nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Excise PK_NO_PADDING entirely: Unpadded RSA is silly.

Browse Source 
We never use it, so having it around is pointless.

Suggested by Sebastian
This commit is contained in:
Nick Mathewson 2012-03-27 17:57:18 -04:00
parent 55c3e29669
commit 01905a6ef9
3 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changes/pad_rsa_always Normal file
View File

@ -0,0 +1,3 @@
o Code removal:
- Remove all internal support for unpadded RSA. We never used it, and
it would be a bad idea to start.

5
src/common/crypto.c
View File

@ -140,7 +140,6 @@ crypto_get_rsa_padding_overhead(int padding)
{
switch (padding)
{
case RSA_NO_PADDING: return 0;
case RSA_PKCS1_OAEP_PADDING: return 42;
case RSA_PKCS1_PADDING: return 11;
default: tor_assert(0); return -1;
@ -154,7 +153,6 @@ crypto_get_rsa_padding(int padding)
{
switch (padding)
{
case PK_NO_PADDING: return RSA_NO_PADDING;
case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING;
case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING;
default: tor_assert(0); return -1;
@ -991,8 +989,6 @@ crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen,
* bytes of data from <b>from</b>, with padding type 'padding',
* storing the results on <b>to</b>.
*
* (Padding is required; the PK_NO_PADDING value is not supported.)
*
* Returns the number of bytes written on success, -1 on failure.
*
* The encrypted data consists of:
@ -1019,7 +1015,6 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env,
tor_assert(from);
tor_assert(to);
tor_assert(fromlen < SIZE_T_CEILING);
tor_assert(padding != PK_NO_PADDING);
overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
pkeylen = crypto_pk_keysize(env);

6
src/common/crypto.h
View File

@ -69,11 +69,9 @@
* signs removed. */
#define BASE64_DIGEST256_LEN 43
/** Constants used to indicate no padding for public-key encryption */
#define PK_NO_PADDING 60000
/** Constants used to indicate PKCS1 padding for public-key encryption */
/** Constant used to indicate PKCS1 padding for public-key encryption */
#define PK_PKCS1_PADDING 60001
/** Constants used to indicate OAEP padding for public-key encryption */
/** Constant used to indicate OAEP padding for public-key encryption */
#define PK_PKCS1_OAEP_PADDING 60002
/** Number of bytes added for PKCS1 padding. */