Comments (9)
dignifiedquire
commented on July 17, 2024
- the online tool seems to only support oeap with sha1, but your rust code shows using sha2
- the default in nodejs is
sha1one as well see https://nodejs.org/api/crypto.html#crypto_crypto_privatedecrypt_privatekey_bufferoaepHash The hash function to use for OAEP padding and MGF1. Default: 'sha1'
from rsa.
wenjoy
commented on July 17, 2024
@dignifiedquire Thanks for rapidly reply. I thought is the sha1 issue. But I cant figure out how to use sha1 in this crate.
use rsa::{PublicKey, RSAPublicKey, RSAPrivateKey, PaddingScheme};
use rand::rngs::OsRng;
use sha1::Sha1;
pub fn encrypt_(key: &[u8], plaintext: &[u8]) -> Vec<u8> {
let mut rng = OsRng;
let data = plaintext;
let public_key = RSAPublicKey::from_pkcs8(key).expect("get private key error");
// pkcs#1 padding
// let padding = PaddingScheme::new_pkcs1v15_encrypt();
let padding = PaddingScheme::new_oaep::<Sha1>();
let enc_data = public_key.encrypt(&mut rng, padding, &data[..]).expect("failed to decrypt");
enc_data
}I tried this, but it complain. And I cant find out what other than Sha256 I can adapt, after go through the document.
from rsa.
tarcieri
commented on July 17, 2024
Note: SHA-1 is cryptographically broken and unsuitable for use in any secure context.
from rsa.
wenjoy
commented on July 17, 2024
@tarcieri Thanks. But I do need to interact with some legacy code. Is there any way I can use this lib to achieve?
from rsa.
dignifiedquire
commented on July 17, 2024
@wenjoy what is the issue you are encountering with passing Sha1? We do have a test making sure the code does work with Sha1: https://github.com/RustCrypto/RSA/blob/master/src/key.rs#L904
from rsa.
wenjoy
commented on July 17, 2024
@dignifiedquire I got this error:
the trait bound `sha1::Sha1: digest::Update` is not satisfied
the trait `digest::Update` is not implemented for `sha1::Sha1`
But the link you post inspired me to check the dependencies, then I solved it!
Thanks so much @dignifiedquire !
That's the thing. Previously my dependencies likes this:
sha1 = "*
after compare with this lib's , I found it should be this:
sha-1 = "*"
Now it works like a charm. But I have to say why its name so weird. Just following sha2 sha3 wouldn't be nice?
Anyway, thanks again @dignifiedquire.
from rsa.
newpavlov
commented on July 17, 2024
@wenjoy
See the following remark in the hashes repository: https://github.com/RustCrypto/hashes#crate-names
from rsa.
dignifiedquire
commented on July 17, 2024
glad to hear it is working now @wenjoy
from rsa.
wenjoy
commented on July 17, 2024
@newpavlov Now that does make sense. Thanks buddy.
from rsa.
Related Issues (20)
- Why `pss::Signature` implement `TryFrom<&[u8]>` but don't raise any error ? HOT 2
- Maximum modulus size HOT 2
- Undocumented breaking change in v0.9: `expose-internals` removed with no replacement HOT 1
- Is it possible to export the key being generated? HOT 1
- Adding rsa dependency introduces non-additive lazy_static feature that breaks other code HOT 2
- Update from 0.8 to 0.9 broke verification after reading PEM and using Sha256 PSS HOT 3
- `RsaPrivateKey::from_pkcs1_pem` error: PEM Base64 error: invalid Base64 encoding HOT 6
- How to create a Sha1 Signature? HOT 1
- Generic digest for rsa::pkcs1v15::Signature? HOT 2
- how to sign message by MD5withRSA? HOT 1
- Replacement of unmaintained library rust-crypto
- Verifying RSA Signature with OpenSSL HOT 6
- PSS signatures: Could not find 'sha2' in rsa HOT 1
- When can we expect a new release (current v0.9.2)? HOT 2
- Feature to import from JWK ? HOT 5
- Can't parse RSA Public key HOT 2
- Migrating from `num-bigint(-dig)` to `crypto-bigint` HOT 4
- Splitting up crate to reduce advisory blast radius? HOT 5
- Add Link to Security Audit HOT 1
- the function or associated item `new` exists for struct `SigningKey<CoreWrapper<CtVariableCoreWrapper<Sha256VarCore, UInt<UInt<UInt<..., ...>, ...>, ...>, ...>>>`, but its trait bounds were not satisfied [E0599] HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rsa.