Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/rsa: RSA-PSS PKCS1v15 should support SHA3 hashes (and others) #43923

Open
shaunco opened this issue Jan 26, 2021 · 4 comments
Open

crypto/rsa: RSA-PSS PKCS1v15 should support SHA3 hashes (and others) #43923

shaunco opened this issue Jan 26, 2021 · 4 comments

Comments

@shaunco
Copy link

@shaunco shaunco commented Jan 26, 2021

$ go version
go version go1.15.5 linux/amd64

Does this issue reproduce with the latest release?

Yes

What did you do?

rsa.VerifyPKCS1v15(myPublicKey, crypto.SHA3_224, hashed, signature)

What did you expect to see?

A properly verified hash. pkcs1v15HashInfo() needs to calculate the ASN1 DER prefix for algorithms that aren't in the lookup table.

What did you see instead?

crypto/rsa: unsupported hash function

Additional notes

The current code has a table of precomputed ASN1 DER prefixes for 8 algorithms. All other algorithms get crypto/rsa: unsupported hash function, even though they are valid.

@toothrot toothrot changed the title RSA-PSS PKCS1v15 should support SHA3 hashes (and others) x/crypto/rsa: RSA-PSS PKCS1v15 should support SHA3 hashes (and others) Jan 27, 2021
@gopherbot gopherbot added this to the Unreleased milestone Jan 27, 2021
@toothrot toothrot changed the title x/crypto/rsa: RSA-PSS PKCS1v15 should support SHA3 hashes (and others) crypto/rsa: RSA-PSS PKCS1v15 should support SHA3 hashes (and others) Jan 27, 2021
@toothrot
Copy link
Contributor

@toothrot toothrot commented Jan 27, 2021

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Jan 27, 2021

It's a bit unclear to me why anyone would want to use legacy PKCS#1 v1.5 with SHA-3, but if there is a need I'd accept a PR to add the relevant ASN.1 prefixes.

@shaunco
Copy link
Author

@shaunco shaunco commented Jan 29, 2021

I too wish the originator of the signatures I'm dealing with had used PSS. I'll try to find some time to submit a PR so I can ditch the current workaround I put in place.

@w3bb
Copy link

@w3bb w3bb commented May 29, 2021

Trying to reimplement a program, for some reason they use an SHA-3 hash in this way and it's broken for me.

@shaunco What's your workaround?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants