dsa 0.7.0-rc.15

Pure Rust implementation of the Digital Signature Algorithm (DSA) as specified in FIPS 186-4 (Digital Signature Standard), providing RFC6979 deterministic signatures as well as support for added entropy
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146

//!
//! Module containing the definition of the common components container
//!

use crate::{size::KeySize, two};
use crypto_bigint::{BoxedUint, NonZero, Odd};
use der::{
    self, DecodeValue, Encode, EncodeValue, Header, Length, Reader, Sequence, Tag, Writer,
    asn1::UintRef,
};
use signature::rand_core::CryptoRng;

/// The common components of an DSA keypair
///
/// (the prime p, quotient q and generator g)
#[derive(Clone, Debug, PartialEq, PartialOrd)]
#[must_use]
pub struct Components {
    /// Prime p
    p: Odd<BoxedUint>,

    /// Quotient q
    q: NonZero<BoxedUint>,

    /// Generator g
    g: NonZero<BoxedUint>,

    pub(crate) key_size: KeySize,
}

impl Components {
    /// Construct the common components container from its inner values (p, q and g)
    pub fn from_components(p: BoxedUint, q: BoxedUint, g: BoxedUint) -> signature::Result<Self> {
        let (p, q, g) = Self::adapt_components(p, q, g)?;

        let key_size = match (p.bits_precision(), q.bits_precision()) {
            #[allow(deprecated)]
            (p, q) if KeySize::DSA_1024_160.matches(p, q) => KeySize::DSA_1024_160,
            (p, q) if KeySize::DSA_2048_224.matches(p, q) => KeySize::DSA_2048_224,
            (p, q) if KeySize::DSA_2048_256.matches(p, q) => KeySize::DSA_2048_256,
            (p, q) if KeySize::DSA_3072_256.matches(p, q) => KeySize::DSA_3072_256,
            _ => return Err(signature::Error::new()),
        };

        Ok(Self { p, q, g, key_size })
    }

    /// Construct the common components container from its inner values (p, q and g)
    ///
    /// # Safety
    ///
    /// Any length of keys may be used, no checks are to be performed. You are responsible for
    /// checking the key strengths.
    #[cfg(feature = "hazmat")]
    pub fn from_components_unchecked(
        p: BoxedUint,
        q: BoxedUint,
        g: BoxedUint,
    ) -> signature::Result<Self> {
        let (p, q, g) = Self::adapt_components(p, q, g)?;
        let key_size = KeySize::other(p.bits_precision(), q.bits_precision());

        Ok(Self { p, q, g, key_size })
    }

    /// Helper method to build a [`Components`]
    fn adapt_components(
        p: BoxedUint,
        q: BoxedUint,
        g: BoxedUint,
    ) -> signature::Result<(Odd<BoxedUint>, NonZero<BoxedUint>, NonZero<BoxedUint>)> {
        let p = Odd::new(p)
            .into_option()
            .ok_or_else(signature::Error::new)?;
        let q = NonZero::new(q)
            .into_option()
            .ok_or_else(signature::Error::new)?;
        let g = NonZero::new(g)
            .into_option()
            .ok_or_else(signature::Error::new)?;

        if *p < two() || *q < two() || *g > *p {
            return Err(signature::Error::new());
        }

        Ok((p, q, g))
    }

    /// Generate a new pair of common components
    pub fn generate<R: CryptoRng + ?Sized>(rng: &mut R, key_size: KeySize) -> Self {
        let (p, q, g) = crate::generate::common_components(rng, key_size);
        Self::from_components(p.get(), q.get(), g.get())
            .expect("[Bug] Newly generated components considered invalid")
    }

    /// DSA prime p
    #[must_use]
    pub const fn p(&self) -> &Odd<BoxedUint> {
        &self.p
    }

    /// DSA quotient q
    #[must_use]
    pub const fn q(&self) -> &NonZero<BoxedUint> {
        &self.q
    }

    /// DSA generator g
    #[must_use]
    pub const fn g(&self) -> &NonZero<BoxedUint> {
        &self.g
    }
}

impl<'a> DecodeValue<'a> for Components {
    type Error = der::Error;

    fn decode_value<R: Reader<'a>>(reader: &mut R, _header: Header) -> der::Result<Self> {
        let p = reader.decode::<UintRef<'_>>()?;
        let q = reader.decode::<UintRef<'_>>()?;
        let g = reader.decode::<UintRef<'_>>()?;

        let p = BoxedUint::from_be_slice_vartime(p.as_bytes());
        let q = BoxedUint::from_be_slice_vartime(q.as_bytes());
        let g = BoxedUint::from_be_slice_vartime(g.as_bytes());

        Self::from_components(p, q, g).map_err(|_| reader.error(Tag::Integer.value_error()))
    }
}

impl EncodeValue for Components {
    fn value_len(&self) -> der::Result<Length> {
        UintRef::new(&self.p.to_be_bytes())?.encoded_len()?
            + UintRef::new(&self.q.to_be_bytes())?.encoded_len()?
            + UintRef::new(&self.g.to_be_bytes())?.encoded_len()?
    }

    fn encode_value(&self, writer: &mut impl Writer) -> der::Result<()> {
        UintRef::new(&self.p.to_be_bytes())?.encode(writer)?;
        UintRef::new(&self.q.to_be_bytes())?.encode(writer)?;
        UintRef::new(&self.g.to_be_bytes())?.encode(writer)?;
        Ok(())
    }
}

impl Sequence<'_> for Components {}