serdect support for oaep and pss structs

RustCrypto · Mar 22, 2024 · 2e57bb3 · 2e57bb3
1 parent 56fcb4b
commit 2e57bb3
Show file tree

Hide file tree

Showing 6 changed files with 145 additions and 1 deletion.
diff --git a/src/oaep/decrypting_key.rs b/src/oaep/decrypting_key.rs
@@ -8,6 +8,8 @@ use alloc::{
     string::{String, ToString},
     vec::Vec,
 };
+#[cfg(feature = "serde")]
+use serde::{Deserialize, Serialize};
 use core::marker::PhantomData;
 use digest::{Digest, FixedOutputReset};
 use rand_core::CryptoRngCore;
@@ -17,6 +19,7 @@ use zeroize::ZeroizeOnDrop;
 ///
 /// [RFC8017 § 7.1]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1
 #[derive(Debug, Clone)]
+#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
 pub struct DecryptingKey<D, MGD = D>
 where
     D: Digest,

diff --git a/src/oaep/encrypting_key.rs b/src/oaep/encrypting_key.rs
@@ -4,6 +4,8 @@ use alloc::{
     string::{String, ToString},
     vec::Vec,
 };
+#[cfg(feature = "serde")]
+use serde::{Deserialize, Serialize};
 use core::marker::PhantomData;
 use digest::{Digest, FixedOutputReset};
 use rand_core::CryptoRngCore;
@@ -12,6 +14,7 @@ use rand_core::CryptoRngCore;
 ///
 /// [RFC8017 § 7.1]: https://datatracker.ietf.org/doc/html/rfc8017#section-7.1
 #[derive(Debug, Clone)]
+#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
 pub struct EncryptingKey<D, MGD = D>
 where
     D: Digest,

diff --git a/src/pss/blinded_signing_key.rs b/src/pss/blinded_signing_key.rs
@@ -15,7 +15,12 @@ use signature::{
     hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner,
 };
 use zeroize::ZeroizeOnDrop;
-
+#[cfg(feature = "serde")]
+use {
+    pkcs8::PrivateKeyInfo,
+    serdect::serde::{de, ser, Deserialize, Serialize},
+    spki::der::Decode,
+};
 /// Signing key for producing "blinded" RSASSA-PSS signatures as described in
 /// [draft-irtf-cfrg-rsa-blind-signatures](https://datatracker.ietf.org/doc/draft-irtf-cfrg-rsa-blind-signatures/).
 #[derive(Debug, Clone)]
@@ -198,3 +203,34 @@ where
 }
 
 impl<D> ZeroizeOnDrop for BlindedSigningKey<D> where D: Digest {}
+
+#[cfg(feature = "serde")]
+impl<D> Serialize for BlindedSigningKey<D>
+where
+    D: Digest,
+{
+    fn serialize<S>(&self, serializer: S) -> core::result::Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        let der = self.inner.to_pkcs8_der().map_err(ser::Error::custom)?;
+        serdect::slice::serialize_hex_lower_or_bin(&der.as_bytes(), serializer)
+    }
+}
+
+#[cfg(feature = "serde")]
+impl<'de, D> Deserialize<'de> for BlindedSigningKey<D>
+where
+    D: Digest + AssociatedOid,
+{
+    fn deserialize<De>(deserializer: De) -> core::result::Result<Self, De::Error>
+    where
+        De: serde::Deserializer<'de>,
+    {
+        let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?;
+        let pki = PrivateKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?;
+        RsaPrivateKey::try_from(pki)
+            .map_err(de::Error::custom)
+            .map(Self::new)
+    }
+}
diff --git a/src/pss/signature.rs b/src/pss/signature.rs
@@ -3,6 +3,8 @@
 use crate::algorithms::pad::uint_to_be_pad;
 use ::signature::SignatureEncoding;
 use alloc::{boxed::Box, string::ToString};
+#[cfg(feature = "serde")]
+use serdect::serde::{Deserialize, Serialize};
 use core::fmt::{Debug, Display, Formatter, LowerHex, UpperHex};
 use num_bigint::BigUint;
 use spki::{
@@ -73,3 +75,29 @@ impl Display for Signature {
         write!(f, "{:X}", self)
     }
 }
+
+#[cfg(feature = "serde")]
+impl Serialize for Signature {
+    fn serialize<S>(&self, serializer: S) -> core::result::Result<S::Ok, S::Error>
+    where
+        S: serdect::serde::Serializer,
+    {
+        serdect::slice::serialize_hex_lower_or_bin(&self.inner.to_bytes_be(), serializer)
+    }
+}
+
+#[cfg(feature = "serde")]
+impl<'de> Deserialize<'de> for Signature {
+    fn deserialize<D>(deserializer: D) -> core::result::Result<Self, D::Error>
+    where
+        D: serdect::serde::Deserializer<'de>,
+    {
+        let bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?;
+        let inner = BigUint::from_bytes_be(&bytes);
+
+        Ok(Self {
+            inner,
+            len: bytes.len(),
+        })
+    }
+}
diff --git a/src/pss/signing_key.rs b/src/pss/signing_key.rs
@@ -15,6 +15,12 @@ use signature::{
     hazmat::RandomizedPrehashSigner, Keypair, RandomizedDigestSigner, RandomizedSigner,
 };
 use zeroize::ZeroizeOnDrop;
+#[cfg(feature = "serde")]
+use {
+    pkcs8::PrivateKeyInfo,
+    serdect::serde::{de, ser, Deserialize, Serialize},
+    spki::der::Decode,
+};
 
 #[cfg(feature = "getrandom")]
 use {
@@ -220,3 +226,34 @@ where
 }
 
 impl<D> ZeroizeOnDrop for SigningKey<D> where D: Digest {}
+
+#[cfg(feature = "serde")]
+impl<D> Serialize for SigningKey<D>
+where
+    D: Digest,
+{
+    fn serialize<S>(&self, serializer: S) -> core::result::Result<S::Ok, S::Error>
+    where
+        S: serdect::serde::Serializer,
+    {
+        let der = self.inner.to_pkcs8_der().map_err(ser::Error::custom)?;
+        serdect::slice::serialize_hex_lower_or_bin(&der.as_bytes(), serializer)
+    }
+}
+
+#[cfg(feature = "serde")]
+impl<'de, D> Deserialize<'de> for SigningKey<D>
+where
+    D: Digest + AssociatedOid,
+{
+    fn deserialize<De>(deserializer: De) -> core::result::Result<Self, De::Error>
+    where
+        De: serdect::serde::Deserializer<'de>,
+    {
+        let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?;
+        let pki = PrivateKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?;
+        RsaPrivateKey::try_from(pki)
+            .map_err(de::Error::custom)
+            .map(Self::new)
+    }
+}
diff --git a/src/pss/verifying_key.rs b/src/pss/verifying_key.rs
@@ -7,6 +7,12 @@ use pkcs8::{
     Document, EncodePublicKey,
 };
 use signature::{hazmat::PrehashVerifier, DigestVerifier, Verifier};
+#[cfg(feature = "serde")]
+use {
+    pkcs8::{AssociatedOid, SubjectPublicKeyInfo},
+    serdect::serde::{de, ser, Deserialize, Serialize},
+    spki::der::Decode,
+};
 
 /// Verifying key for checking the validity of RSASSA-PSS signatures as
 /// described in [RFC8017 § 8.1].
@@ -156,3 +162,34 @@ where
         key.inner
     }
 }
+
+#[cfg(feature = "serde")]
+impl<D> Serialize for VerifyingKey<D>
+where
+    D: Digest,
+{
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        let der = self.inner.to_public_key_der().map_err(ser::Error::custom)?;
+        serdect::slice::serialize_hex_lower_or_bin(&der, serializer)
+    }
+}
+
+#[cfg(feature = "serde")]
+impl<'de, D> Deserialize<'de> for VerifyingKey<D>
+where
+    D: Digest + AssociatedOid,
+{
+    fn deserialize<De>(deserializer: De) -> Result<Self, De::Error>
+    where
+        De: serde::Deserializer<'de>,
+    {
+        let der_bytes = serdect::slice::deserialize_hex_or_bin_vec(deserializer)?;
+        let spki = SubjectPublicKeyInfo::from_der(&der_bytes).map_err(de::Error::custom)?;
+        RsaPublicKey::try_from(spki)
+            .map_err(de::Error::custom)
+            .map(Self::new)
+    }
+}