There will be an interim period where most of the code in
`ring::rsa::bigint` is only used during RSA signing, but eventually
a good chunk of it is likely to be used for RSA verification. Let's
deal with the conditional compilation after the dust from that settles,
so that we don't litter this module with dozens of
`#[cfg(feature = "rsa_signing")]`s.
Instead of every padding verification implementation and every padding
encoding implementation doing the digesting, have `sign()` and
`verify()` to it themselves.
When we first implemented PKCS#1 1.5 signature verification we had not
implemented signature generation, so we implemented verification by
parsing the padding. Now that we have generation we can save some code
and arguably make verification safer. Also, this is the way RFC 3447
recommends to do it.
Oxidize/restore special-case handling for `0b100...` range bounds,
lost when OpenSSL code was oxidized, and move RSA blinding param
generation out of limb.rs and into its own module.
I agree to license my contributions to each file under the terms
given at the top of each file I changed.
[The code was reordered and slightly tweaked by me before it was
commited. - Brian]
Expose `RSAEncoding` in the public API so that users of *ring* can use
it in type signatures. Add an "RSA" prefix to the exported types, since
they will be exported from `ring::signature`. Modify RSA tests to use
only the public API so as to ensure that enough of the API is public.
Besides improving type safety generally, this fixes a bug in RSA PSS
signing where the wrong value of `mod_bits` was being passed to
`Encoding::encode()`.
- Refactor Encoding trait to be randomised.
- Add RSA-PSS signing test cases.
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
Output the extra leading zero byte when necessary.
Rename parameters in the `Encoding` interface to match the
specification and update the implementations to use the updated
variable names.
