diff options
author | Nick Mathewson <nickm@torproject.org> | 2012-03-27 17:57:18 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2012-03-27 22:38:06 -0400 |
commit | 01905a6ef9f00705e9db95cf134f1a08787ab92f (patch) | |
tree | 1a8c42aecee77f23cbe6eaf46ae5029d765532d0 | |
parent | 55c3e29669214e7a51b16c7273caf30b29079157 (diff) | |
download | tor-01905a6ef9f00705e9db95cf134f1a08787ab92f.tar.gz tor-01905a6ef9f00705e9db95cf134f1a08787ab92f.zip |
Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
We never use it, so having it around is pointless.
Suggested by Sebastian
-rw-r--r-- | changes/pad_rsa_always | 3 | ||||
-rw-r--r-- | src/common/crypto.c | 5 | ||||
-rw-r--r-- | src/common/crypto.h | 6 |
3 files changed, 5 insertions, 9 deletions
diff --git a/changes/pad_rsa_always b/changes/pad_rsa_always new file mode 100644 index 0000000000..a049d61c4f --- /dev/null +++ b/changes/pad_rsa_always @@ -0,0 +1,3 @@ + o Code removal: + - Remove all internal support for unpadded RSA. We never used it, and + it would be a bad idea to start. diff --git a/src/common/crypto.c b/src/common/crypto.c index 2bd2e1e4d2..e79666f955 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -140,7 +140,6 @@ crypto_get_rsa_padding_overhead(int padding) { switch (padding) { - case RSA_NO_PADDING: return 0; case RSA_PKCS1_OAEP_PADDING: return 42; case RSA_PKCS1_PADDING: return 11; default: tor_assert(0); return -1; @@ -154,7 +153,6 @@ crypto_get_rsa_padding(int padding) { switch (padding) { - case PK_NO_PADDING: return RSA_NO_PADDING; case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING; case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING; default: tor_assert(0); return -1; @@ -991,8 +989,6 @@ crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen, * bytes of data from <b>from</b>, with padding type 'padding', * storing the results on <b>to</b>. * - * (Padding is required; the PK_NO_PADDING value is not supported.) - * * Returns the number of bytes written on success, -1 on failure. * * The encrypted data consists of: @@ -1019,7 +1015,6 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env, tor_assert(from); tor_assert(to); tor_assert(fromlen < SIZE_T_CEILING); - tor_assert(padding != PK_NO_PADDING); overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding)); pkeylen = crypto_pk_keysize(env); diff --git a/src/common/crypto.h b/src/common/crypto.h index 00ac26ba26..0482e1af65 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -69,11 +69,9 @@ * signs removed. */ #define BASE64_DIGEST256_LEN 43 -/** Constants used to indicate no padding for public-key encryption */ -#define PK_NO_PADDING 60000 -/** Constants used to indicate PKCS1 padding for public-key encryption */ +/** Constant used to indicate PKCS1 padding for public-key encryption */ #define PK_PKCS1_PADDING 60001 -/** Constants used to indicate OAEP padding for public-key encryption */ +/** Constant used to indicate OAEP padding for public-key encryption */ #define PK_PKCS1_OAEP_PADDING 60002 /** Number of bytes added for PKCS1 padding. */ |