in aws-lc-rs/src/pqdsa/key_pair.rs [182:229]
fn test_public_key_serialization() {
for &alg in TEST_ALGORITHMS {
// Generate a new key pair
let keypair = PqdsaKeyPair::generate(alg).unwrap();
let message = b"Test message";
let different_message = b"Different message";
let mut signature = vec![0; alg.signature_len()];
assert!(keypair
.sign(message, &mut signature[0..(alg.signature_len() - 1)])
.is_err());
let sig_len = keypair.sign(message, &mut signature).unwrap();
assert_eq!(sig_len, alg.signature_len());
let invalid_signature = vec![0u8; alg.signature_len()];
let original_public_key = keypair.public_key();
let x509_der = original_public_key.as_der().unwrap();
let x509_public_key = UnparsedPublicKey::new(alg.0, x509_der.as_ref());
assert!(x509_public_key.verify(message, signature.as_ref()).is_ok());
assert!(x509_public_key
.verify(different_message, signature.as_ref())
.is_err());
assert!(x509_public_key.verify(message, &invalid_signature).is_err());
let raw = original_public_key.as_ref();
let raw_public_key = UnparsedPublicKey::new(alg.0, raw);
assert!(raw_public_key.verify(message, signature.as_ref()).is_ok());
assert!(raw_public_key
.verify(different_message, signature.as_ref())
.is_err());
assert!(raw_public_key
.verify(different_message, &invalid_signature)
.is_err());
#[cfg(feature = "ring-sig-verify")]
#[allow(deprecated)]
{
assert!(alg
.0
.verify(
raw.into(),
message.as_ref().into(),
signature.as_slice().into()
)
.is_ok());
}
}
}