Skip to content

update to RSA 0.7.0 interfaces#193

Merged
dignifiedquire merged 2 commits intorpgp:masterfrom
lumag:rsa-0.7.0
Nov 4, 2022
Merged

update to RSA 0.7.0 interfaces#193
dignifiedquire merged 2 commits intorpgp:masterfrom
lumag:rsa-0.7.0

Conversation

@lumag
Copy link
Contributor

@lumag lumag commented Sep 21, 2022
edited
Loading

This depends on RustCrypto/RSA#195 and needs updated md5 and ripemd crates to provide OIDs

Note: it might be simpler to just restore the rsa::Hash struct in the RSA crate.

@lumag
Update to digest 0.10 crate
2a3cdcd 
Update dependencies and Hash code to use digest v0.10 crate.

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
@lumag lumag mentioned this pull request Sep 21, 2022
Merged
@lumag lumag force-pushed the rsa-0.7.0 branch 3 times, most recently from 769e949 to 3a4514d Compare September 22, 2022 08:15
@lumag
Copy link
Contributor Author

lumag commented Sep 22, 2022

@dignifiedquire @tarcieri I noticed a side effect of this conversion. The rpgp starts to accept large RSA keys. E.g. a diff from the test_parse_dump_6:

@@ -110188,7 +110189,43 @@
 }
  DEBUG pgp::packet::signature::types     > packet: 54696d204d6f726c6579203c74696d4064657277656e742e636f2e756b3e
  DEBUG pgp::packet::signature::types     > prefix: b40000001e
- WARN  key_test                          > verification failed: public key 6ea0fbcd0c9c1545: RSAError(PublicExponentTooLarge)
+ DEBUG pgp::packet::signature::types     > verifying key (revocation): Signature {
+    packet_version: Old,
+    config: SignatureConfig {
+        version: V4,
+        typ: KeyRevocation,
+        pub_alg: RSA,
+        hash_alg: SHA1,
+        created: None,
+        issuer: None,
+        unhashed_subpackets: [
+            Issuer(
+                KeyId(6ea0fbcd0c9c1545),
+            ),
+        ],
+        hashed_subpackets: [
+            SignatureCreationTime(
+                2016-08-16T05:10:41Z,
+            ),
+            RevocationReason(
+                KeyCompromised,
+                "This key was generated as part of the Evil32 project.\nIt is not owned by the user described in the UID.\nSee https://evil32.com/revoked for more details.",
+            ),
+        ],
+    },
+    signed_hash_value: "6994",
+    signature: ["9874eb7c4e439db3c84c12777c16da7fbc2bc63cc884dbc54e545c787be91dcf022fb7c968c86f7c34b02fe11ccf6ce69b72f0cde8cfabf465e74bf477ecc01313cc6a155faade5ea2edd64c35011430e10553cae9c32c423c7fa316611d8120a9c87664e9b9ac01eda731e400cb8eda343d34ab3bcdab7a220f522c5968aa90"],
+} - PublicKey {
+    packet_version: Old,
+    version: V4,
+    algorithm: RSA,
+    created_at: 2014-07-21T20:49:33Z,
+    expiration: None,
+    public_params: PublicParams::RSA {
+        n: Mpi(aeabf22ebf5c2a537a70711fdba3bcb3ab8be63c7caa9a17a3d03b0b6b9673bb9ba2a95e031751bafffe69e26638f9be08a6229005e92b23a263c276893a263224576d9a03ef1934c58c256b5617728b2b28e5d6ca555900fb7c081317f18dc391debb4c08b4fd76db051b66fcba120ba0bb24c4b95d199f1c3be8c49b178931),
+        e: Mpi(9058273b),
+    },
+}
  DEBUG pgp::composed::signed_key::public > primary key: KeyId(05a0a15688995548)
  DEBUG pgp::composed::signed_key::public >   signatures
  DEBUG pgp::packet::many                 > got packet: Ok(

If this is undesired, we'd have to fix the crate.

@lumag
Copy link
Contributor Author

lumag commented Sep 22, 2022

Hmm. Actually no. This is caused by the RSA crate changing max public exponent.

@tarcieri
Copy link

tarcieri commented Sep 22, 2022

it might be simpler to just restore the rsa::Hash struct in the RSA crate.

Looking at this PR it seems like the HashAlgorithm enum in the rpgp crate provides effectively the same functionality as what Hash used to provide (i.e. runtime selection of hash function)

@dignifiedquire
Copy link
Member

dignifiedquire commented Sep 23, 2022

This solution looks good to me, thanks @lumag, happy to move forward with the changes on the rsa side based on this

@lumag lumag marked this pull request as ready for review October 2, 2022 15:47
@lumag lumag changed the title WIP: update to RSA 0.7.0 interfaces update to RSA 0.7.0 interfaces Oct 17, 2022
@lumag
Copy link
Contributor Author

lumag commented Oct 17, 2022

Updated the dependency to point to the released 0.7.0 RSA crate.

@lumag lumag force-pushed the rsa-0.7.0 branch 3 times, most recently from 6ea108a to 2901da0 Compare October 18, 2022 19:53
@lumag
Update to RSA 0.7.0 version
28cce48 
Update the RSA crate to the 0.7.0 version.

The parse_dumps expected values are updated to cover the keys, which
previously failed with the PublicExponentTooLarge error, but are now
accepted by the RSA crate.

Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
@dignifiedquire dignifiedquire merged commit c57232e into rpgp:master Nov 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lumag @tarcieri @dignifiedquire