-
Notifications
You must be signed in to change notification settings - Fork 17.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/rsa: deprecate GenerateMultiPrimeKey and PrecomputedValues.CRTValues #56921
Comments
Change https://go.dev/cl/453256 mentions this issue: |
Change https://go.dev/cl/453257 mentions this issue: |
These should be marked deprecated, but that needs a (likely quick) proposal review. The proposal is #56921. Change-Id: I013a913a7f5196a341e2dd5f49c2687c26ee8331 Reviewed-on: https://go-review.googlesource.com/c/go/+/453257 TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Run-TryBot: Russ Cox <rsc@golang.org>
This proposal has been added to the active column of the proposals project |
Does anyone object to marking these deprecated? |
No objection, happy to see them go. |
Based on the discussion above, this proposal seems like a likely accept. |
No change in consensus, so accepted. 🎉 |
Change https://go.dev/cl/459976 mentions this issue: |
Multi-prime RSA keys (those that are products of three or more large primes) are discouraged in general and rarely used.
As of Go 1.20, the PrecomputedValues.CRTValues supporting multiprime keys will still be computed and filled in, but to reduce the attack surface of crypto/rsa, those values will no longer be used by decryption.
PrecomputedValues.CRTValues and GenerateMultiPrimeKey were marked deprecated during the Go 1.20 cycle, but without a proposal review. I'm rolling back the deprecation marks in an upcoming CL (gopherbot will report it) and am filing this issue to discuss adding the deprecation marks.
I don't anticipate any controversy about deprecating these, the proposal process should confirm that.
The text was updated successfully, but these errors were encountered: