Skip to content

feat(xmldsig): parse RSAKeyValue parameters #67

Description

@polaz

Problem

<ds:RSAKeyValue> is currently recognized only as a marker. Its modulus and exponent are discarded, and DefaultKeyResolver cannot verify signatures that provide an embedded RSA key without a certificate.

Implementation

  • Parse ordered <ds:Modulus> and <ds:Exponent> CryptoBinary values with bounded XML Base64 decoding.
  • Expose unsigned big-endian modulus and exponent through KeyValueInfo.
  • Convert valid parameters into RSA SubjectPublicKeyInfo DER using the existing pure-Rust rsa crate.
  • Resolve embedded RSA keys only for RSA signature methods and fail closed for malformed, weak, or incompatible keys.
  • Verify the Merlin enveloping RSA donor vector end-to-end without a preset key.
  • Update ROADMAP/DEVLOG after full verification.

Acceptance criteria

  • Valid RSAKeyValue parameters are preserved exactly after Base64 decoding.
  • Missing, reordered, duplicated, wrong-namespace, nested, empty, malformed, and oversized values are rejected with typed processing errors.
  • The donor RSAKeyValue signature verifies through DefaultKeyResolver.
  • ECDSA methods reject RSAKeyValue with an algorithm mismatch.
  • cargo check, clippy, nextest, doctests, and build pass.

Estimate

2d 4h including implementation, regression and integration tests, review overhead, and documentation updates.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions