RSA icon indicating copy to clipboard operation
RSA copied to clipboard
verified publisher icon RustCrypto

`RsaPrivateKey` should implement `Hash`

Open Erik1000 opened this issue 3 years ago • 4 comments

RsaPublicKey does implement Hash but RsaPrivateKey does not, why? rsa should conform to C-COMMON-TRAITS.

Erik1000 avatar Jul 01 '22 12:07 Erik1000

This would expose private key material to an instance of core::hash::Hasher, which is not necessarily guaranteed to operate on the key material in constant-time.

It should be fine if the Hasher is core::hash::SipHasher as used by default, as that's a secure PRF. Potential leakage will vary for other algorithms.

tarcieri avatar Jul 01 '22 12:07 tarcieri

All that said, an approach that could work and generally be safe would be hashing only the public components of RsaPrivateKey.

tarcieri avatar Jul 01 '22 12:07 tarcieri

All that said, an approach that could work and generally be safe would be hashing only the public components of RsaPrivateKey.

That should work I guess.

Erik1000 avatar Jul 01 '22 12:07 Erik1000

As long as we add some prefix, ensuring it hashes to something differently than the Public Key.

dignifiedquire avatar Oct 09 '22 10:10 dignifiedquire