def test_rsa_pss(self, key_template, hash_algo, modulus_size, exponent):
self.assertEqual(
key_template.type_url,
'type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey')
self.assertEqual(key_template.output_prefix_type, tink_pb2.TINK)
key_format = rsa_ssa_pss_pb2.RsaSsaPssKeyFormat()
key_format.ParseFromString(key_template.value)
self.assertEqual(key_format.modulus_size_in_bits, modulus_size)
self.assertEqual(key_format.params.sig_hash, hash_algo)
self.assertEqual(key_format.params.mgf1_hash, hash_algo)
self.assertEqual(bytes_to_num(key_format.public_exponent), exponent)
def test_rsa_pss(self, key_template, hash_algo, modulus_size, exponent):
self.assertEqual(
key_template.type_url,
'type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey')
self.assertEqual(key_template.output_prefix_type, tink_pb2.TINK)
key_format = rsa_ssa_pss_pb2.RsaSsaPssKeyFormat()
key_format.ParseFromString(key_template.value)
self.assertEqual(key_format.modulus_size_in_bits, modulus_size)
self.assertEqual(key_format.params.sig_hash, hash_algo)
self.assertEqual(key_format.params.mgf1_hash, hash_algo)
self.assertEqual(bytes_to_num(key_format.public_exponent), exponent)
# Check that the template works with the key manager
key_manager = core.Registry.key_manager(key_template.type_url)
key_manager.new_key_data(key_template)
def _create_rsa_ssa_pss_key_template(
sig_hash: common_pb2.HashType, mgf1_hash: common_pb2.HashType,
salt_length: int, modulus_size: int,
public_exponent: int) -> tink_pb2.KeyTemplate:
"""Creates a KeyTemplate containing an RsaSsaPssKeyFormat."""
params = rsa_ssa_pss_pb2.RsaSsaPssParams(sig_hash=sig_hash,
mgf1_hash=mgf1_hash,
salt_length=salt_length)
key_format = rsa_ssa_pss_pb2.RsaSsaPssKeyFormat(
params=params,
modulus_size_in_bits=modulus_size,
public_exponent=big_integer_util.num_to_bytes(public_exponent))
key_template = tink_pb2.KeyTemplate(value=key_format.SerializeToString(),
type_url=_RSA_PSS_KEY_TYPE_URL,
output_prefix_type=tink_pb2.TINK)
return key_template