Arthur Gautier
7341cd0159
pss: expose a get_default_pss_signature_algo_id helper ( #393 )
...
This returns the `AlgorithmIdentifierOwned` assuming the default
situation where the salt_len is the `output_size` of the `Digest`.
This is meant to be used by HSM where the private key is hidden behind
an abstraction but to still expose a `DynSignatureAlgorithmIdentifier`
trait.
2023-11-29 14:54:56 -07:00
Tony Arcieri
5d45065bd8
README.md: add info about Marvin Attack (RUSTSEC-2023-0071) ( #391 )
...
References:
- https://github.com/RustCrypto/RSA/issues/19
- https://rustsec.org/advisories/RUSTSEC-2023-0071.html
- https://people.redhat.com/~hkario/marvin/
2023-11-28 12:34:13 -07:00
Tony Arcieri
ac108c9e9d
Revert "README.md: use ? instead of expect` in example ( #385 )" ( #389 )
...
This reverts commit 00eaa91db598ad6ebe57024182e93bb82c3d75a3.
Unfortunately while `#` comments work in rustdoc, they are visible when
GitHub renders the README.md, so this doesn't work.
2023-11-27 21:18:49 -07:00
Arthur Gautier
6df6d08729
v0.9.5 ( #388 )
2023-11-27 20:43:10 -07:00
Arthur Gautier
63409e526c
Adds RsaPrivateKey::from_primes and RsaPrivateKey::from_p_q methods ( #386 )
...
This is used on Yubico HSM for import/export under wrap as well as when
importing a key unsealed.
2023-11-27 17:35:37 -07:00
Tony Arcieri
00eaa91db5
README.md: use ? instead of expect` in example ( #385 )
...
Using `?` encourages users to properly handle errors rather than
panicking.
2023-11-20 13:53:51 -07:00
Tony Arcieri
3eb4e38e37
v0.9.4 ( #384 )
2023-11-20 13:36:27 -07:00
Tony Arcieri
a26e7f563c
Cargo.lock: bump dependencies ( #383 )
...
Updates the following dependencies:
$ cargo update
Updating crates.io index
Updating bitflags v2.4.0 -> v2.4.1
Updating byteorder v1.4.3 -> v1.5.0
Removing cc v1.0.83
Updating cpufeatures v0.2.9 -> v0.2.11
Updating errno v0.3.4 -> v0.3.7
Removing errno-dragonfly v0.1.2
Updating getrandom v0.2.10 -> v0.2.11
Updating libc v0.2.148 -> v0.2.150
Updating libm v0.2.7 -> v0.2.8
Updating linux-raw-sys v0.4.8 -> v0.4.11
Updating num-traits v0.2.16 -> v0.2.17
Updating proc-macro2 v1.0.67 -> v1.0.69
Updating proptest v1.3.1 -> v1.4.0
Updating redox_syscall v0.3.5 -> v0.4.1
Updating regex-syntax v0.7.5 -> v0.8.2
Updating rustix v0.38.20 -> v0.38.25
Updating serde v1.0.188 -> v1.0.192
Updating serde_derive v1.0.188 -> v1.0.192
Updating signature v2.1.0 -> v2.2.0
Updating smallvec v1.11.1 -> v1.11.2
Updating syn v2.0.37 -> v2.0.39
Updating tempfile v3.8.0 -> v3.8.1
Updating zeroize v1.6.0 -> v1.7.0
2023-11-20 12:53:32 -07:00
Tony Arcieri
341f06f449
OAEP example now uses sha2 re-export ( #381 )
...
People were missing that the example required the `sha2` crate as a
dependency. See #340 .
This changes it to use the re-exported `sha2` crate and notes that the
`sha2` feature must be enabled.
2023-11-11 12:29:55 -07:00
Zach Heylmun
b513ee3998
Deterministic implementation of prime factors recovery ( #380 )
...
Implements deterministic recovery of `p` and `q` from `n`, `e,` and `d` using
the algorithm specified in NIST 800-56B Appendix C.2
2023-11-11 11:10:42 -07:00
Tony Arcieri
ab7b86d094
README.md: linkify random blinding ( #379 )
2023-10-31 20:02:04 -06:00
Tony Arcieri
d855f2963c
v0.9.3 ( #376 )
2023-10-26 11:26:21 -06:00
dependabot[bot]
c069afb09c
build(deps): bump rustix from 0.38.15 to 0.38.20 ( #377 )
...
Bumps [rustix](https://github.com/bytecodealliance/rustix ) from 0.38.15 to 0.38.20.
- [Release notes](https://github.com/bytecodealliance/rustix/releases )
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.38.15...v0.38.20 )
---
updated-dependencies:
- dependency-name: rustix
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-26 10:27:38 -06:00
Tony Arcieri
ec1cebf449
CI: pin nightly; test minimal-versions on stable ( #378 )
...
- Pins to nightly-2023-10-01 to prevent regressions
- On `minimal-versions`, only uses nightly to resolve versions, and runs
tests on stable instead
2023-10-26 10:04:58 -06:00
Tony Arcieri
49b6c7e6ba
README.md: add notes about timing variability ( #373 )
...
Notes that the modpow implementation is not constant-time, but timing
variability is masked using random blinding.
2023-10-16 11:11:37 -06:00
Tony Arcieri
3a2906675a
Cargo.lock: update dependencies ( #371 )
...
Bumps the following dependencies:
$ cargo update
Updating crates.io index
Updating errno v0.3.2 -> v0.3.4
Updating fastrand v2.0.0 -> v2.0.1
Updating libc v0.2.147 -> v0.2.148
Updating linux-raw-sys v0.4.5 -> v0.4.8
Updating proc-macro2 v1.0.66 -> v1.0.67
Updating proptest v1.2.0 -> v1.3.1
Updating regex-syntax v0.6.29 -> v0.7.5
Updating rustix v0.38.8 -> v0.38.15
Updating serde v1.0.185 -> v1.0.188
Updating serde_derive v1.0.185 -> v1.0.188
Updating sha1 v0.10.5 -> v0.10.6
Updating sha2 v0.10.7 -> v0.10.8
Updating smallvec v1.11.0 -> v1.11.1
Updating syn v2.0.29 -> v2.0.37
Updating typenum v1.16.0 -> v1.17.0
Updating unicode-ident v1.0.11 -> v1.0.12
2023-10-03 07:35:48 -06:00
dependabot[bot]
d7ba15c9ff
build(deps): bump actions/checkout from 3 to 4 ( #370 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 06:44:44 -06:00
Artyom Pavlov
dfb12ac5bc
Set min version of serde to 1.0.184 ( #360 )
2023-08-21 11:47:22 +00:00
Artyom Pavlov
3e17a67d5e
Pin serde to <1.0.172 ( #359 )
2023-08-19 18:08:54 +03:00
Uli Schlachter
c04c65447e
Remove unused dependencies ( #357 )
...
Signed-off-by: Uli Schlachter <psychon@znc.in>
2023-08-18 06:53:24 -06:00
dependabot[bot]
e949b07f7f
build(deps): bump const-oid from 0.9.3 to 0.9.4 ( #353 )
...
Bumps [const-oid](https://github.com/RustCrypto/formats ) from 0.9.3 to 0.9.4.
- [Commits](https://github.com/RustCrypto/formats/compare/const-oid/v0.9.3...const-oid/v0.9.4 )
---
updated-dependencies:
- dependency-name: const-oid
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-01 06:12:01 -06:00
Tom Hebb
eb7e507f56
Add hazmat feature as a replacement for expose-internals ( #352 )
...
External access to these functions was removed in #304 when the old
`internals` module and `expose-internals` feature were removed. There
are some valid use cases for them, though (see #351 ), so let's bring
back a subset of what was in `internals` using the same naming and
documentation conventions that the aes crate uses for its hazardous
functions.
Much of the added or changed documentation is derived from that in
the `aes` crate.
Fixes #351 .
2023-07-23 10:43:48 -06:00
dependabot[bot]
40069a5408
build(deps): bump const-oid from 0.9.2 to 0.9.3 ( #348 )
...
Bumps [const-oid](https://github.com/RustCrypto/formats ) from 0.9.2 to 0.9.3.
- [Commits](https://github.com/RustCrypto/formats/compare/const-oid/v0.9.2...const-oid/v0.9.3 )
---
updated-dependencies:
- dependency-name: const-oid
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-01 06:58:49 -06:00
Tony Arcieri
aed51e718d
Impl PKCS#8/SPKI decoding traits for pkcs1v15 keys ( #346 )
...
Adds PKCS#8 (and via blanket impl, PKCS#1) and SPKI decoding trait
support to `pkcs1v15::{SigningKey, VerifyingKey}`.
Also adds basic tests that decoding and encoding works.
2023-06-29 14:29:22 -06:00
Tony Arcieri
c7b0eae935
Add clarifying comment for totient check in key generation ( #345 )
...
See #343 where it wasn't entirely clear
2023-06-29 13:14:12 -06:00
dependabot[bot]
823bb23162
build(deps): bump proptest from 1.1.0 to 1.2.0 ( #336 )
...
Bumps [proptest](https://github.com/proptest-rs/proptest ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/proptest-rs/proptest/releases )
- [Changelog](https://github.com/proptest-rs/proptest/blob/master/CHANGELOG.md )
- [Commits](https://github.com/proptest-rs/proptest/compare/v1.1.0...v1.2.0 )
---
updated-dependencies:
- dependency-name: proptest
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-01 07:05:54 -06:00
tison
b65f352299
pkcs1v15: add regression test ( #332 )
...
Signed-off-by: tison <wander4096@gmail.com>
2023-05-12 15:18:26 -06:00
Tony Arcieri
dfa23bccb4
v0.9.2 ( #331 )
2023-05-08 07:15:09 -06:00
Tony Arcieri
09254b0ab5
pkcs1v15: have fmt impls call SignatureEncoding::to_bytes ( #330 )
...
The `fmt::{LowerHex, UpperHex}` impls, with the latter called
vicariously via `fmt::Display`, were showing the unpadded signature
rather than the padded one.
This changes these impls to call `SignatureEncoding::to_bytes` first
before displaying the signature.
2023-05-08 07:04:05 -06:00
Arthur Gautier
7a58281a05
Adds support for the SignatureBitStringEncoding trait ( #328 )
2023-05-04 17:12:43 -06:00
Tony Arcieri
d61b501182
v0.9.1 ( #327 )
2023-05-03 19:36:27 -06:00
Tony Arcieri
1d1037b912
Initial proptests ( #326 )
...
Adds proptests for RSASSA-PKCS1-v1_5.
Includes a commented-out test for RSASSA-PSS which is currently failing.
2023-05-03 18:50:04 -06:00
Tony Arcieri
53bb256451
Left pad signatures when encoding ( #325 )
...
The `SignatureEncoding` impl added in `rsa` v0.9 (or more specifically,
the `From<Signature>` impl for `Box<[u8]>` failed to properly left pad
the signatures so they matched the modulus size.
This adds the appropriate padding to the signature encoder.
2023-05-03 18:34:50 -06:00
Tony Arcieri
94856ec765
pkcs1v15: note RSASSA-PKCS1-v1_5 in docs ( #324 )
...
This is the name for PKCS#1v1.5 signatures originally specified in
RFC3447 but is also used by RFC8017 (which we cite)
2023-05-03 17:13:52 -06:00
dependabot[bot]
901765df7c
build(deps): bump sha3 from 0.10.6 to 0.10.7 ( #321 )
...
Bumps [sha3](https://github.com/RustCrypto/hashes ) from 0.10.6 to 0.10.7.
- [Release notes](https://github.com/RustCrypto/hashes/releases )
- [Commits](https://github.com/RustCrypto/hashes/compare/sha3-v0.10.6...sha3-v0.10.7 )
---
updated-dependencies:
- dependency-name: sha3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-01 06:12:11 -06:00
dependabot[bot]
cbf6685c5e
build(deps): bump hex-literal from 0.3.4 to 0.4.1 ( #319 )
...
Bumps [hex-literal](https://github.com/RustCrypto/utils ) from 0.3.4 to 0.4.1.
- [Release notes](https://github.com/RustCrypto/utils/releases )
- [Commits](https://github.com/RustCrypto/utils/compare/hex-literal-v0.3.4...hex-literal-v0.4.1 )
---
updated-dependencies:
- dependency-name: hex-literal
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-01 06:11:58 -06:00
dependabot[bot]
f63290f920
build(deps): bump signature from 2.0.0 to 2.1.0 ( #320 )
...
Bumps [signature](https://github.com/RustCrypto/traits ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/RustCrypto/traits/releases )
- [Commits](https://github.com/RustCrypto/traits/compare/signature/v2.0.0...signature-v2.1.0 )
---
updated-dependencies:
- dependency-name: signature
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-01 06:11:20 -06:00
Tony Arcieri
c611408a2e
v0.9.0 ( #318 )
2023-04-27 12:57:20 -06:00
Tony Arcieri
ec499565f9
Replace Deref impl on RsaPrivateKey with AsRef ( #317 )
...
The `RsaPrivateKey` type previously had a `Deref` impl providing access
to the associated `RsaPublicKey`.
`Deref` is intended for "smart pointer types", i.e. container types
which manage a (typically generic) inner type in some way. This doesn't
seem like one of those cases.
`AsRef`, on the other hand, is for cheap reference conversions, which is
exactly what's happening here, so it's a better fit and provides the
same functionality (albeit explicitly rather than via deref coercion).
2023-04-27 09:23:58 -06:00
Tony Arcieri
db2559faa7
Add comments to fields of RsaPublicKey ( #316 )
2023-04-27 08:23:41 -06:00
Tony Arcieri
f5918ad3bf
Refactor padding modes into submodules ( #312 )
...
The padding mode modules have gotten quite large.
This commit refactors types into respective submodules, with the
toplevel module defining the same-named padding schemes.
2023-04-27 07:58:19 -06:00
Tony Arcieri
d9968bc0c9
Refactor traits ( #315 )
...
There were several modules that defined traits, including one called
`traits`.
This consolidates all of them under `traits`, retaining the previous
module structure as internal submodules:
- `keytraits` => `traits::keys`
- `padding` => `traits::padding`
- `traits` => `traits::encryption`
Additionally this removes the traits that were re-exported at the
toplevel, instead re-exporting them all under `traits`.
2023-04-27 07:39:37 -06:00
Tony Arcieri
a8bddc2f6b
Add u64_digit feature ( #313 )
...
Adds an on-by-default feature which enables `num-bigint-dig/u64_digit`.
Disabling this on 32-bit platforms (e.g. WASM) should improve
performance.
Closes #252
2023-04-27 07:39:25 -06:00
Tony Arcieri
6d915b30f8
Rename CRTValue => CrtValue ( #314 )
...
Follows RFC430 (C-CASE)
https://rust-lang.github.io/api-guidelines/naming.html
2023-04-26 20:26:44 -06:00
Tony Arcieri
78ea9cb7da
Impl ZeroizeOnDrop for RsaPrivateKey+newtypes ( #311 )
...
`RsaPrivateKey` self-zeroizes on drop, so add the `ZeroizeOnDrop` marker
trait to `RsaPrivateKey` and all newtypes thereof, i.e. `DecryptingKey`
and `SigningKey` for the various padding modes.
This also removes the `Zeroize` impl on `RsaPrivateKey`, since it
self-zeroizes on `Drop`, and allowing `Zeroize` might accidentally
permit use-after-zeroize vulnerabilities.
2023-04-26 10:39:18 -06:00
Tony Arcieri
b1151dfb0e
v0.9.0-rc.0 ( #309 )
2023-04-25 08:48:24 -06:00
Tony Arcieri
c012868118
Impl core: #️⃣ :Hash for RsaPrivateKey ( #308 )
...
Adds an impl which hashes only the public key components, along with a
domain separator string (`RsaPrivateKey`).
Closes #165
2023-04-25 08:37:01 -06:00
Tony Arcieri
faabaa7141
Improved public key checks ( #307 )
...
Adds the following checks:
- `n` is odd
- `e` is odd
- `e` < `n`
Closes #99
2023-04-25 08:36:46 -06:00
Tony Arcieri
b55c75ec39
Ensure signatures have right length and don't overflow ( #306 )
...
In both the PKCS#1v1.5 and PSS implementations, checks the signature
value to ensure it does not overflow the modulus.
In the PKCS#1v1.5 implementation, checks the signature length to ensure
it matches the public key size. The PSS implementation was already doing
this.
Closes #272
2023-04-25 08:36:26 -06:00
Tony Arcieri
bd14ee90b6
Bump pkcs1 dependency to v0.7.5 ( #305 )
...
Workaround for RustCrypto/formats#1021
2023-04-24 13:43:49 -06:00
