Refactor certRequest

authorize/certRequest.go

@@ -10,7 +10,7 @@ package authorize
 import (
 	"encoding/binary"
 	"gitlab.com/elixxir/crypto/hash"
-	"gitlab.com/xx_network/crypto/signature/rsa"
+	"gitlab.com/elixxir/crypto/rsa"
 	"io"
 	"time"
 )
@@ -18,17 +18,17 @@ import (
 var hashType = hash.CMixHash
 
 // SignCertRequest signs the ACME token & other info sent with an AuthorizerCertRequest
-func SignCertRequest(rng io.Reader, gwRsa *rsa.PrivateKey,
+func SignCertRequest(rng io.Reader, gwRsa rsa.PrivateKey,
 	acmeToken string, now time.Time) ([]byte, error) {
 	hashed, err := hashCertRequestInfo(acmeToken, now)
 	if err != nil {
 		return nil, err
 	}
-	return rsa.Sign(rng, gwRsa, hashType, hashed, rsa.NewDefaultOptions())
+	return gwRsa.SignPSS(rng, hashType, hashed, rsa.NewDefaultPSSOptions())
 }
 
 // VerifyCertRequest verifies the signature on an ACME token & other info sent with an AuthorizerCertRequest
-func VerifyCertRequest(gwPub *rsa.PublicKey, sig []byte,
+func VerifyCertRequest(gwPub rsa.PublicKey, sig []byte,
 	acmeToken string, now, signedTS time.Time, delta time.Duration) error {
 	err := checkTimeBound(now, signedTS, delta)
 	if err != nil {
@@ -38,7 +38,7 @@ func VerifyCertRequest(gwPub *rsa.PublicKey, sig []byte,
 	if err != nil {
 		return err
 	}
-	return rsa.Verify(gwPub, hashType, hashed, sig, rsa.NewDefaultOptions())
+	return gwPub.VerifyPSS(hashType, hashed, sig, rsa.NewDefaultPSSOptions())
 }
 
 func hashCertRequestInfo(acmeToken string, timestamp time.Time) ([]byte, error) {

authorize/certRequest_test.go

@@ -2,15 +2,15 @@ package authorize
 
 import (
 	"bytes"
+	"gitlab.com/elixxir/crypto/rsa"
 	"gitlab.com/xx_network/crypto/csprng"
-	"gitlab.com/xx_network/crypto/signature/rsa"
 	"testing"
 	"time"
 )
 
 func TestSignVerify_CertRequest(t *testing.T) {
 	rng := csprng.NewSystemRNG()
-	pk, err := rsa.GenerateKey(rng, 2048)
+	pk, err := rsa.GetScheme().Generate(rng, 2048)
 	if err != nil {
 		t.Fatalf("Failed to generate pk: %+v", err)
 	}
@@ -27,7 +27,7 @@ func TestSignVerify_CertRequest(t *testing.T) {
 		t.Fatalf("Failed to sign acme token")
 	}
 
-	err = VerifyCertRequest(pk.GetPublic(), sig, token, testNow, timestamp, testDelta)
+	err = VerifyCertRequest(pk.Public(), sig, token, testNow, timestamp, testDelta)
 	if err != nil {
 		t.Fatalf("Failed to verify signature on acme token: %+v", err)
 	}
@@ -35,7 +35,7 @@ func TestSignVerify_CertRequest(t *testing.T) {
 
 func TestSignVerify_CertRequest_Consistency(t *testing.T) {
 	rng := &CountingReader{count: uint8(0)}
-	pk, err := rsa.GenerateKey(rng, 1024)
+	pk, err := rsa.GetScheme().Generate(rng, 1024)
 	if err != nil {
 		t.Fatalf("Failed to generate pk: %+v", err)
 	}
@@ -57,7 +57,7 @@ func TestSignVerify_CertRequest_Consistency(t *testing.T) {
 		t.Fatalf("Failed to verify consistency for SignACMEToken\n\tExpected: %+v\n\tReceived: %+v", expectedSig, sig)
 	}
 
-	err = VerifyCertRequest(pk.GetPublic(), sig, token, testNow, timestamp, testDelta)
+	err = VerifyCertRequest(pk.Public(), sig, token, testNow, timestamp, testDelta)
 	if err != nil {
 		t.Fatalf("Failed to verify signature on acme token: %+v", err)
 	}