Conversation
tarcieri
force-pushed
the
pkcs8/getrandom-feature
branch
from
c13bf9d to
0d01b9f
Compare
This crate needs randomness for PKCS#5 salt/IVs whenever encrypting a plaintext private key. This renames the encryption methods that take an explict RNG from `encrypt` => `encrypt_with_rng` e.g. `PrivateKeyInfo::encrypt_with_rng` and adds a new e.g. `PrivateKeyInfo::encrypt` method which uses `getrandom` to obtain randomness. The trait methods `EncodePrivateKey::to_pkcs8_encrypted_der` and `::to_pkcs8_encrypted_pem` have likewise been updated to require the `getrandom` feature.
tarcieri
force-pushed
the
pkcs8/getrandom-feature
branch
from
0d01b9f to
750be25
Compare
Merged
tarcieri
added a commit
that referenced
this pull request
Apr 27, 2026
## Added - Custom error types support to the Decode and DecodeValue traits (#1055) - PrivateKeyInfoRef / PrivateKeyInfoOwned type aliases (#1483) - Implement core::error::Error trait for Error (#2302) - Implement DecodePrivateKey/EncodePrivateKey traits for PrivateKeyInfoOwned (#2306) - KeyError enum (#2305) - ctutils feature (#2308) - getrandom feature (#2311) ## Changed - Eagerly decode PEM labels for better error messages (#1163) - Use pbes2::Parameters::generate_recommended (#1430, #2296) - Make PrivateKeyInfo generic around its backing storage (#1483) - Bump rand_core to 0.9 (#1658) - Use 2024 edition; bump MSRV to 1.85 (#1670) - Bump rand_core to v0.10 (#2198) - Error::KeyMalformed now wraps an inner KeyError for providing more detail (#2305) - Use TryCryptoRng instead of CryptoRng (#2309) ## Removed - subtle feature (#2308)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This crate needs randomness for PKCS#5 salt/IVs whenever encrypting a plaintext private key.
This renames the encryption methods that take an explict RNG from
encrypt=>encrypt_with_rnge.g.PrivateKeyInfo::encrypt_with_rngand adds a new e.g.PrivateKeyInfo::encryptmethod which usesgetrandomto obtain randomness.The trait methods
EncodePrivateKey::to_pkcs8_encrypted_derand::to_pkcs8_encrypted_pemhave likewise been updated to require thegetrandomfeature.