Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: crypto/rsa: allow hash.Hash for OAEP and MGF1 to be specified independently for encryption #65716

Open
mmauv opened this issue Feb 15, 2024 · 4 comments
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone

Comments

@mmauv
Copy link

mmauv commented Feb 15, 2024

Proposal Details

It is currently impossible to independently choose the hash functions used by rsa.EncryptOAEP for OAEP and MGF1. The issue was already raised in #19974; however, it has only been fixed in the decryption functions.

This functionality is needed to wrap keys for the Android Keystore secure import. The Android developer documentation specifies that encryptedTransportKey is a 256-bit AES key, [...] encrypted in RSA-OAEP mode (SHA-256 digest, SHA-1 MGF1 digest) (https://developer.android.com/reference/android/security/keystore/WrappedKeyEntry). This specification requires being able to encrypt using RSA-OAEP with different algorithms for OAEP and MGF1.

@mmauv mmauv added the Proposal label Feb 15, 2024
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/564755 mentions this issue: crypto/rsa: allow hash.Hash for OAEP and MGF1 to be specified independently for encryption

@mauri870 mauri870 changed the title crypto/rsa: allow hash.Hash for OAEP and MGF1 to be specified independently for encryption proposal: crypto/rsa: allow hash.Hash for OAEP and MGF1 to be specified independently for encryption Feb 17, 2024
@gopherbot gopherbot added this to the Proposal milestone Feb 17, 2024
@mauri870 mauri870 added the Proposal-Crypto Proposal related to crypto packages or other security issues label Feb 17, 2024
@mauri870
Copy link
Member

cc @FiloSottile @rolandshoemaker

@feyounger
Copy link

The current go has not been modified yet. You can copy the required functions from the crypto/rsa package and adjust them rsa-ecb.

@mmauv
Copy link
Author

mmauv commented Feb 26, 2024

The current go has not been modified yet. You can copy the required functions from the crypto/rsa package and adjust them rsa-ecb.

Thanks, that's the only solution I found while waiting for the change...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
Status: Incoming
Development

No branches or pull requests

4 participants