]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e91384d) | patch
Replace PKCS#1 v1.5 encryption in RSA PCT
authorJoachim Vandersmissen <git@jvdsn.com>
Thu, 14 Mar 2024 00:26:21 +0000 (19:26 -0500)
committerPauli <ppzgs1@gmail.com>
Wed, 21 Aug 2024 21:24:08 +0000 (07:24 +1000)
commit9341e6683c341e809acca984e74728810586cba6
tree9e4c220e72923bd55a62a296a06234a04152804atree
parente91384d5b0547bf797e2b44976f142d146c4e650commit | diff
Replace PKCS#1 v1.5 encryption in RSA PCT

After December 31, 2023, SP 800-131Ar2 [0] no longer allows PKCS#1 v1.5
padding for RSA "key-transport" (aka encryption and decryption).
There's a few good options to replace this usage in the RSA PCT, but
signature generation and verification using PKCS#1 v1.5 padding (which
remains approved) is the simplest.

[0]: https://doi.org/10.6028/NIST.SP.800-131Ar2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23832)
crypto/rsa/rsa_gen.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git