To do so they broke the Boring API by adding a new optional parameter to EncryptRSAOAEP and DecryptRSAOAEP. Upstream can do that because they keep the boring backend in-tree, so they are not concerned about reusing the same API in older Go versions. It does matter to us, so I've deviated a little bit from upstream and implemented the new functionality by adding two new functions: EncryptRSAOAEP_MGF1 and DecryptRSAOAEP_MGF1. This won't result in a diff conflict because the signature mismatch will be smoothed out in the backend package, by doing something like this:
Go just merged a capability that allows hash.Hash for RSA OAEP and MGF1 to be specified independently: https://go-review.googlesource.com/c/go/+/418874.
To do so they broke the Boring API by adding a new optional parameter to
EncryptRSAOAEP
andDecryptRSAOAEP
. Upstream can do that because they keep the boring backend in-tree, so they are not concerned about reusing the same API in older Go versions. It does matter to us, so I've deviated a little bit from upstream and implemented the new functionality by adding two new functions:EncryptRSAOAEP_MGF1
andDecryptRSAOAEP_MGF1
. This won't result in a diff conflict because the signature mismatch will be smoothed out in the backend package, by doing something like this: