Skip to content

Initial key trait refactor#35

Closed
str4d wants to merge 2 commits intoRustCrypto:masterfrom
str4d:key-trait-refactor
Closed

Initial key trait refactor#35
str4d wants to merge 2 commits intoRustCrypto:masterfrom
str4d:key-trait-refactor

Conversation

@str4d
Copy link
Contributor

@str4d str4d commented Jan 4, 2020
edited
Loading

This is part of #32, and a precursor for #34.

The new trait structure:

  • PublicKeyParts - provides access to the modulus, exponent, and size.
  • EncryptionPrimitive - raw RSA encryption, for implementers.
  • DecryptionPrimitive - raw RSA decryption, for implementers.
  • PublicKey: EncryptionPrimitive + PublicKeyParts - the public key API for users. Home to encrypt and verify functions.
  • PrivateKey: DecryptionPrimitive + PublicKeyParts - the private key API for users. Will eventually be home to decrypt and sign functions.

str4d added 2 commits January 2, 2020 22:47
@str4d
Introduce raw::{DecryptionPrimitive, EncryptionPrimitive}
819f79f
@str4d
Introduce key::{PrivateKey, PublicKeyParts}
8c45b3f 
RSAPrivateKey no longer implements PublicKey. Instead,
RSAPublicKey::from(RSAPrivateKey) should be used to obtain a public key.
@str4d
Copy link
Contributor Author

str4d commented Jan 4, 2020

Note that PrivateKey here is an abstraction over a private key. In the case of a hardware token, the concrete implementation would hold the modulus, exponent, and e.g. an active connection to the hardware token. This is a different abstraction compared to e.g. having a SigningBackend trait as suggested in #34 (comment).

@str4d
Copy link
Contributor Author

str4d commented Jan 4, 2020

A subsequent refactor would either modify PublicKey::verify to take a typed Signature, or split it into concrete functions like PublicKey::{verify_pkcs1v15, verify_pss} (and similarly for PrivateKey::sign). These are the two directions I mention in #34 (comment).

dignifiedquire
dignifiedquire reviewed Mar 6, 2020
View reviewed changes
src/lib.rs
//! let bits = 2048;
//! let key = RSAPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
//! let private_key = RSAPrivateKey::new(&mut rng, bits).expect("failed to generate a key");
//! let public_key = RSAPublicKey::from(private_key.clone());
Copy link
Member

@dignifiedquire dignifiedquire Mar 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should probably work without calling clone, as this means duplicating a bunch of secrets, when we actually only want the public parts

@dignifiedquire dignifiedquire mentioned this pull request Mar 6, 2020
Merged
@dignifiedquire
Copy link
Member

dignifiedquire commented Mar 6, 2020

Merged in #42

@str4d str4d deleted the key-trait-refactor branch March 10, 2020 10:32
@tarcieri tarcieri mentioned this pull request Jun 10, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dignifiedquire dignifiedquire dignifiedquire left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@str4d @dignifiedquire