Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Documentation overhaul #23

Closed
roblabla opened this issue Aug 18, 2019 · 7 comments
Closed

Documentation overhaul #23

roblabla opened this issue Aug 18, 2019 · 7 comments
Labels
docs help wanted Extra attention is needed

Comments

@roblabla
Copy link
Contributor

The documentation in this crate is currently a bit barebones. I'd be interested in working on enhancing the documentation. Here are some things I can think of that would be nice to document:

  • RSAPrivateKey.sign Why is the Hash an Option? (Same question for verify). I assume passing None there means the "hashed" value is actually the raw message rather than a hash? That won't work for PSS verification.
  • RSAPrivateKey.validate When is it necessary to call this function? What happens if a key is used without being valid? Why do the constructors not ensure validity?
  • RSAPrivateKey.precompute Again, why not do this in new()? When is it necessary to call this function?
  • What does "blinding" the decryption process mean? When is it useful? (Probably want to put a link to wikipedia or something here, but having some documentation about it directly in the crate would be most welcome).
  • For all the enc/dec/sig/verif routines that are likely to be used, it would be nice to have a doctest showing how it should be used.
@dignifiedquire
Copy link
Member

dignifiedquire commented Aug 18, 2019 via email

@dignifiedquire dignifiedquire added the enhancement New feature or request label Aug 27, 2019
@dignifiedquire
Copy link
Member

* Why is the Hash an Option? (Same question for verify). I assume passing None there means the "hashed" value is actually the raw message rather than a hash? That won't work for PSS verification.

Yes, it is a very important part of the api to be able to pass either hashed or not hashed values.

@dignifiedquire
Copy link
Member

* When is it necessary to call this function? What happens if a key is used without being valid? Why do the constructors not ensure validity?

As far as I remember the validate call is there to ensure a given key is valid, if you don't know exactly where it comes from. Simplifying this into moving this into the constructor is likely possible.

@dignifiedquire
Copy link
Member

* [RSAPrivateKey.precompute](https://docs.rs/rsa/0.1.3/rsa/struct.RSAPrivateKey.html#method.precompute) Again, why not do this in `new()`? When is it necessary to call this function?

It already is part of the construction, should just be marked as private instead of public

@dignifiedquire
Copy link
Member

* What does "blinding" the decryption process mean? When is it useful? (Probably want to put a link to wikipedia or something here, but having some documentation about it directly in the crate would be most welcome).

yeah, some links

@dignifiedquire dignifiedquire added docs help wanted Extra attention is needed and removed enhancement New feature or request labels Aug 27, 2019
@andrewbaxter
Copy link

Yeah the sign/verify behavior WRT hash was hard for me to understand, and I ended up having to look at the code to figure out how to use it. Basically it seems like hashed may or may not be hashed bytes, but needs to correspond to Hash or None if it's not hashed.

Going off topic, I was expecting either

  1. pass in hash and plaintext, sign either hashes it for me or does non-hashed signing and returns the hash
  2. pass in a enum Unhashed(&[u8]), Hashed(Hash, &[u8]) (or maybe something more granular with each hash type and a fixed size byte array ref) which would tie those parameters together

@tarcieri
Copy link
Member

The documentation has changed considerably since this was originally filed. It now contains comprehensive examples for all of the core features of this crate.

If there are still gaps, please file more specific issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
docs help wanted Extra attention is needed
Projects
None yet
Development

No branches or pull requests

4 participants