add possibility to use different hash algorithms in RSAES-OAEP

[sjaeckel]

The hash algorithms used in the MGF and to create the hash of the Label must not forcibly be the same. This change allows to use different algorithms.

Unfortunately this breaks API if you use rsa_decrypt_key_ex(). The rsa_decrypt_key() macro is still the same.

Checklist

• documentation is added or updated
• tests are added or updated

[timlegge]

Hi

I made the following changed to perl's CryptX module which should be fine but I get:

realloc(): invalid next size
Aborted (core dumped)

diff --git a/inc/CryptX_PK_RSA.xs.inc b/inc/CryptX_PK_RSA.xs.inc
index 4040d8c9..aacde6f5 100644
--- a/inc/CryptX_PK_RSA.xs.inc
+++ b/inc/CryptX_PK_RSA.xs.inc
@@ -340,10 +340,10 @@ encrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const cha
         RETVAL
 
 SV *
-decrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * oaep_hash = "SHA1", SV * oaep_lparam = NULL)
+decrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const char * mgf_hash = "SHA1", const char * lparam_hash = "SHA1", SV * oaep_lparam = NULL)
     CODE:
     {
-        int rv, hash_id, stat;
+        int rv, lparam_hash_id, mgf_hash_id, stat;
         unsigned char *lparam_ptr=NULL;
         STRLEN lparam_len=0;
         unsigned char *data_ptr=NULL;
@@ -355,18 +355,20 @@ decrypt(Crypt::PK::RSA self, SV * data, const char * padding = "oaep", const cha
 
         RETVAL = newSVpvn(NULL, 0); /* undef */
         if (strnEQ(padding, "oaep", 4)) {
-          hash_id = cryptx_internal_find_hash(oaep_hash);
-          if (hash_id == -1) croak("FATAL: find_hash failed for '%s'", oaep_hash);
+          mgf_hash_id = cryptx_internal_find_hash(mgf_hash);
+          if (mgf_hash_id == -1) croak("FATAL: find_hash failed for '%s'", mgf_hash);
+          lparam_hash_id = cryptx_internal_find_hash(lparam_hash);
+          if (lparam_hash_id == -1) croak("FATAL: find_hash failed for '%s'", lparam_hash);
           if (oaep_lparam) lparam_ptr = (unsigned char *)SvPVbyte(oaep_lparam, lparam_len);
           rv = rsa_decrypt_key_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, lparam_ptr, (unsigned long)lparam_len,
-                                  hash_id, LTC_PKCS_1_OAEP, &stat, &self->key);
+                                    mgf_hash_id, lparam_hash_id, LTC_PKCS_1_OAEP, &stat, &self->key);
           if (rv != CRYPT_OK) croak("FATAL: rsa_decrypt_key_ex failed: %s", error_to_string(rv));
           if (stat != 1) croak("FATAL: rsa_decrypt - not valid OAEP packet");
           RETVAL = newSVpvn((char*)buffer, buffer_len);
         }
         else if (strnEQ(padding, "v1.5", 4)) {
           rv = rsa_decrypt_key_ex(data_ptr, (unsigned long)data_len, buffer, &buffer_len, NULL, 0,
-                                  0, LTC_PKCS_1_V1_5, &stat, &self->key);
+                                  0, -1, LTC_PKCS_1_V1_5, &stat, &self->key);
           if (rv != CRYPT_OK) croak("FATAL: rsa_decrypt_key_ex failed: %s", error_to_string(rv));
           if (stat != 1) croak("FATAL: rsa_decrypt - invalid");
           RETVAL = newSVpvn((char*)buffer, buffer_len);

[sjaeckel]

Ping @karel-m

[sjaeckel]

realloc(): invalid next size
Aborted (core dumped)

ah, I made a mistake, can you please try again?

[timlegge]

Yes, that was able to decrypt my test

[timlegge]

Just need the encrypt now and I can test that too :-)

[sjaeckel]

Just need the encrypt now and I can test that too :-)

Can you give it a try?

[timlegge]

These changes seem to work fine for me. I tested with the following combinations encrypting with a modified Perl Crypt::PK::RSA and decrypting the keys with xmlsec1 (using openssl library)

The data method is just the key used to encrypt the data in my XML files

ok 1 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes128-cbc
ok 5 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes192-cbc
ok 9 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes256-cbc
ok 13 - Successfully Encrypted: Key Method rsa-1_5 Data Method tripledes-cbc
ok 17 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes128-gcm
ok 21 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes192-gcm
ok 25 - Successfully Encrypted: Key Method rsa-1_5 Data Method aes256-gcm
ok 29 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes128-cbc
ok 33 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes192-cbc
ok 37 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes256-cbc
ok 41 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method tripledes-cbc
ok 45 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes128-gcm
ok 49 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes192-gcm
ok 53 - Successfully Encrypted: Key Method rsa-oaep-mgf1p Data Method aes256-gcm
ok 57 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes128-cbc
ok 61 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes192-cbc
ok 65 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes256-cbc
ok 69 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:tripledes-cbc
ok 73 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes128-gcm
ok 77 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes192-gcm
ok 81 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha1 Data Method:aes256-gcm
ok 85 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes128-cbc
ok 89 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes192-cbc
ok 93 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes256-cbc
ok 97 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:tripledes-cbc
ok 101 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes128-gcm
ok 105 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes192-gcm
ok 109 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha224 Data Method:aes256-gcm
ok 113 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes128-cbc
ok 117 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes192-cbc
ok 121 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes256-cbc
ok 125 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:tripledes-cbc
ok 129 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes128-gcm
ok 133 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes192-gcm
ok 137 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha256 Data Method:aes256-gcm
ok 141 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes128-cbc
ok 145 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes192-cbc
ok 149 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes256-cbc
ok 153 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:tripledes-cbc
ok 157 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes128-gcm
ok 161 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes192-gcm
ok 165 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha384 Data Method:aes256-gcm
ok 169 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes128-cbc
ok 173 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes192-cbc
ok 177 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes256-cbc
ok 181 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:tripledes-cbc
ok 185 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes128-gcm
ok 189 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes192-gcm
ok 193 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha1, param:sha512 Data Method:aes256-gcm
ok 197 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes128-cbc
ok 201 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes192-cbc
ok 205 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes256-cbc
ok 209 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:tripledes-cbc
ok 213 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes128-gcm
ok 217 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes192-gcm
ok 221 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha1 Data Method:aes256-gcm
ok 225 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes128-cbc
ok 229 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes192-cbc
ok 233 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes256-cbc
ok 237 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:tripledes-cbc
ok 241 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes128-gcm
ok 245 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes192-gcm
ok 249 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha224 Data Method:aes256-gcm
ok 253 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes128-cbc
ok 257 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes192-cbc
ok 261 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes256-cbc
ok 265 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:tripledes-cbc
ok 269 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes128-gcm
ok 273 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes192-gcm
ok 277 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha256 Data Method:aes256-gcm
ok 281 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes128-cbc
ok 285 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes192-cbc
ok 289 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes256-cbc
ok 293 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:tripledes-cbc
ok 297 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes128-gcm
ok 301 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes192-gcm
ok 305 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha384 Data Method:aes256-gcm
ok 309 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes128-cbc
ok 313 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes192-cbc
ok 317 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes256-cbc
ok 321 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:tripledes-cbc
ok 325 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes128-gcm
ok 329 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes192-gcm
ok 333 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha224, param:sha512 Data Method:aes256-gcm
ok 337 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes128-cbc
ok 341 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes192-cbc
ok 345 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes256-cbc
ok 349 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:tripledes-cbc
ok 353 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes128-gcm
ok 357 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes192-gcm
ok 361 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha1 Data Method:aes256-gcm
ok 365 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes128-cbc
ok 369 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes192-cbc
ok 373 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes256-cbc
ok 377 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:tripledes-cbc
ok 381 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes128-gcm
ok 385 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes192-gcm
ok 389 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha224 Data Method:aes256-gcm
ok 393 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes128-cbc
ok 397 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes192-cbc
ok 401 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes256-cbc
ok 405 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:tripledes-cbc
ok 409 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes128-gcm
ok 413 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes192-gcm
ok 417 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha256 Data Method:aes256-gcm
ok 421 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes128-cbc
ok 425 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes192-cbc
ok 429 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes256-cbc
ok 433 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:tripledes-cbc
ok 437 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes128-gcm
ok 441 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes192-gcm
ok 445 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha384 Data Method:aes256-gcm
ok 449 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes128-cbc
ok 453 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes192-cbc
ok 457 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes256-cbc
ok 461 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:tripledes-cbc
ok 465 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes128-gcm
ok 469 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes192-gcm
ok 473 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha256, param:sha512 Data Method:aes256-gcm
ok 477 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes128-cbc
ok 481 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes192-cbc
ok 485 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes256-cbc
ok 489 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:tripledes-cbc
ok 493 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes128-gcm
ok 497 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes192-gcm
ok 501 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha1 Data Method:aes256-gcm
ok 505 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes128-cbc
ok 509 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes192-cbc
ok 513 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes256-cbc
ok 517 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:tripledes-cbc
ok 521 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes128-gcm
ok 525 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes192-gcm
ok 529 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha224 Data Method:aes256-gcm
ok 533 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes128-cbc
ok 537 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes192-cbc
ok 541 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes256-cbc
ok 545 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:tripledes-cbc
ok 549 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes128-gcm
ok 553 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes192-gcm
ok 557 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha256 Data Method:aes256-gcm
ok 561 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes128-cbc
ok 565 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes192-cbc
ok 569 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes256-cbc
ok 573 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:tripledes-cbc
ok 577 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes128-gcm
ok 581 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes192-gcm
ok 585 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha384 Data Method:aes256-gcm
ok 589 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes128-cbc
ok 593 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes192-cbc
ok 597 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes256-cbc
ok 601 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:tripledes-cbc
ok 605 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes128-gcm
ok 609 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes192-gcm
ok 613 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha384, param:sha512 Data Method:aes256-gcm
ok 617 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes128-cbc
ok 621 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes192-cbc
ok 625 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes256-cbc
ok 629 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:tripledes-cbc
ok 633 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes128-gcm
ok 637 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes192-gcm
ok 641 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha1 Data Method:aes256-gcm
ok 645 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes128-cbc
ok 649 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes192-cbc
ok 653 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes256-cbc
ok 657 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:tripledes-cbc
ok 661 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes128-gcm
ok 665 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes192-gcm
ok 669 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha224 Data Method:aes256-gcm
ok 673 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes128-cbc
ok 677 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes192-cbc
ok 681 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes256-cbc
ok 685 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:tripledes-cbc
ok 689 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes128-gcm
ok 693 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes192-gcm
ok 697 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha256 Data Method:aes256-gcm
ok 701 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes128-cbc
ok 705 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes192-cbc
ok 709 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes256-cbc
ok 713 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:tripledes-cbc
ok 717 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes128-gcm
ok 721 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes192-gcm
ok 725 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha384 Data Method:aes256-gcm
ok 729 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes128-cbc
ok 733 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes192-cbc
ok 737 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes256-cbc
ok 741 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:tripledes-cbc
ok 745 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes128-gcm
ok 749 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes192-gcm
ok 753 - Successful Encrypted: Key Method:rsa-oaep MGF:mgf1sha512, param:sha512 Data Method:aes256-gcm

[timlegge]

@sjaeckel @karel-m anything else you need from me?

[sjaeckel]

@sjaeckel @karel-m anything else you need from me?

no, nothing required from your side.

I've to think about whether we should break the API or add a new API function with this extended functionality... and if we add a new one, how we call it ...

[timlegge]

@sjaeckel any update/progress?

[sjaeckel]

@sjaeckel any update/progress?

not really ... at least I've rebased on current develop.

@karel-m any comments or suggestions how we could handle the API break a bit better?

[timlegge]

Thanks for keeping it fresh :-). I was going to suggest a separate API call _ex to take a page out of openSSL's book and you probably don't want to take a page out of openSSL's book... But, it's already _ex... :-) Tim Timothy Legge ***@***.*** ***@***.***

…

On Mon, Aug 7, 2023 at 10:49 AM Steffen Jaeckel ***@***.***> wrote: @sjaeckel <https://github.com/sjaeckel> any update/progress? not really ... at least I've rebased on current develop. @karel-m <https://github.com/karel-m> any comments or suggestions how we could handle the API break a bit better? — Reply to this email directly, view it on GitHub <#612 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAH3N665KPUONKXNQDJ3S6DXUDW43ANCNFSM6AAAAAAVXQ44KA> . You are receiving this because you commented.Message ID: ***@***.***>

[sjaeckel]

@karel-m could you please have a look at this PR as well?

[karel-m]

1/ I do not like the variable name lparam_hash_ as it is hard to read/understand; I would prefer lparam_hash_final or something like that.

2/ We are breaking compatibility of rsa_encrypt_key_ex + rsa_decrypt_key_ex but I can live with that.

Otherwise looks good.

[karel-m]

@sjaeckel could you please rebase rsaaes_oaep_hashes on top of the current develop? (so that I can test it with my CryptX module)

[sjaeckel]

2/ We are breaking compatibility of rsa_encrypt_key_ex + rsa_decrypt_key_ex but I can live with that.

and pkcs_1_oaep_encode + pkcs_1_oaep_decode

[karel-m]

Looks good, I am for merging.