search

microsoft / go-crypto-openssl

Go crypto backend for Linux using OpenSSL
MIT License
55 stars 14 forks source link

Allow hash.Hash for OAEP and MGF1 to be specified independently #42

Closed qmuntal closed 1 year ago

qmuntal commented 1 year ago

Go just merged a capability that allows hash.Hash for RSA OAEP and MGF1 to be specified independently: https://go-review.googlesource.com/c/go/+/418874.

To do so they broke the Boring API by adding a new optional parameter to EncryptRSAOAEP and DecryptRSAOAEP. Upstream can do that because they keep the boring backend in-tree, so they are not concerned about reusing the same API in older Go versions. It does matter to us, so I've deviated a little bit from upstream and implemented the new functionality by adding two new functions: EncryptRSAOAEP_MGF1 and DecryptRSAOAEP_MGF1. This won't result in a diff conflict because the signature mismatch will be smoothed out in the backend package, by doing something like this:

func EncryptRSAOAEP(h, mgfHash hash.Hash, pub *openssl.PublicKeyRSA, msg, label []byte) ([]byte, error) {
    return openssl.EncryptRSAOAEP_MJF1(h, mgfHash , pub, msg, label)
}

func DecryptRSAOAEP(h, mgfHash hash.Hash, priv *openssl.PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) {
    return openssl.DecryptRSAOAEP_MJF1(h, mgfHash , priv, ciphertext, label)
}