All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- always validate keys in from_components
- do not crash when handling tiny keys in PKCS1v15
- expose a
pss::get_default_pss_signature_algo_id
helper (#393) - expose
pkcs1v15::RsaSignatureAssociatedOid
(#392)
- Adds
RsaPrivateKey::from_primes
andRsaPrivateKey::from_p_q
methods (#386)
- Deterministic implementation of prime factors recovery (#380)
- PKCS#8/SPKI decoding trait impls for
pkcs1v15
keys (#346) hazmat
feature as a replacement forexpose-internals
(#352)
- Bump
serde
dependency to 1.0.184 (#360)
- Unused dependencies (#357)
- pkcs1v15: have
fmt
impls callSignatureEncoding::to_bytes
(#330)
- Left pad signatures when encoding (#325)
- Function to get salt length from RSA PSS keys (#277)
AssociatedAlgorithmIdentifier
implementation (#278)- Random key generation for
pss::BlindedSigningKey
(#295) - Impl
Signer
forpss::SigningKey
(#297) - Impl
core::hash::Hash
forRsaPrivateKey
(#308) - Impl
ZeroizeOnDrop
forRsaPrivateKey
,SigningKey
,DecryptingKey
(#311) u64_digit
feature; on-by-default (#313)AsRef<RsaPublicKey>
impl onRsaPrivateKey
(#317)
- Use namespaced features for
serde
(#268) - Bump
pkcs1
to v0.7,pkcs8
to v0.10; MSRV 1.65 (#270) - Rename PKCS#1v1.5
*_with_prefix
methods (#290)SigningKey::new
=>SigningKey::new_unprefixed
SigningKey::new_with_prefix
=>SigningKey::new
VerifyingKey::new
=>VerifyingKey::new_unprefixed
VerifyingKey::new_with_prefix
=>VerifyingKey::new
- Rename
Pkcs1v15Sign::new_raw
toPkcs1v15Sign::new_unprefixed
(#293) - Use digest output size as default PSS salt length (#294)
- Specify
salt_len
when verifying PSS signatures (#294) - Ensure signatures have the expected length and don't overflow the modulus (#306)
- Improved public key checks (#307)
- Rename
CRTValue
=>CrtValue
(#314) - Traits under
padding
module now located undertraits
module (#315) PublicKeyParts
/PrivateKeyParts
now located undertraits
module (#315)
- "Unsalted" PSS support (#294)
EncryptionPrimitive
/DecriptionPrimitive
traits (#300)PublicKey
/PrivateKey
traits (#300)Zeroize
impl onRsaPrivateKey
; automatically zeroized on drop (#311)Deref<Target=RsaPublicKey>
impl onRsaPrivateKey
; useAsRef
instead (#317)expose-internals
feature and public access to all functions it gated ([#304])
- Encryption-related traits (#259)
- Possible panic in
internals::left_pad
(#262) - Correct PSS sign/verify when key length is multiple of 8+1 bits (#263)
sha2
feature withoid
subfeature enabled (#255)
- Bump
signature
crate dependency to v2 (#217, #249) - Switch to
CryptoRngCore
marker trait (#237) - Make
padding
module private (#243) - Refactor
PaddingScheme
into a trait (#244)
- Benchmark build (#225)
- Documentation improvements (#216)
- Ensure
PaddingScheme
isSend
andSync
(#215)
NOTE: when computing signatures with this release, make sure to enable the
oid
crate feature of the digest crate you are using when computing the
signature (e.g. sha2
, sha3
). If the oid
feature doesn't exist, make sure
you're using the latest versions.
pkcs1v15
andpss
modules withSigningKey
/VerifyingKey
types (#174, #195, #202, #207, #208)- 4096-bit default max
RsaPublicKey
size (#176) RsaPublicKey::new_with_max_size
(#176)RsaPublicKey::new_unchecked
(#206)