP(),
+ Q: validPrivKey.GetQ(),
+ Dp: validPrivKey.GetDp(),
+ Dq: validPrivKey.GetDq(),
+ Crt: validPrivKey.GetCrt(),
+ },
+ },
+ {
+ name: "invalid hash algorithm ",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.Version,
+ PublicKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetPublicKey().GetVersion(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ N: validPrivKey.GetPublicKey().GetN(),
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA224,
+ },
+ },
+ D: validPrivKey.GetD(),
+ P: validPrivKey.GetP(),
+ Q: validPrivKey.GetQ(),
+ Dp: validPrivKey.GetDp(),
+ Dq: validPrivKey.GetDq(),
+ Crt: validPrivKey.GetCrt(),
+ },
+ },
+ {
+ name: "invalid modulus",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.Version,
+ PublicKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetPublicKey().GetVersion(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ N: []byte{3, 4, 5},
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ },
+ D: validPrivKey.GetD(),
+ P: validPrivKey.GetP(),
+ Q: validPrivKey.GetQ(),
+ Dp: validPrivKey.GetDp(),
+ Dq: validPrivKey.GetDq(),
+ Crt: validPrivKey.GetCrt(),
+ },
+ },
+ {
+ name: "invalid public key exponent",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.Version,
+ PublicKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetPublicKey().GetVersion(),
+ E: []byte{0x06},
+ N: validPrivKey.GetPublicKey().GetN(),
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ },
+ D: validPrivKey.GetD(),
+ P: validPrivKey.GetP(),
+ Q: validPrivKey.GetQ(),
+ Dp: validPrivKey.GetDp(),
+ Dq: validPrivKey.GetDq(),
+ Crt: validPrivKey.GetCrt(),
+ },
+ },
+ {
+ name: "invalid private key",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.Version,
+ PublicKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetPublicKey().GetVersion(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ N: validPrivKey.GetPublicKey().GetN(),
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ },
+ D: nil,
+ P: nil,
+ Q: nil,
+ Dp: validPrivKey.GetDp(),
+ Dq: validPrivKey.GetDq(),
+ Crt: validPrivKey.GetCrt(),
+ },
+ },
+ {
+ name: "invalid precomputed values in private key",
+ key: &rsassapkcs1pb.RsaSsaPkcs1PrivateKey{
+ Version: validPrivKey.Version,
+ PublicKey: &rsassapkcs1pb.RsaSsaPkcs1PublicKey{
+ Version: validPrivKey.GetPublicKey().GetVersion(),
+ E: validPrivKey.GetPublicKey().GetE(),
+ N: validPrivKey.GetPublicKey().GetN(),
+ Params: validPrivKey.GetPublicKey().GetParams(),
+ },
+ D: validPrivKey.GetD(),
+ P: validPrivKey.GetP(),
+ Q: validPrivKey.GetQ(),
+ Dp: nil,
+ Dq: nil,
+ Crt: nil,
+ },
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ serializedKey, err := proto.Marshal(tc.key)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ if _, err := km.Primitive(serializedKey); err == nil {
+ t.Errorf("Primitive() err = nil, want error")
+ }
+ })
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPrimitiveNewKey(t *testing.T) {
+ // km, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Errorf("cannot obtain RSASSAPKCS1Signer key manager: %s", err)
+ // }
+ km := signature.NewRSASSAPKCS1SignerKeyManager()
+ validPrivKey, err := makeValidRSAPKCS1Key()
+ if err != nil {
+ t.Fatalf("makeValidRSAPKCS1Key() err = %v, want nil", err)
+ }
+ keyFormat := &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA256,
+ },
+ ModulusSizeInBits: 3072,
+ PublicExponent: []byte{0x01, 0x00, 0x01},
+ }
+ serializedFormat, err := proto.Marshal(keyFormat)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ m, err := km.NewKey(serializedFormat)
+ if err != nil {
+ t.Fatalf("NewKey() err = %v, want nil", err)
+ }
+ privKey, ok := m.(*rsassapkcs1pb.RsaSsaPkcs1PrivateKey)
+ if !ok {
+ t.Fatalf("privateKey is not a RsaSsaPkcs1PrivateKey")
+ }
+ if privKey.GetVersion() != validPrivKey.GetVersion() {
+ t.Errorf("GetVersion() = %d, want %d", privKey.GetVersion(), validPrivKey.GetVersion())
+ }
+ wantPubKey := validPrivKey.GetPublicKey()
+ gotPubKey := privKey.GetPublicKey()
+ if gotPubKey.GetParams().GetHashType() != wantPubKey.GetParams().GetHashType() {
+ t.Errorf("GetHashType() = %v, want %v", gotPubKey.GetParams().GetHashType(), wantPubKey.GetParams().GetHashType())
+ }
+ if !cmp.Equal(gotPubKey.GetE(), wantPubKey.GetE()) {
+ t.Errorf("GetE() = %v, want %v", gotPubKey.GetE(), wantPubKey.GetE())
+ }
+ gotModSize := new(big.Int).SetBytes(gotPubKey.GetN()).BitLen()
+ if gotModSize != 3072 {
+ t.Errorf("Modulus Size = %d, want %d", gotModSize, 3072)
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPrimitiveNewKeyWithInvalidInputFails(t *testing.T) {
+ type testCase struct {
+ name string
+ format *rsassapkcs1pb.RsaSsaPkcs1KeyFormat
+ }
+ // km, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Errorf("cannot obtain RSASSAPKCS1Signer key manager: %s", err)
+ // }
+ km := signature.NewRSASSAPKCS1SignerKeyManager()
+ for _, tc := range []testCase{
+ {
+ name: "empty format",
+ format: &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{},
+ },
+ {
+ name: "invalid hash",
+ format: &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{
+ ModulusSizeInBits: 2048,
+ PublicExponent: []byte{0x01, 0x00, 0x01},
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA224,
+ },
+ },
+ },
+ {
+ name: "invalid public exponent",
+ format: &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{
+ ModulusSizeInBits: 2048,
+ PublicExponent: []byte{0x01},
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA256,
+ },
+ },
+ },
+ {
+ name: "invalid modulus size",
+ format: &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{
+ ModulusSizeInBits: 1024,
+ PublicExponent: []byte{0x01},
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA256,
+ },
+ },
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ serializedFormat, err := proto.Marshal(tc.format)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ if _, err := km.NewKey(serializedFormat); err == nil {
+ t.Fatalf("NewKey() err = nil, want error")
+ }
+ })
+ }
+}
+
+func TestRSASSAPKCS1SignerKeyManagerPrimitiveNewKeyData(t *testing.T) {
+ // km, err := registry.GetKeyManager(rsaPKCS1PrivateKeyTypeURL)
+ // if err != nil {
+ // t.Errorf("cannot obtain RSASSAPKCS1Signer key manager: %s", err)
+ // }
+ km := signature.NewRSASSAPKCS1SignerKeyManager()
+ keyFormat := &rsassapkcs1pb.RsaSsaPkcs1KeyFormat{
+ ModulusSizeInBits: 2048,
+ PublicExponent: []byte{0x01, 0x00, 0x01},
+ Params: &rsassapkcs1pb.RsaSsaPkcs1Params{
+ HashType: cpb.HashType_SHA256,
+ },
+ }
+ serializedFormat, err := proto.Marshal(keyFormat)
+ if err != nil {
+ t.Fatalf("proto.Marshal() err = %v, want nil", err)
+ }
+ keyData, err := km.NewKeyData(serializedFormat)
+ if err != nil {
+ t.Fatalf("NewKeyData() err = %v, want nil", err)
+ }
+ if keyData.GetTypeUrl() != rsaPKCS1PrivateKeyTypeURL {
+ t.Fatalf("GetTypeUrl() = %v, want %v", keyData.GetTypeUrl(), rsaPKCS1PrivateKeyTypeURL)
+ }
+ if keyData.GetKeyMaterialType() != tinkpb.KeyData_ASYMMETRIC_PRIVATE {
+ t.Fatalf("GetKeyMaterialType() = %v, want %v", keyData.GetKeyMaterialType(), tinkpb.KeyData_ASYMMETRIC_PRIVATE)
+ }
+}
diff --git a/go/signature/rsassapkcs1_verifier_key_manager.go b/go/signature/rsassapkcs1_verifier_key_manager.go
index f1f06d7..c1b8b0c 100644
--- a/go/signature/rsassapkcs1_verifier_key_manager.go
+++ b/go/signature/rsassapkcs1_verifier_key_manager.go
@@ -26,7 +26,6 @@
"github.com/google/tink/go/core/registry"
"github.com/google/tink/go/keyset"
"github.com/google/tink/go/signature/internal"
- commonpb "github.com/google/tink/go/proto/common_go_proto"
rsassapkcs1pb "github.com/google/tink/go/proto/rsa_ssa_pkcs1_go_proto"
tinkpb "github.com/google/tink/go/proto/tink_go_proto"
)
@@ -61,7 +60,6 @@
if err := keyset.ValidateKeyVersion(key.Version, rsaSSAPKCS1VerifierKeyVersion); err != nil {
return nil, err
}
-
e := new(big.Int).SetBytes(key.E)
if !e.IsInt64() {
return nil, fmt.Errorf("rsassapkcs1_verifier_key_manager: public exponent can't fit in 64 bit number")
@@ -70,7 +68,7 @@
E: int(e.Int64()),
N: new(big.Int).SetBytes(key.N),
}
- return internal.New_RSA_SSA_PKCS1_Verifier(commonpb.HashType_name[int32(key.Params.HashType)], keyData)
+ return internal.New_RSA_SSA_PKCS1_Verifier(hashName(key.Params.HashType), keyData)
}
func (km *rsaSSAPKCS1VerifierKeyManager) NewKey(serializedKeyFormat []byte) (proto.Message, error) {
