diff --git a/src/rsa.rs b/src/rsa.rs index 5ced656be..b2bd559b8 100644 --- a/src/rsa.rs +++ b/src/rsa.rs @@ -60,11 +60,17 @@ enum N {} unsafe impl bigint::PublicModulus for N {} +mod keypair; mod keypair_components; -pub mod public; +mod public_exponent; +mod public_key; +mod public_key_components; +mod public_modulus; pub(crate) mod verification; -pub(crate) mod signing; - -pub use self::keypair_components::KeyPairComponents; +pub use self::{ + keypair::KeyPair, keypair_components::KeyPairComponents, public_exponent::PublicExponent, + public_key::PublicKey, public_key_components::PublicKeyComponents, + public_modulus::PublicModulus, +}; diff --git a/src/rsa/signing.rs b/src/rsa/keypair.rs similarity index 97% rename from src/rsa/signing.rs rename to src/rsa/keypair.rs index 6410867e5..4af339fbf 100644 --- a/src/rsa/signing.rs +++ b/src/rsa/keypair.rs @@ -12,7 +12,9 @@ // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -use super::{padding::RsaEncoding, public, KeyPairComponents, N}; +use super::{ + padding::RsaEncoding, KeyPairComponents, PublicExponent, PublicKey, PublicKeyComponents, N, +}; /// RSA PKCS#1 1.5 signatures. use crate::{ @@ -23,22 +25,22 @@ use crate::{ bits, cpu, digest, error::{self, KeyRejected}, io::der, - pkcs8, rand, rsa, signature, + pkcs8, rand, signature, }; /// An RSA key pair, used for signing. -pub struct RsaKeyPair { +pub struct KeyPair { p: PrivatePrime

, q: PrivatePrime, qInv: bigint::Elem, qq: bigint::Modulus, q_mod_n: bigint::Elem, - public: public::Key, + public: PublicKey, } -derive_debug_via_field!(RsaKeyPair, stringify!(RsaKeyPair), public); +derive_debug_via_field!(KeyPair, stringify!(RsaKeyPair), public); -impl RsaKeyPair { +impl KeyPair { /// Parses an unencrypted PKCS#8-encoded RSA private key. /// /// This will generate a 2048-bit RSA private key of the correct form using @@ -156,7 +158,7 @@ impl RsaKeyPair { let qInv = nonnegative_integer(input)?; let components = KeyPairComponents { - public_key: super::public::Components { n, e }, + public_key: PublicKeyComponents { n, e }, d, p, q, @@ -221,7 +223,7 @@ impl RsaKeyPair { Private: AsRef<[u8]>, { let components = KeyPairComponents { - public_key: public::Components { + public_key: PublicKeyComponents { n: components.public_key.n.as_ref(), e: components.public_key.e.as_ref(), }, @@ -291,12 +293,12 @@ impl RsaKeyPair { // Step 1.c. We validate e >= 65537. let n = untrusted::Input::from(public_key.n); let e = untrusted::Input::from(public_key.e); - let public_key = public::Key::from_modulus_and_exponent( + let public_key = PublicKey::from_modulus_and_exponent( n, e, bits::BitLength::from_usize_bits(2048), super::PRIVATE_KEY_PUBLIC_MODULUS_MAX_BITS, - public::Exponent::_65537, + PublicExponent::_65537, cpu_features, )?; @@ -433,7 +435,7 @@ impl RsaKeyPair { } /// Returns a reference to the public key. - pub fn public(&self) -> &public::Key { + pub fn public(&self) -> &PublicKey { &self.public } @@ -447,8 +449,8 @@ impl RsaKeyPair { } } -impl signature::KeyPair for RsaKeyPair { - type PublicKey = rsa::public::Key; +impl signature::KeyPair for KeyPair { + type PublicKey = PublicKey; fn public_key(&self) -> &Self::PublicKey { self.public() @@ -542,7 +544,7 @@ unsafe impl bigint::SlightlySmallerModulus

for Q {} unsafe impl bigint::SmallerModulus for Q {} unsafe impl bigint::NotMuchSmallerModulus for Q {} -impl RsaKeyPair { +impl KeyPair { /// Sign `msg`. `msg` is digested using the digest algorithm from /// `padding_alg` and the digest is then padded using the padding algorithm /// from `padding_alg`. The signature it written into `signature`; diff --git a/src/rsa/keypair_components.rs b/src/rsa/keypair_components.rs index 6fcc2834a..66e76792a 100644 --- a/src/rsa/keypair_components.rs +++ b/src/rsa/keypair_components.rs @@ -1,10 +1,10 @@ -use super::public; +use super::PublicKeyComponents; /// RSA key pair components. #[derive(Clone, Copy)] pub struct KeyPairComponents { /// The public key components. - pub public_key: super::public::Components, + pub public_key: PublicKeyComponents, /// The private exponent. pub d: Private, @@ -27,11 +27,11 @@ pub struct KeyPairComponents { impl core::fmt::Debug for KeyPairComponents where - public::Components: core::fmt::Debug, + PublicKeyComponents: core::fmt::Debug, { fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> Result<(), core::fmt::Error> { // Non-public components are intentionally skipped - f.debug_struct("Components") + f.debug_struct("KeyPairComponents") .field("public_key", &self.public_key) .finish() } diff --git a/src/rsa/padding.rs b/src/rsa/padding.rs index 06fce7032..fad2ffe45 100644 --- a/src/rsa/padding.rs +++ b/src/rsa/padding.rs @@ -148,7 +148,7 @@ macro_rules! rsa_pkcs1_padding { // don't currently have. But, it's a bad idea to use SHA-1 anyway, so perhaps // we just won't ever expose it. rsa_pkcs1_padding!( - pub(in super) RSA_PKCS1_SHA1_FOR_LEGACY_USE_ONLY, + pub(super) RSA_PKCS1_SHA1_FOR_LEGACY_USE_ONLY, &digest::SHA1_FOR_LEGACY_USE_ONLY, &SHA1_PKCS1_DIGESTINFO_PREFIX, "PKCS#1 1.5 padding using SHA-1 for RSA signatures." diff --git a/src/rsa/public.rs b/src/rsa/public.rs deleted file mode 100644 index 19c42b326..000000000 --- a/src/rsa/public.rs +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2021 Brian Smith. -// -// Permission to use, copy, modify, and/or distribute this software for any -// purpose with or without fee is hereby granted, provided that the above -// copyright notice and this permission notice appear in all copies. -// -// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHORS DISCLAIM ALL WARRANTIES -// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY -// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION -// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN -// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -//! RSA public keys. - -mod components; -mod exponent; -mod key; -mod modulus; - -pub use {components::Components, exponent::Exponent, key::Key, modulus::Modulus}; diff --git a/src/rsa/public/exponent.rs b/src/rsa/public_exponent.rs similarity index 82% rename from src/rsa/public/exponent.rs rename to src/rsa/public_exponent.rs index 0ff6485d5..c6744cd7b 100644 --- a/src/rsa/public/exponent.rs +++ b/src/rsa/public_exponent.rs @@ -4,16 +4,16 @@ use core::num::NonZeroU64; /// The exponent `e` of an RSA public key. #[derive(Clone, Copy, Debug)] -pub struct Exponent(NonZeroU64); +pub struct PublicExponent(NonZeroU64); -impl Exponent { +impl PublicExponent { #[cfg(test)] const ALL_CONSTANTS: [Self; 3] = [Self::_3, Self::_65537, Self::MAX]; // TODO: Use `NonZeroU64::new(...).unwrap()` when `feature(const_panic)` is // stable. - pub(in super::super) const _3: Self = Self(unsafe { NonZeroU64::new_unchecked(3) }); - pub(in super::super) const _65537: Self = Self(unsafe { NonZeroU64::new_unchecked(65537) }); + pub(super) const _3: Self = Self(unsafe { NonZeroU64::new_unchecked(3) }); + pub(super) const _65537: Self = Self(unsafe { NonZeroU64::new_unchecked(65537) }); // This limit was chosen to bound the performance of the simple // exponentiation-by-squaring implementation in `elem_exp_vartime`. In @@ -35,7 +35,7 @@ impl Exponent { input: untrusted::Input, min_value: Self, ) -> Result { - // See `public::Key::from_modulus_and_exponent` for background on the step + // See `PublicKey::from_modulus_and_exponent` for background on the step // numbering. if input.len() > 5 { @@ -91,7 +91,7 @@ impl Exponent { LeadingZerosStripped::new(bytes) } - pub(in super::super) fn value(self) -> NonZeroU64 { + pub(super) fn value(self) -> NonZeroU64 { self.0 } } @@ -103,19 +103,21 @@ mod tests { #[test] fn test_public_exponent_debug() { - let exponent = - Exponent::from_be_bytes(untrusted::Input::from(&[0x1, 0x00, 0x01]), Exponent::_65537) - .unwrap(); - assert_eq!("Exponent(65537)", format!("{:?}", exponent)); + let exponent = PublicExponent::from_be_bytes( + untrusted::Input::from(&[0x1, 0x00, 0x01]), + PublicExponent::_65537, + ) + .unwrap(); + assert_eq!("PublicExponent(65537)", format!("{:?}", exponent)); } #[test] fn test_public_exponent_constants() { - for value in Exponent::ALL_CONSTANTS.iter() { + for value in PublicExponent::ALL_CONSTANTS.iter() { let value: u64 = value.0.into(); assert_eq!(value & 1, 1); - assert!(value >= Exponent::_3.0.into()); // The absolute minimum. - assert!(value <= Exponent::MAX.0.into()); + assert!(value >= PublicExponent::_3.0.into()); // The absolute minimum. + assert!(value <= PublicExponent::MAX.0.into()); } } } diff --git a/src/rsa/public/key.rs b/src/rsa/public_key.rs similarity index 88% rename from src/rsa/public/key.rs rename to src/rsa/public_key.rs index 038531795..cb469d59f 100644 --- a/src/rsa/public/key.rs +++ b/src/rsa/public_key.rs @@ -12,10 +12,7 @@ // OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN // CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -use super::{ - super::{N, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN}, - Exponent, Modulus, -}; +use super::{PublicExponent, PublicModulus, N, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN}; use crate::{ arithmetic::bigint, bits, cpu, error, @@ -26,22 +23,22 @@ use alloc::boxed::Box; /// An RSA Public Key. #[derive(Clone)] -pub struct Key { - n: Modulus, - e: Exponent, +pub struct PublicKey { + n: PublicModulus, + e: PublicExponent, serialized: Box<[u8]>, cpu_features: cpu::Features, } -derive_debug_self_as_ref_hex_bytes!(Key); +derive_debug_self_as_ref_hex_bytes!(PublicKey); -impl Key { - pub(in super::super) fn from_modulus_and_exponent( +impl PublicKey { + pub(super) fn from_modulus_and_exponent( n: untrusted::Input, e: untrusted::Input, n_min_bits: bits::BitLength, n_max_bits: bits::BitLength, - e_min_value: Exponent, + e_min_value: PublicExponent, cpu_features: cpu::Features, ) -> Result { let n_bytes = n; @@ -56,9 +53,9 @@ impl Key { // and one set lettered. TODO: Document this in the end-user // documentation for RSA keys. - let n = Modulus::from_be_bytes(n, n_min_bits..=n_max_bits, cpu_features)?; + let n = PublicModulus::from_be_bytes(n, n_min_bits..=n_max_bits, cpu_features)?; - let e = Exponent::from_be_bytes(e, e_min_value)?; + let e = PublicExponent::from_be_bytes(e, e_min_value)?; // If `n` is less than `e` then somebody has probably accidentally swapped // them. The largest acceptable `e` is smaller than the smallest acceptable @@ -89,13 +86,13 @@ impl Key { /// The public modulus. #[inline] - pub fn n(&self) -> &Modulus { + pub fn n(&self) -> &PublicModulus { &self.n } /// The public exponent. #[inline] - pub fn e(&self) -> Exponent { + pub fn e(&self) -> PublicExponent { self.e } @@ -106,7 +103,7 @@ impl Key { /// /// The result will be a slice of the encoded bytes of the result within /// `out_buffer`, if successful. - pub(in super::super) fn exponentiate<'out>( + pub(super) fn exponentiate<'out>( &self, base: untrusted::Input, out_buffer: &'out mut [u8; PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN], @@ -137,20 +134,20 @@ impl Key { /// Calculates base**e (mod n). /// /// This is constant-time with respect to `base` only. - pub(in super::super) fn exponentiate_elem(&self, base: bigint::Elem) -> bigint::Elem { + pub(super) fn exponentiate_elem(&self, base: bigint::Elem) -> bigint::Elem { let n = self.n.value(); let base = bigint::elem_mul(n.oneRR().as_ref(), base, n); // During RSA public key operations the exponent is almost always either // 65537 (0b10000000000000001) or 3 (0b11), both of which have a Hamming // weight of 2. The maximum bit length and maximum Hamming weight of the - // exponent is bounded by the value of `public::Exponent::MAX`. + // exponent is bounded by the value of `PublicExponent::MAX`. bigint::elem_exp_vartime(base, self.e.value(), &n.as_partial()).into_unencoded(n) } } // XXX: Refactor `signature::KeyPair` to get rid of this. -impl AsRef<[u8]> for Key { +impl AsRef<[u8]> for PublicKey { fn as_ref(&self) -> &[u8] { &self.serialized } diff --git a/src/rsa/public/components.rs b/src/rsa/public_key_components.rs similarity index 90% rename from src/rsa/public/components.rs rename to src/rsa/public_key_components.rs index f6a332afc..29719e713 100644 --- a/src/rsa/public/components.rs +++ b/src/rsa/public_key_components.rs @@ -16,7 +16,7 @@ /// /// `B` must implement `AsRef<[u8]>` like `&[u8]` or `Vec`. #[derive(Clone, Copy)] -pub struct Components { +pub struct PublicKeyComponents { /// The public modulus, encoded in big-endian bytes without leading zeros. pub n: B, @@ -24,12 +24,12 @@ pub struct Components { pub e: B, } -impl core::fmt::Debug for Components +impl core::fmt::Debug for PublicKeyComponents where B: core::fmt::Debug, { fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> Result<(), core::fmt::Error> { - f.debug_struct("Components") + f.debug_struct("PublicKeyComponents") .field("n", &self.n) .field("e", &self.e) .finish() diff --git a/src/rsa/public/modulus.rs b/src/rsa/public_modulus.rs similarity index 90% rename from src/rsa/public/modulus.rs rename to src/rsa/public_modulus.rs index 03b70bda4..b6174225a 100644 --- a/src/rsa/public/modulus.rs +++ b/src/rsa/public_modulus.rs @@ -3,24 +3,24 @@ use core::ops::RangeInclusive; /// The modulus (n) of an RSA public key. #[derive(Clone)] -pub struct Modulus { +pub struct PublicModulus { value: bigint::Modulus, bits: bits::BitLength, } -impl core::fmt::Debug for Modulus { +impl core::fmt::Debug for PublicModulus { fn fmt(&self, fmt: &mut ::core::fmt::Formatter) -> Result<(), ::core::fmt::Error> { self.value.fmt(fmt) } } -impl Modulus { +impl PublicModulus { pub(super) fn from_be_bytes( n: untrusted::Input, allowed_bit_lengths: RangeInclusive, cpu_features: cpu::Features, ) -> Result { - // See `public::Key::from_modulus_and_exponent` for background on the step + // See `PublicKey::from_modulus_and_exponent` for background on the step // numbering. let min_bits = *allowed_bit_lengths.start(); @@ -64,7 +64,7 @@ impl Modulus { self.bits } - pub(in super::super) fn value(&self) -> &bigint::Modulus { + pub(super) fn value(&self) -> &bigint::Modulus { &self.value } } diff --git a/src/rsa/verification.rs b/src/rsa/verification.rs index 7024ea424..9d765f84c 100644 --- a/src/rsa/verification.rs +++ b/src/rsa/verification.rs @@ -14,7 +14,9 @@ //! Verification of RSA signatures. -use super::{parse_public_key, public, RsaParameters, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN}; +use super::{ + parse_public_key, PublicExponent, PublicKey, RsaParameters, PUBLIC_KEY_PUBLIC_MODULUS_MAX_LEN, +}; use crate::{bits, cpu, digest, error, sealed, signature}; impl signature::VerificationAlgorithm for RsaParameters { @@ -142,9 +144,9 @@ rsa_params!( `ring::signature`'s module-level documentation for more details." ); -pub use super::public::Components as RsaPublicKeyComponents; +pub use super::PublicKeyComponents as RsaPublicKeyComponents; -impl super::public::Components +impl super::PublicKeyComponents where B: AsRef<[u8]>, { @@ -199,12 +201,12 @@ pub(crate) fn verify_rsa_( // exponent value is 2**16 + 1, but it isn't clear if this is just for // signing or also for verification. We support exponents of 3 and larger // for compatibility with other commonly-used crypto libraries. - let key = public::Key::from_modulus_and_exponent( + let key = PublicKey::from_modulus_and_exponent( n, e, params.min_bits, max_bits, - public::Exponent::_3, + PublicExponent::_3, cpu::features(), )?; diff --git a/src/signature.rs b/src/signature.rs index 08cbbd9a2..7610c8caa 100644 --- a/src/signature.rs +++ b/src/signature.rs @@ -191,16 +191,16 @@ //! ``` //! //! ``` -//! use ring::{rand, signature}; +//! use ring::{rand, rsa, signature}; //! //! # #[cfg(feature = "std")] //! fn sign_and_verify_rsa(private_key_path: &std::path::Path, //! public_key_path: &std::path::Path) //! -> Result<(), MyError> { -//! // Create an `RsaKeyPair` from the DER-encoded bytes. This example uses +//! // Create an RSA keypair from the DER-encoded bytes. This example uses //! // a 2048-bit key, but larger keys are also supported. //! let private_key_der = read_file(private_key_path)?; -//! let key_pair = signature::RsaKeyPair::from_der(&private_key_der) +//! let key_pair = rsa::KeyPair::from_der(&private_key_der) //! .map_err(|_| MyError::BadPrivateKey)?; //! //! // Sign the message "hello, world", using PKCS#1 v1.5 padding and the @@ -282,7 +282,6 @@ pub use crate::rsa::{ RsaEncoding, RSA_PKCS1_SHA256, RSA_PKCS1_SHA384, RSA_PKCS1_SHA512, RSA_PSS_SHA256, RSA_PSS_SHA384, RSA_PSS_SHA512, }, - signing::RsaKeyPair, verification::{ RsaPublicKeyComponents, RSA_PKCS1_1024_8192_SHA1_FOR_LEGACY_USE_ONLY, RSA_PKCS1_1024_8192_SHA256_FOR_LEGACY_USE_ONLY, @@ -294,6 +293,11 @@ pub use crate::rsa::{ RsaParameters, }; +/// An RSA key pair, used for signing. +#[cfg(feature = "alloc")] +#[deprecated = "Use `rsa::KeyPair`"] +pub type RsaKeyPair = crate::rsa::KeyPair; + /// A public key signature returned from a signing operation. #[derive(Clone, Copy)] pub struct Signature { diff --git a/tests/rsa_test_public_key_2048_debug.txt b/tests/rsa_test_public_key_2048_debug.txt index b788ee45c..659d6ee49 100644 --- a/tests/rsa_test_public_key_2048_debug.txt +++ b/tests/rsa_test_public_key_2048_debug.txt @@ -1 +1 @@ -Key("3082010a0282010100c8a78500a5a250db8ed36c85b8dcf83c4be1953114faaac7616e0ea24922fa6b7ab01f85582c815cc3bdeb5ed46762bc536accaa8b72705b00cef316b2ec508fb9697241b9e34238419cccf7339eeb8b062147af4f5932f613d9bc0ae70bf6d56d4432e83e13767587531bfa9dd56531741244be75e8bc9226b9fa44b4b8a101358d7e8bb75d0c724a4f11ece77776263faefe79612eb1d71646e77e8982866be1400eafc3580d3139b41aaa7380187372f22e35bd55b288496165c881ed154d5811245c52d56cc09d4916d4f2a50bcf5ae0a2637f4cfa6bf9daafc113dba8383b6dd7da6dd8db22d8510a8d3115983308909a1a0332517aa55e896e154249b30203010001") \ No newline at end of file +PublicKey("3082010a0282010100c8a78500a5a250db8ed36c85b8dcf83c4be1953114faaac7616e0ea24922fa6b7ab01f85582c815cc3bdeb5ed46762bc536accaa8b72705b00cef316b2ec508fb9697241b9e34238419cccf7339eeb8b062147af4f5932f613d9bc0ae70bf6d56d4432e83e13767587531bfa9dd56531741244be75e8bc9226b9fa44b4b8a101358d7e8bb75d0c724a4f11ece77776263faefe79612eb1d71646e77e8982866be1400eafc3580d3139b41aaa7380187372f22e35bd55b288496165c881ed154d5811245c52d56cc09d4916d4f2a50bcf5ae0a2637f4cfa6bf9daafc113dba8383b6dd7da6dd8db22d8510a8d3115983308909a1a0332517aa55e896e154249b30203010001") \ No newline at end of file diff --git a/tests/rsa_tests.rs b/tests/rsa_tests.rs index 6768652e8..c0bc11615 100644 --- a/tests/rsa_tests.rs +++ b/tests/rsa_tests.rs @@ -39,7 +39,7 @@ fn rsa_from_pkcs8_test() { let input = test_case.consume_bytes("Input"); let error = test_case.consume_optional_string("Error"); - match (signature::RsaKeyPair::from_pkcs8(&input), error) { + match (rsa::KeyPair::from_pkcs8(&input), error) { (Ok(_), None) => {} (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), @@ -73,7 +73,7 @@ fn test_signature_rsa_pkcs1_sign() { let expected = test_case.consume_bytes("Sig"); let result = test_case.consume_string("Result"); - let key_pair = signature::RsaKeyPair::from_der(&private_key); + let key_pair = rsa::KeyPair::from_der(&private_key); if result == "Fail-Invalid-Key" { assert!(key_pair.is_err()); return Ok(()); @@ -111,7 +111,7 @@ fn test_signature_rsa_pss_sign() { let result = test_case.consume_string("Result"); let private_key = test_case.consume_bytes("Key"); - let key_pair = signature::RsaKeyPair::from_der(&private_key); + let key_pair = rsa::KeyPair::from_der(&private_key); if key_pair.is_err() && result == "Fail-Invalid-Key" { return Ok(()); } @@ -142,7 +142,7 @@ fn test_signature_rsa_pkcs1_sign_output_buffer_len() { const PRIVATE_KEY_DER: &[u8] = include_bytes!("../src/rsa/signature_rsa_example_private_key.der"); - let key_pair = signature::RsaKeyPair::from_der(PRIVATE_KEY_DER).unwrap(); + let key_pair = rsa::KeyPair::from_der(PRIVATE_KEY_DER).unwrap(); // The output buffer is one byte too short. let mut signature = vec![0; key_pair.public().n().len_bits().as_usize_bytes_rounded_up() - 1]; @@ -319,11 +319,11 @@ fn test_signature_rsa_primitive_verification() { fn rsa_test_keypair_coverage() { const PRIVATE_KEY: &[u8] = include_bytes!("rsa_test_private_key_2048.p8"); - let key_pair = signature::RsaKeyPair::from_pkcs8(PRIVATE_KEY).unwrap(); + let key_pair = rsa::KeyPair::from_pkcs8(PRIVATE_KEY).unwrap(); - // Test that `signature::KeyPair::PublicKey` is `rsa::public::Key`; if it + // Test that `signature::KeyPair::PublicKey` is `rsa::PublicKey`; if it // were a separate type then it would need to be tested separately. - let _: &rsa::public::Key = key_pair.public_key(); + let _: &rsa::PublicKey = key_pair.public_key(); test_public_key_coverage(key_pair.public()); // Test clones. @@ -336,7 +336,7 @@ fn rsa_test_keypair_coverage() { ); } -fn test_public_key_coverage(key: &rsa::public::Key) { +fn test_public_key_coverage(key: &rsa::PublicKey) { // Test `AsRef<[u8]>` const PUBLIC_KEY: &[u8] = include_bytes!("rsa_test_public_key_2048.der"); assert_eq!(key.as_ref(), PUBLIC_KEY);