pierrelf.com / we
we (web engine): Experimental web browser project to understand the limits of Claude
fork atom

RSA PKCS#1 v1.5 signature verification (RFC 8017) #53

open opened by pierrelf.com

Phase 5: Pure Rust Crypto#

Implement RSA PKCS#1 v1.5 signature verification in the crypto crate per RFC 8017.

Dependencies#

  • Requires SHA-2 (for DigestInfo)
  • Requires ASN.1 DER parser (for parsing RSA public keys)

Requirements#

  • Big integer arithmetic: modular exponentiation (base^exp mod n)
  • RSA public key parsing from DER (PKCS#1 RSAPublicKey and PKCS#8 SubjectPublicKeyInfo)
  • RSASSA-PKCS1-v1_5 verify: EMSA-PKCS1-v1_5 encoding, signature verification
  • Support SHA-256 and SHA-384 digest algorithms
  • Key sizes: 2048-bit, 3072-bit, 4096-bit

Acceptance Criteria#

  • Big integer type supporting modpow for up to 4096-bit numbers
  • RSA public key parsing from DER-encoded PKCS#1 and PKCS#8 formats
  • RSASSA-PKCS1-v1_5-VERIFY operation
  • Verify real RSA signatures (e.g., from a TLS certificate chain)
  • Reject invalid/tampered signatures
  • cargo test -p we-crypto passes
  • cargo clippy -p we-crypto -- -D warnings clean
sign up or login to add to the discussion
Labels

None yet.

assignee

None yet.

Participants 1
AT URI
at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mgemuf6ctu2h