Modifying the "rsa_blinder" in at crypto library to take in a boolean that indicates whether RSA public exponent should be used for computations during the execution of the blind RSA signature with public metadata protocol. The rest of the files only change their calls to the RsaBlinder::New to build correctly. PiperOrigin-RevId: 549756204
diff --git a/quiche/blind_sign_auth/anonymous_tokens/cpp/client/anonymous_tokens_rsa_bssa_client.cc b/quiche/blind_sign_auth/anonymous_tokens/cpp/client/anonymous_tokens_rsa_bssa_client.cc index 8761394..3738654 100644 --- a/quiche/blind_sign_auth/anonymous_tokens/cpp/client/anonymous_tokens_rsa_bssa_client.cc +++ b/quiche/blind_sign_auth/anonymous_tokens/cpp/client/anonymous_tokens_rsa_bssa_client.cc
@@ -150,7 +150,7 @@ auto rsa_bssa_blinder, RsaBlinder::New(rsa_public_key_proto.n(), rsa_public_key_proto.e(), sig_hash, mgf1_hash, public_key_.salt_length(), - public_metadata)); + /*use_rsa_public_exponent=*/true, public_metadata)); ANON_TOKENS_ASSIGN_OR_RETURN(const std::string blinded_message, rsa_bssa_blinder->Blind(masked_message));
diff --git a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.cc b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.cc index 5fc0198..58b9e5e 100644 --- a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.cc +++ b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.cc
@@ -33,7 +33,8 @@ absl::StatusOr<std::unique_ptr<RsaBlinder>> RsaBlinder::New( absl::string_view rsa_modulus, absl::string_view rsa_public_exponent, const EVP_MD* signature_hash_function, const EVP_MD* mgf1_hash_function, - int salt_length, std::optional<absl::string_view> public_metadata) { + int salt_length, const bool use_rsa_public_exponent, + std::optional<absl::string_view> public_metadata) { bssl::UniquePtr<RSA> rsa_public_key; if (!public_metadata.has_value()) { @@ -47,7 +48,7 @@ ANON_TOKENS_ASSIGN_OR_RETURN( rsa_public_key, CreatePublicKeyRSAWithPublicMetadata( rsa_modulus, rsa_public_exponent, *public_metadata, - /*use_rsa_public_exponent=*/true)); + use_rsa_public_exponent)); } ANON_TOKENS_ASSIGN_OR_RETURN(bssl::UniquePtr<BIGNUM> r, NewBigNum());
diff --git a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.h b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.h index f9029fb..a71f0b2 100644 --- a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.h +++ b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder.h
@@ -42,10 +42,17 @@ // Passing of public_metadata is optional. If it is set to any value including // an empty string, RsaBlinder will assume that partially blind RSA signature // protocol is being executed. + // + // If public metadata is passed and the boolean "use_rsa_public_exponent" is + // set to false, the rsa_public_exponent is not used in any computations in + // the protocol. + // + // Setting "use_rsa_public_exponent" to true is deprecated. All new users + // should set it to false. static absl::StatusOr<std::unique_ptr<RsaBlinder>> New( absl::string_view rsa_modulus, absl::string_view rsa_public_exponent, const EVP_MD* signature_hash_function, const EVP_MD* mgf1_hash_function, - int salt_length, + int salt_length, bool use_rsa_public_exponent, std::optional<absl::string_view> public_metadata = std::nullopt); // Blind `message` using n and e derived from an RSA public key and the public
diff --git a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder_test.cc b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder_test.cc index c2f55df..5723caf 100644 --- a/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder_test.cc +++ b/quiche/blind_sign_auth/anonymous_tokens/cpp/crypto/rsa_blinder_test.cc
@@ -16,6 +16,7 @@ #include <memory> #include <string> +#include <tuple> #include <utility> #include "quiche/common/platform/api/quiche_test.h" @@ -101,7 +102,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -128,7 +130,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_message, blinder->Blind(message)); // Blind the blinded_message @@ -150,7 +153,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_message, blinder->Blind(message)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_signature, @@ -175,7 +179,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_message, blinder->Blind(message)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_signature, @@ -205,7 +210,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_message, blinder->Blind(message)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(const std::string blinded_signature, @@ -218,7 +224,8 @@ std::unique_ptr<RsaBlinder> bad_blinder, RsaBlinder::New(bad_key.n, bad_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + rsa_blinder_test_params_.salt_length, + /*use_rsa_public_exponent=*/true)); EXPECT_THAT(bad_blinder->Verify(signature, message).code(), absl::StatusCode::kInvalidArgument); } @@ -230,14 +237,17 @@ CreateSHA256TestKeyParameters(), CreateLongerSaltTestKeyParameters())); -using CreateTestKeyPairFunction = - std::pair<TestRsaPublicKey, TestRsaPrivateKey>(); +using RsaBlinderPublicMetadataTestParams = + std::tuple<std::pair<TestRsaPublicKey, TestRsaPrivateKey>, + /*use_rsa_public_exponent*/ bool>; class RsaBlinderWithPublicMetadataTest - : public testing::TestWithParam<CreateTestKeyPairFunction*> { + : public testing::TestWithParam<RsaBlinderPublicMetadataTestParams> { protected: void SetUp() override { - const auto [public_key, private_key] = (*GetParam())(); + std::pair<TestRsaPublicKey, TestRsaPrivateKey> key_pair; + std::tie(key_pair, use_rsa_public_exponent_) = GetParam(); + const auto [public_key, private_key] = key_pair; rsa_blinder_test_params_ = {public_key, private_key, EVP_sha384(), EVP_sha384(), kSaltLengthInBytes48}; ANON_TOKENS_ASSERT_OK_AND_ASSIGN( @@ -254,6 +264,7 @@ RsaBlinderTestParameters rsa_blinder_test_params_; bssl::UniquePtr<RSA> rsa_key_; + bool use_rsa_public_exponent_; }; TEST_P(RsaBlinderWithPublicMetadataTest, @@ -267,7 +278,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length, public_metadata)); + rsa_blinder_test_params_.salt_length, + use_rsa_public_exponent_, public_metadata)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -275,7 +287,7 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::string blinded_signature, TestSignWithPublicMetadata(blinded_message, public_metadata, *rsa_key_, - /*use_rsa_public_exponent=*/true)); + use_rsa_public_exponent_)); EXPECT_NE(blinded_signature, blinded_message); EXPECT_NE(blinded_signature, message); @@ -295,11 +307,12 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::unique_ptr<RsaBlinder> blinder, - RsaBlinder::New( - rsa_blinder_test_params_.public_key.n, - rsa_blinder_test_params_.public_key.e, - rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length, empty_public_metadata)); + RsaBlinder::New(rsa_blinder_test_params_.public_key.n, + rsa_blinder_test_params_.public_key.e, + rsa_blinder_test_params_.sig_hash, + rsa_blinder_test_params_.mgf1_hash, + rsa_blinder_test_params_.salt_length, + use_rsa_public_exponent_, empty_public_metadata)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -307,7 +320,7 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::string blinded_signature, TestSignWithPublicMetadata(blinded_message, empty_public_metadata, - *rsa_key_, /*use_rsa_public_exponent=*/true)); + *rsa_key_, use_rsa_public_exponent_)); EXPECT_NE(blinded_signature, blinded_message); EXPECT_NE(blinded_signature, message); @@ -331,7 +344,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length, public_metadata)); + rsa_blinder_test_params_.salt_length, + use_rsa_public_exponent_, public_metadata)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -339,7 +353,7 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::string blinded_signature, TestSignWithPublicMetadata(blinded_message, public_metadata_2, *rsa_key_, - /*use_rsa_public_exponent=*/true)); + use_rsa_public_exponent_)); EXPECT_NE(blinded_signature, blinded_message); EXPECT_NE(blinded_signature, message); @@ -364,7 +378,8 @@ rsa_blinder_test_params_.public_key.e, rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length, public_metadata)); + rsa_blinder_test_params_.salt_length, + use_rsa_public_exponent_, public_metadata)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -391,11 +406,11 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::unique_ptr<RsaBlinder> blinder, - RsaBlinder::New(rsa_blinder_test_params_.public_key.n, - rsa_blinder_test_params_.public_key.e, - rsa_blinder_test_params_.sig_hash, - rsa_blinder_test_params_.mgf1_hash, - rsa_blinder_test_params_.salt_length)); + RsaBlinder::New( + rsa_blinder_test_params_.public_key.n, + rsa_blinder_test_params_.public_key.e, + rsa_blinder_test_params_.sig_hash, rsa_blinder_test_params_.mgf1_hash, + rsa_blinder_test_params_.salt_length, use_rsa_public_exponent_)); ANON_TOKENS_ASSERT_OK_AND_ASSIGN(std::string blinded_message, blinder->Blind(message)); EXPECT_NE(blinded_message, message); @@ -403,7 +418,7 @@ ANON_TOKENS_ASSERT_OK_AND_ASSIGN( std::string blinded_signature, TestSignWithPublicMetadata(blinded_message, public_metadata, *rsa_key_, - /*use_rsa_public_exponent=*/true)); + use_rsa_public_exponent_)); EXPECT_NE(blinded_signature, blinded_message); EXPECT_NE(blinded_signature, message); @@ -418,12 +433,13 @@ ::testing::HasSubstr("verification failed")); } -INSTANTIATE_TEST_SUITE_P(RsaBlinderWithPublicMetadataTest, - RsaBlinderWithPublicMetadataTest, - testing::Values(&GetStrongTestRsaKeyPair2048, - &GetAnotherStrongTestRsaKeyPair2048, - &GetStrongTestRsaKeyPair3072, - &GetStrongTestRsaKeyPair4096)); +INSTANTIATE_TEST_SUITE_P( + RsaBlinderWithPublicMetadataTest, RsaBlinderWithPublicMetadataTest, + testing::Combine(testing::Values(GetStrongTestRsaKeyPair2048(), + GetAnotherStrongTestRsaKeyPair2048(), + GetStrongTestRsaKeyPair3072(), + GetStrongTestRsaKeyPair4096()), + /*use_rsa_public_exponent*/ testing::Values(true, false))); } // namespace } // namespace anonymous_tokens