-
Notifications
You must be signed in to change notification settings - Fork 115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support OAEP encryption schema #126
base: main
Are you sure you want to change the base?
Conversation
Please give some context for this PR. As it stands now, the commit just adds a few functions to a file, and nothing else. There doesn't seem to be any interface for people to use it, and no documentation either. Not sure what to make of this. |
@sybrenstuvel What API do you prefer?
|
I don't know, because for that I would have to know more about the intended audience, intended use cases, etc. Should it even be different functions in the public API, or should the switch between PKCS versions / encryption standards (that's my interpretation right now, let me know if I'm wrong) be done using arguments to the already-existing functions? |
OAEP is stronger than PKCS1_v1.5. When encrypting the same plaintext twice, OAEP produces different encrypted text. OAEP is recommended for new protocols. https://tools.ietf.org/html/rfc8017#section-7 says:
I think so because they have different arguments. OAEP supports optional "label". While this PR uses For example, Go has two APIs with different signature: EncryptOAEP, EncryptPKCS1v15. My current idea is:
Additionally, I want to rename |
I think it's a good idea to support OAEP, so thanks for the patch & the explanation. Also, sorry for the delayed answer! As far as the patch itself, I think some things can be improved. For one, by now there is no more need to support Python versions older than 3.6, as these are no longer supported by Python Software Foundation themselves. I also feel that the code uses too many tiny-named variables (like
That looks good to me, at least for now. I'll want to refactor the code a bit more after OAEP support is in, to see if I can abstract things a little bit more and reduce the amount of copied code. That's easier to do once this patch is in, though.
I agree. Also this is something for another commit, such that functional and non-functional changes are separated. I guess this'll become version 5.0 of the library :) |
PS: If you could look at resolving the current conflicts & renaming some variables so that they're more descriptive (and maybe add some type annotations to functions), I'll accept the patch and put it in a separate branch. The rest of the work can be done later by either of us in that branch, and later be merged to |
No description provided.