feature: rsassa_pss_sign + rsassa_pss_verify

NegaScout · NegaScout · commit 6a1d139fe07c · 2025-03-18T16:04:23.000+01:00
diff --git a/src/rsa.jl b/src/rsa.jl
@@ -189,6 +189,28 @@ function rsaes_pkvs1_v1_5_decrypt(C::String, key::RSAPrivateKey)
     return m
 end
 
+function rsassa_pss_sign(M::Vector{UInt8}, key::RSAPrivateKey)
+    modBits = Base.GMP.MPZ.sizeinbase(key.modulus, 2)
+    EM = emsa_pss_encode(M, modBits - 1)
+    m = OS2IP(EM)
+    s = RSASP1(pkcs1_v1_5, m, key)
+    k = (modBits/8) |> ceil |> Integer
+    S = I2OSP(s, k)
+    return S
+end
+
+function rsassa_pss_verify(M::Vector{UInt8}, S::Vector{UInt8}, key::RSAPublicKey)
+    modBits = Base.GMP.MPZ.sizeinbase(key.modulus, 2)
+    k = (modBits/8) |> ceil |> Integer
+    length(S) !=  k && error("invalid signature") |> throw
+    s = OS2IP(S)
+    m = RSAVP1(pkcs1_v1_5, s, key)
+    emLen = ceil((modBits - 1)/8) |> Integer
+    EM = I2OSP(m, emLen)
+    result = emsa_pss_verify(M, EM, modBits - 1)
+    return result
+end
+
 """
     encrypt(::pkcs1_v1_5_t,
             msg::Union{AbstractString,AbstractVector},
diff --git a/test/rsa.jl b/test/rsa.jl
@@ -126,3 +126,12 @@ end
     ret = ToyPublicKeys.rsaes_oaep_decrypt(C, private_key)
     @test ret == msg
 end
+
+@testset "rsassa_pss_verify(rsassa_pss_sign) is true" begin
+    Random.seed!(42)
+    private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
+    M = Vector{UInt8}("123")
+    S = ToyPublicKeys.rsassa_pss_sign(M, private_key)
+    valid = ToyPublicKeys.rsassa_pss_verify(M, S, public_key)
+    @test valid == true
+end
