The crate contains several exported traits targeting
hardware-accelerated implementations (PublicKey, PrivateKey,
EncryptionPrimitive, DecriptionPrimitive). However these traits
overcomplicate internal structure of the crate. It is not clear, which
level of API can be implemented by the hardware accelerators.
The crate is already quite complicated, implementing both
PaddingScheme-based API and Signer/Verifier/Encryptor/Decryptor API.
Remove the complication for now. The proper level of indirection can be
introduced once support for actual hardware accelerators is implemented.
Inline and drop the RsaPrivateKey::raw_decryption_primitive() function.
There is no need to zeroize argument, it is ciphertext, so it can be
assumed to be safe.
Change raw_int_decryption_primitive() and raw_int_decryption_primitive()
to output Result<BigUint> instead of Result<Vec<u8>>, because they also
take BigUint rather than Vec<u8> or &[u8].
In order to simplify adding support for RSA hardware accelerators, move
all formatting and padding functions to a separate modules, making it
theoretically possible to use that for implementing support for
low-level RSA hardware accelerators.
Also follows the pkcs1v15 change and use BigUint as a Signature's
internal implementation.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Reverts-the-revert from #254, reinstating #251
This reverts commit 26f38ad66a09fc42ed6d73e3b1864f0251db4e2d.
Since we need to upgrade `pkcs1` and `pkcs8`, which are MSRV 1.65, now
is a good time to start making brekaing changes again.
This reverts commit da1997d0b786181f3e3375e3eef09899486a3833.
I was probably over-eager on this: it's a breaking change.
There are probably some non-breaking changes we can make first, and when
we're ready to make breaking changes again, we can revert the revert.
Updates the `pkcs1` and `pkcs8` crates to their latest versions.
These releases reversed the blanket impl relationship between the traits
in the two respective crates.
The names of the traits have changed:
- `From*Key` => `Decode*Key` (e.g. `DecodePrivateKey`)
- `To*Key` => `Encode*Key` (e.g. `EncodePrivateKey`).
Previously there was a blanket impl of `pkcs8` traits for the `pkcs1`
crates, e.g. `DecodePrivateKey` was impl'd for `DecodeRsaPrivateKey`.
This relationship has been reversed in the latest releases, and as such
this commit now implements the `pkcs8` traits instead of the `pkcs1`
traits (even though this internally involves decoding a PKCS#1 document
as part of PKCS#8 decoding).
The reasoning is this was necessary to make it possible for traits for
multiple formats to have blanket impls for the PKCS#8 traits. Concretely
this was needed to allow blanket impls of the traits in the `sec1` crate
for types which impl traits from the `pkcs8` crate.
Both of these crates are MSRV 1.56 and hard dependencies, so the MSRV of
the `rsa` crate is accordingly bumped to 1.56.
