[pull] master from RustCrypto:master #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
Use `thiserror` instead of `failure`
Rename `serde1` feature to `serde`
RSAPrivateKey no longer implements PublicKey. Instead, RSAPublicKey::from(RSAPrivateKey) should be used to obtain a public key.
Key trait refactor
Test assertion is manual and done with openssl
pkcs1v15: Make decrypt() and sign() generic over PrivateKey
Co-Authored-By: str4d <[email protected]>
…ds (#386) This is used on Yubico HSM for import/export under wrap as well as when importing a key unsealed.
This reverts commit 00eaa91. Unfortunately while `#` comments work in rustdoc, they are visible when GitHub renders the README.md, so this doesn't work.
This returns the `AlgorithmIdentifierOwned` assuming the default situation where the salt_len is the `output_size` of the `Digest`. This is meant to be used by HSM where the private key is hidden behind an abstraction but to still expose a `DynSignatureAlgorithmIdentifier` trait.
This allows reuse of the `RsaSignatureAssociatedOid` trait to pull implementation of `SignatureAlgorithmIdentifier` in other crates (like `yubihsm.rs`).
Bumps [spki](https://github.com/RustCrypto/formats) from 0.7.2 to 0.7.3. - [Commits](RustCrypto/formats@spki/v0.7.2...spki/v0.7.3) --- updated-dependencies: - dependency-name: spki dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Newer versions of rustc report these. They were previously ignored because they were `pub use`, but inside of a non-`pub` module.
NOTE: not for release. This signifies that we are going to make breaking changes to the `master` branch which are incompatible with v0.9 releases. The first prerelease of this series published to crates.io will be v0.10.0-pre.0 at some point in the future.
This makes it possible to use `rsa` with prerelease versions of `x509-cert`. Bumps the following dependencies: - `const-oid` v0.10.0-pre.2 - `digest` v0.11.0-pre.7 - `pkcs1` v0.8.0-pre.0 - `pkcs8` v0.11.0-pre.0 - `signature` v2.3.0-pre.2 - `sha1` v0.11.0-pre.2 - `sha2` v0.11.0-pre.2 - `sha3` v0.11.0-pre.2 - `spki` v0.8.0-pre.0
Bumps the following: - `digest` v0.11.0-pre.8 - `signature` v2.3.0-pre.3 - `sha1` v0.11.0-pre.3 - `sha2` v0.11.0-pre.3
This contains a Docker image which can be used for testing for the Marvin Attack: https://people.redhat.com/~hkario/marvin/
* pkcs1v15: ensure that these keys are used only with the old RSA OID RSA PSS keys can be used either with the old rsaEncryption OID or with the id-RSASSA-PSS, while PKCS1v15 are limited to rsaEncryption. Enforce this limitation before adding support for is-RSASSA-PSS handling. Signed-off-by: Dmitry Baryshkov <[email protected]> * feat: allow id-RSASSA-PSS in verify_algorithm_id() Allow both rsaEncoding and id-RSASSA-PSS OIDs in verify_algorithm_id(). Signed-off-by: Dmitry Baryshkov <[email protected]> * pss: support DecodePrivateKey and DecodePublicKey traits Implement necessary conversion traits to enable DecodePrivateKey and DecodePublicKey traits implementation. --------- Signed-off-by: Dmitry Baryshkov <[email protected]>
Co-authored-by: Tony Arcieri <[email protected]>
Updates the following dependencies:
$ cargo update
Updating crates.io index
Updating aes v0.8.3 -> v0.8.4
Updating autocfg v1.1.0 -> v1.3.0
Removing bitflags v1.3.2
Removing bitflags v2.4.1
Adding bitflags v2.5.0
Updating cpufeatures v0.2.11 -> v0.2.12
Updating errno v0.3.7 -> v0.3.9
Updating fastrand v2.0.1 -> v2.1.0
Updating getrandom v0.2.11 -> v0.2.15
Updating hybrid-array v0.2.0-rc.5 -> v0.2.0-rc.8
Updating libc v0.2.150 -> v0.2.155
Updating linux-raw-sys v0.4.11 -> v0.4.14 (latest: v0.6.4)
Updating num-integer v0.1.45 -> v0.1.46
Updating num-iter v0.1.43 -> v0.1.45
Updating num-traits v0.2.17 -> v0.2.19
Updating proc-macro2 v1.0.79 -> v1.0.85
Updating quote v1.0.35 -> v1.0.36
Removing redox_syscall v0.4.1
Updating regex-syntax v0.8.2 -> v0.8.3
Updating rustix v0.38.25 -> v0.38.34
Updating serde v1.0.197 -> v1.0.203
Updating serde_derive v1.0.197 -> v1.0.203
Updating smallvec v1.11.2 -> v1.13.2
Updating syn v2.0.53 -> v2.0.66
Updating tempfile v3.8.1 -> v3.10.1
Updating windows-sys v0.48.0 -> v0.52.0
Updating windows-targets v0.48.5 -> v0.52.5
Updating windows_aarch64_gnullvm v0.48.5 -> v0.52.5
Updating windows_aarch64_msvc v0.48.5 -> v0.52.5
Updating windows_i686_gnu v0.48.5 -> v0.52.5
Adding windows_i686_gnullvm v0.52.5
Updating windows_i686_msvc v0.48.5 -> v0.52.5
Updating windows_x86_64_gnu v0.48.5 -> v0.52.5
Updating windows_x86_64_gnullvm v0.48.5 -> v0.52.5
Updating windows_x86_64_msvc v0.48.5 -> v0.52.5
Updating zeroize v1.7.0 -> v1.8.1
As per #418, let me know if this is the preferred way or if you'd rather remove the limit some other way Co-authored-by: Gabriele Musco <[email protected]>
Bumps the following dependencies to their latest prerelease versions: - `const-oid` v0.10.0-rc.0 - `digest` v0.11.0-pre.9 - `pkcs1` v0.8.0-rc.0 - `pkcs8` v0.11.0-rc.0 - `signature` v2.3.0-pre.4 - `spki` v0.8.0-rc.0 - `sha1` v0.11.0-pre.4 - `sha2` v0.11.0-pre.4 Note: `pkcs5` is temporarily sourced from this PR due to circular dependency problems: RustCrypto/formats#1461
Some vendor serialization (NDA :() of signature and public keys will need the size of the salt that was used for signature. Sadly this is only exposed in the signing key (which may be out of reach (HSM)).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )