Skip to content

CMS/PKCS#7 support for RSAES-OAEP#289

Open
stesie wants to merge 10 commits intodigitalbazaar:mainfrom
stesie:pkcs7-rsa-oaep
Open

CMS/PKCS#7 support for RSAES-OAEP#289
stesie wants to merge 10 commits intodigitalbazaar:mainfrom
stesie:pkcs7-rsa-oaep

Conversation

@stesie
Copy link
Copy Markdown
Contributor

@stesie stesie commented Aug 19, 2015

This pull request is based on my previous pull request #288.

Goal of this change is to be able to create Enveloped-Data messages in CMS syntax (RFC 5652) using the RSA-OAEP encryption scheme. After all CMS is a successor of PKCS#7 v1.5 which probably justifies for a seperate module in forge. However I'm currently not willing to implement whole CMS stuff but just the Enveloped-Data thing like PKCS#7 with RSAES-OAEP ... which actually looks like PKCS#7, even has the version number untouched, solely a different RSAES.

... hence I decided not to create a new CMS module which effectively would be either a copy of PKCS#7 module (or some common subset) ... but instead augment the PKCS#7 module. This is latter module now allows to pass algorithm and schemeOptions options to its addRecipient method and handles them by considering changes from RFC 5652 + handling reverse direction.

Besides I changed the public API of MGF1 module so it has two new public attributes:

  • algorithm set to "mgf1", so a MGF object tells its type (like the MD objects do)
  • md allowing to access the MD injected with the create call

... both are needed so the PKCS#7 module can access the info that it has to encode into the CMS structure.

stesie added 10 commits August 15, 2015 01:35
@stesie
Wrap RSAES-OAEP encryption examples in describe blocks.
54792e5 
This way the test output makes clear why each test is passed
twice (with different message digests).
@stesie
Add tests on encode_rsa_oaep/decode_rsa_oaep argument behaviour.
7c5f074
@stesie
Allow injection of MGF to use.
76d2a14 
Removes the redundant MGF1 implementation in PKCS#1 module,
prefering injection of standalone MGF instance instead.
Old call schemes are still supported and transparently create
MGF1 instances as needed.
@stesie
Add simple tests on exception branches.
aeb8011
@stesie
Add RSA-OASP encoding support to PKCS#7 enveloped-data
da2bea2
@stesie
Add algorithm & md member to mgf1 object.
239b722
@stesie
Encode MGF1 parameters in RSAES-OAEP message.
b51ebce
@stesie
Add RSAES-OAEP PEM decoding.
0ae70ee
@stesie
Wrap RSAES-OAEP parameters in SEQUENCE objects.
d6aa530
@stesie
Whitespace fixes
bc0afcc
@dlongley
Copy link
Copy Markdown
Member

dlongley commented Aug 19, 2015

Thanks, stesie, this is great.

It will take some time for me to review this and the MGF1 API changes -- I want to ensure they work with the direction 0.7.x is headed.

@wottpal
Copy link
Copy Markdown

wottpal commented Oct 1, 2020
edited
Loading

hey @digitalbazaar @dlongley, are there any chances on getting this one merged at some point? :) We are relying on this specific pr as a dependency in our package.json for a while now and this doesn't feel like a great solution.

Thank you so much!
Dennis

@wottpal
Copy link
Copy Markdown

wottpal commented Oct 14, 2020

Hey @digitalbazaar @dlongley, PLEASE, are there any chances on getting this one merged? We really rely on it. Can I help with it in any way?

Thanks so much in advance ❤️

@dlongley
Copy link
Copy Markdown
Member

dlongley commented Oct 14, 2020

@wottpal, This PR needs to be rebased because it has conflicts. @stesie, are you able to rebase it? If not, @wottpal, could you submit a new PR that has the changes you want to see? Either way, only once the conflicts are resolved, it can be reviewed and potentially pulled in. Thanks!

@stesie
Copy link
Copy Markdown
Contributor Author

stesie commented Oct 14, 2020

I'm myself no longer using this to be honest, and I don't have much time spare right now. Hence I won't be able to do it soonish.

So if anyone else wants to step up, feel free

@Centaurioun Centaurioun mentioned this pull request Dec 14, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stesie @dlongley @wottpal