feature: rsassa_pss_sign + rsassa_pss_verify

Author: NegaScout

src/rsa.jl

@@ -189,6 +189,27 @@ function rsaes_pkvs1_v1_5_decrypt(C::String, key::RSAPrivateKey)
     return m
 end
 
+function rsassa_pss_sign(M::Vector{UInt8}, key::RSAPrivateKey)
+    modBits = Base.GMP.MPZ.sizeinbase(key.modulus, 2)
+    EM = emsa_pss_encode(M, modBits - 1)
+    m = OS2IP(EM)
+    s = RSASP1(pkcs1_v1_5, m, key)
+    k = (modBits/8) |> ceil |> Integer
+    S = I2OSP(s, k)
+    return S
+end
+
+function rsassa_pss_verify(M::Vector{UInt8}, S::Vector{UInt8}, key::RSAPublicKey)
+    length(S) !=  k && error("invalid signature") |> throw
+    s = OS2IP(S)
+    m = RSAVP1(pkcs1_v1_5, s, key)
+    modBits = Base.GMP.MPZ.sizeinbase(key.modulus, 2)
+    emLen = ceil((modBits - 1)/8) |> Integer
+    EM = I2OSP(m, emLen)
+    result = emsa_pss_verify(M, EM, modBits - 1)
+    return result
+end
+
 """
     encrypt(::pkcs1_v1_5_t,
             msg::Union{AbstractString,AbstractVector},

test/rsa.jl

@@ -126,3 +126,12 @@ end
     ret = ToyPublicKeys.rsaes_oaep_decrypt(C, private_key)
     @test ret == msg
 end
+
+@testset "rsassa_pss_verify(rsassa_pss_sign) is true" begin
+    Random.seed!(42)
+    private_key, public_key = ToyPublicKeys.generate_rsa_key_pair(ToyPublicKeys.pkcs1_v1_5, 2048)
+    msg = Vector{UInt8}("123")
+    signature = ToyPublicKeys.rsassa_pss_sign(msg, private_key)
+    valid = ToyPublicKeys.rsassa_pss_verify(C, public_key)
+    @test valid == true
+end