[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nettle-bugs
Subject:    Re: Add RSA-OAEP encryption/decryption to Nettle
From:       Daiki Ueno <ueno () gnu ! org>
Date:       2024-01-30 1:35:31
Message-ID: 874jevvc0z.fsf-ueno () gnu ! org
[Download RAW message or body]

Niels Möller <nisse@lysator.liu.se> writes:

> Daiki Ueno <ueno@gnu.org> writes:
> 
> > The zip file is no longer accessible, but I still keep a copy and it
> > seems identical to the one at:
> > https://github.com/pyca/cryptography/tree/main/vectors/cryptography_vectors/asymmetric/RSA/pkcs-1v2-1d2-vec
> >  
> > Is it OK to use the vector assuming it is public domain?
> 
> According to the closest LICENSE file,
> https://github.com/pyca/cryptography/blob/main/vectors/LICENSE, it's dual
> licensed apache/BSD (our choice), so I think that is fine. And if
> we copy just the test vectors and not any surrounding code, it seems
> questionable if that is even copyrightable.
> 
> So I think copying from there, with proper attribution, is perfectly
> fine. Formally, we'll be exercising the BSD option.

OK, thanks for the confirmation.  I've expanded the KAT tests further
using the vector and also added a license notice.

> > Yes, the length should match key->size; I've omitted the
> > ciphertext_length argument.
> 
> Thanks. Please remove everywhere, it looks like it's still present in
> some form in the test code. (You may still want to allocate an extra
> byte at the end and check that it isn't modified. Alternatively, rely on
> valgrind for detecting overwrites instead).

Added `mark_bytes_undefined (1, &ciphertext[key->size]);` to the test
cases doing encryption.

Regards,
-- 
Daiki Ueno
_______________________________________________
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-leave@lists.lysator.liu.se


[prev in list] [next in list] [prev in thread] [next in thread]