Página inicial Explorar Ajuda
Entrar
piros
/
tor
3
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Ver código fonte

Excise PK_NO_PADDING entirely: Unpadded RSA is silly.

We never use it, so having it around is pointless.

Suggested by Sebastian
Nick Mathewson 12 anos atrás
pai
55c3e29669
commit
01905a6ef9
3 arquivos alterados com 5 adições e 9 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 3 0
      changes/pad_rsa_always
  2. 0 5
      src/common/crypto.c
  3. 2 4
      src/common/crypto.h

+ 3 - 0
changes/pad_rsa_always
Ver arquivo 

@@ -0,0 +1,3 @@
 
+  o Code removal:
 
+    - Remove all internal support for unpadded RSA. We never used it, and
 
+      it would be a bad idea to start.

+ 0 - 5
src/common/crypto.c
Ver arquivo 

@@ -140,7 +140,6 @@ crypto_get_rsa_padding_overhead(int padding)
 
 {
 
   switch (padding)
 
     {
 
-    case RSA_NO_PADDING: return 0;
 
     case RSA_PKCS1_OAEP_PADDING: return 42;
 
     case RSA_PKCS1_PADDING: return 11;
 
     default: tor_assert(0); return -1;
 
@@ -154,7 +153,6 @@ crypto_get_rsa_padding(int padding)
 
 {
 
   switch (padding)
 
     {
 
-    case PK_NO_PADDING: return RSA_NO_PADDING;
 
     case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING;
 
     case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING;
 
     default: tor_assert(0); return -1;
 
@@ -991,8 +989,6 @@ crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen,
 
  * bytes of data from <b>from</b>, with padding type 'padding',
 
  * storing the results on <b>to</b>.
 
  *
 
- * (Padding is required; the PK_NO_PADDING value is not supported.)
 
- *
 
  * Returns the number of bytes written on success, -1 on failure.
 
  *
 
  * The encrypted data consists of:
 
@@ -1019,7 +1015,6 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env,
 
   tor_assert(from);
 
   tor_assert(to);
 
   tor_assert(fromlen < SIZE_T_CEILING);
 
-  tor_assert(padding != PK_NO_PADDING);
 
 
   overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
 
   pkeylen = crypto_pk_keysize(env);

+ 2 - 4
src/common/crypto.h
Ver arquivo 

@@ -69,11 +69,9 @@
 
  * signs removed. */
 
 #define BASE64_DIGEST256_LEN 43
 
 
-/** Constants used to indicate no padding for public-key encryption */
 
-#define PK_NO_PADDING         60000
 
-/** Constants used to indicate PKCS1 padding for public-key encryption */
 
+/** Constant used to indicate PKCS1 padding for public-key encryption */
 
 #define PK_PKCS1_PADDING      60001
 
-/** Constants used to indicate OAEP padding for public-key encryption */
 
+/** Constant used to indicate OAEP padding for public-key encryption */
 
 #define PK_PKCS1_OAEP_PADDING 60002
 
 
 /** Number of bytes added for PKCS1 padding. */