Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update to RSA 0.7.0 interfaces #193

Merged
merged 2 commits into from
Nov 4, 2022
Merged

update to RSA 0.7.0 interfaces #193

merged 2 commits into from
Nov 4, 2022

Conversation

lumag
Copy link
Contributor

@lumag lumag commented Sep 21, 2022
edited

This depends on RustCrypto/RSA#195 and needs updated md5 and ripemd crates to provide OIDs

Note: it might be simpler to just restore the rsa::Hash struct in the RSA crate.

@lumag
Update to digest 0.10 crate
2a3cdcd 
Update dependencies and Hash code to use digest v0.10 crate.

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
@lumag lumag mentioned this pull request Sep 21, 2022
Merged
@lumag lumag force-pushed the rsa-0.7.0 branch 3 times, most recently from 769e949 to 3a4514d Compare September 22, 2022 08:15
@lumag
Copy link
Contributor Author

lumag commented Sep 22, 2022

@dignifiedquire @tarcieri I noticed a side effect of this conversion. The rpgp starts to accept large RSA keys. E.g. a diff from the test_parse_dump_6:

@@ -110188,7 +110189,43 @@
 }
  DEBUG pgp::packet::signature::types     > packet: 54696d204d6f726c6579203c74696d4064657277656e742e636f2e756b3e
  DEBUG pgp::packet::signature::types     > prefix: b40000001e
- WARN  key_test                          > verification failed: public key 6ea0fbcd0c9c1545: RSAError(PublicExponentTooLarge)
+ DEBUG pgp::packet::signature::types     > verifying key (revocation): Signature {
+    packet_version: Old,
+    config: SignatureConfig {
+        version: V4,
+        typ: KeyRevocation,
+        pub_alg: RSA,
+        hash_alg: SHA1,
+        created: None,
+        issuer: None,
+        unhashed_subpackets: [
+            Issuer(
+                KeyId(6ea0fbcd0c9c1545),
+            ),
+        ],
+        hashed_subpackets: [
+            SignatureCreationTime(
+                2016-08-16T05:10:41Z,
+            ),
+            RevocationReason(
+                KeyCompromised,
+                "This key was generated as part of the Evil32 project.\nIt is not owned by the user described in the UID.\nSee https://evil32.com/revoked for more details.",
+            ),
+        ],
+    },
+    signed_hash_value: "6994",
+    signature: ["9874eb7c4e439db3c84c12777c16da7fbc2bc63cc884dbc54e545c787be91dcf022fb7c968c86f7c34b02fe11ccf6ce69b72f0cde8cfabf465e74bf477ecc01313cc6a155faade5ea2edd64c35011430e10553cae9c32c423c7fa316611d8120a9c87664e9b9ac01eda731e400cb8eda343d34ab3bcdab7a220f522c5968aa90"],
+} - PublicKey {
+    packet_version: Old,
+    version: V4,
+    algorithm: RSA,
+    created_at: 2014-07-21T20:49:33Z,
+    expiration: None,
+    public_params: PublicParams::RSA {
+        n: Mpi(aeabf22ebf5c2a537a70711fdba3bcb3ab8be63c7caa9a17a3d03b0b6b9673bb9ba2a95e031751bafffe69e26638f9be08a6229005e92b23a263c276893a263224576d9a03ef1934c58c256b5617728b2b28e5d6ca555900fb7c081317f18dc391debb4c08b4fd76db051b66fcba120ba0bb24c4b95d199f1c3be8c49b178931),
+        e: Mpi(9058273b),
+    },
+}
  DEBUG pgp::composed::signed_key::public > primary key: KeyId(05a0a15688995548)
  DEBUG pgp::composed::signed_key::public >   signatures
  DEBUG pgp::packet::many                 > got packet: Ok(

If this is undesired, we'd have to fix the crate.

@lumag
Copy link
Contributor Author

lumag commented Sep 22, 2022

Hmm. Actually no. This is caused by the RSA crate changing max public exponent.

@tarcieri
Copy link

it might be simpler to just restore the rsa::Hash struct in the RSA crate.

Looking at this PR it seems like the HashAlgorithm enum in the rpgp crate provides effectively the same functionality as what Hash used to provide (i.e. runtime selection of hash function)

@dignifiedquire
Copy link
Member

This solution looks good to me, thanks @lumag, happy to move forward with the changes on the rsa side based on this

@lumag lumag marked this pull request as ready for review October 2, 2022 15:47
@lumag lumag changed the title WIP: update to RSA 0.7.0 interfaces update to RSA 0.7.0 interfaces Oct 17, 2022
@lumag
Copy link
Contributor Author

lumag commented Oct 17, 2022

Updated the dependency to point to the released 0.7.0 RSA crate.

@lumag lumag force-pushed the rsa-0.7.0 branch 3 times, most recently from 6ea108a to 2901da0 Compare October 18, 2022 19:53
@lumag
Update to RSA 0.7.0 version
28cce48 
Update the RSA crate to the 0.7.0 version.

The parse_dumps expected values are updated to cover the keys, which
previously failed with the PublicExponentTooLarge error, but are now
accepted by the RSA crate.

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
@dignifiedquire dignifiedquire merged commit c57232e into rpgp:master Nov 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@lumag @tarcieri @dignifiedquire