Update crypto ecosystem#246
Conversation
bffc1ac to
960fb17
Compare
|
I updated all the rust crypto libs to their latest rc versions to make them compatible with rand 0.9. The rsa crate also received an update that hardens it against the Marvin Attack more info. |
|
A newer version of rand exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
960fb17 to
a0d4dc4
Compare
a0d4dc4 to
a70f533
Compare
| let key_mod_bignum = openssl::bn::BigNum::from_slice(&key_mod.to_bytes_be())?; | ||
| let is_equal = cert_mod.ucmp(&key_mod_bignum) == std::cmp::Ordering::Equal; | ||
| let cert_mod = rsa::BoxedUint::from_be_slice_vartime(&cert_rsa.n().to_vec()); | ||
| let is_equal = cert_mod.cmp(&key.n()) == std::cmp::Ordering::Equal; |
There was a problem hiding this comment.
This code is fine (and cmp() is constant time), but keep in mind that this is only fine because we are comparing moduli. If any secret data would be compared, we would need the constant time from_be_slice.
| .len() | ||
| .try_into() | ||
| .expect("item too large"); | ||
| dst.reserve(FRAME_LEN_SIZE + encrypted.len()); |
There was a problem hiding this comment.
Here, the Tag lenghs is already included in FRAME_LEN_SIZE?
There was a problem hiding this comment.
No its part of encrypted.len(). In the next commit we are computing it fully before encryption so there you will see we add TAG_LEN manually.
Updates the requirements on rand to permit the latest version.