[tor-commits] [tor/master] Excise PK_NO_PADDING entirely: Unpadded RSA is silly.

nickm at torproject.org nickm at torproject.org
Wed Mar 28 02:39:12 UTC 2012


commit 01905a6ef9f00705e9db95cf134f1a08787ab92f
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Mar 27 17:57:18 2012 -0400

    Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
    
    We never use it, so having it around is pointless.
    
    Suggested by Sebastian
---
 changes/pad_rsa_always |    3 +++
 src/common/crypto.c    |    5 -----
 src/common/crypto.h    |    6 ++----
 3 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/changes/pad_rsa_always b/changes/pad_rsa_always
new file mode 100644
index 0000000..a049d61
--- /dev/null
+++ b/changes/pad_rsa_always
@@ -0,0 +1,3 @@
+  o Code removal:
+    - Remove all internal support for unpadded RSA. We never used it, and
+      it would be a bad idea to start.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 2bd2e1e..e79666f 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -140,7 +140,6 @@ crypto_get_rsa_padding_overhead(int padding)
 {
   switch (padding)
     {
-    case RSA_NO_PADDING: return 0;
     case RSA_PKCS1_OAEP_PADDING: return 42;
     case RSA_PKCS1_PADDING: return 11;
     default: tor_assert(0); return -1;
@@ -154,7 +153,6 @@ crypto_get_rsa_padding(int padding)
 {
   switch (padding)
     {
-    case PK_NO_PADDING: return RSA_NO_PADDING;
     case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING;
     case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING;
     default: tor_assert(0); return -1;
@@ -991,8 +989,6 @@ crypto_pk_private_sign_digest(crypto_pk_t *env, char *to, size_t tolen,
  * bytes of data from <b>from</b>, with padding type 'padding',
  * storing the results on <b>to</b>.
  *
- * (Padding is required; the PK_NO_PADDING value is not supported.)
- *
  * Returns the number of bytes written on success, -1 on failure.
  *
  * The encrypted data consists of:
@@ -1019,7 +1015,6 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_t *env,
   tor_assert(from);
   tor_assert(to);
   tor_assert(fromlen < SIZE_T_CEILING);
-  tor_assert(padding != PK_NO_PADDING);
 
   overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
   pkeylen = crypto_pk_keysize(env);
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 00ac26b..0482e1a 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -69,11 +69,9 @@
  * signs removed. */
 #define BASE64_DIGEST256_LEN 43
 
-/** Constants used to indicate no padding for public-key encryption */
-#define PK_NO_PADDING         60000
-/** Constants used to indicate PKCS1 padding for public-key encryption */
+/** Constant used to indicate PKCS1 padding for public-key encryption */
 #define PK_PKCS1_PADDING      60001
-/** Constants used to indicate OAEP padding for public-key encryption */
+/** Constant used to indicate OAEP padding for public-key encryption */
 #define PK_PKCS1_OAEP_PADDING 60002
 
 /** Number of bytes added for PKCS1 padding. */





More information about the tor-commits mailing list