Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove RSA PKCS #1 encryption (RSAES-PKCS1-v1_5) #8459

Open
daverodgman opened this issue Nov 1, 2023 · 4 comments
Open

Remove RSA PKCS #1 encryption (RSAES-PKCS1-v1_5) #8459

daverodgman opened this issue Nov 1, 2023 · 4 comments
Labels
api-break This issue/PR breaks the API and must wait for a new major version component-crypto Crypto primitives and low-level interfaces

Comments

@daverodgman
Copy link
Contributor

daverodgman commented Nov 1, 2023
edited by gilles-peskine-arm
Loading

Prerequisite: #8170
@daverodgman daverodgman added the api-break This issue/PR breaks the API and must wait for a new major version label Nov 1, 2023
@gilles-peskine-arm gilles-peskine-arm moved this to Requirements needed in Mbed TLS 4.0 planning Jun 19, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Jun 19, 2024
Closed
@gilles-peskine-arm gilles-peskine-arm added the component-crypto Crypto primitives and low-level interfaces label Jun 19, 2024
@gilles-peskine-arm gilles-peskine-arm moved this from Requirements needed to Decision needed in Mbed TLS 4.0 planning Jun 25, 2024
@mschulz-at-hilscher
Copy link
Contributor

We still require PKCS #1.5 for supporting OPCUA https://reference.opcfoundation.org/Core/Part7/v104/docs/6.6.165.

@mpg mpg mentioned this issue Aug 6, 2024
Closed
@yanesca
Copy link
Contributor

yanesca commented Aug 7, 2024

The title is indeed a bit ambiguous, but I believe we are considering removing RSAES-PKCS1-v1_5 (RSA encryption v1.5).

Looking at the OPCUA table, it requires RSAES-OAEP (RSA encryption v2.1) and RSASSA-PKCS1-v1_5 (RSA signature 1.5), both of which we intend to keep.

@mschulz-at-hilscher can you confirm that you don't need RSAES-PKCS1-v1_5?

@mschulz-at-hilscher
Copy link
Contributor

@mschulz-at-hilscher can you confirm that you don't need RSAES-PKCS1-v1_5?

correct, we do not need RSAES-PKCS1-v1_5

@gilles-peskine-arm
Copy link
Contributor

Architectural decision: given that we are removing TLS key exchanges that use RSAES-PKCS1-v1_5, we don't have another reason to keep RSAES-PKCS1-v1_5 around. So we are removing PSA_ALG_RSA_PKCS1V15_CRYPT and the underlying code in the RSA module (PKCS#1v1.5 encryption). (To be clear, we're keeping PKCS#1v1.5 signature, PSS, and OAEP.)

@gilles-peskine-arm gilles-peskine-arm changed the title Remove PKCS #1 encryption Remove RSA PKCS #1 encryption (RSAES-PKCS1-v1_5) Aug 7, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this issue Aug 7, 2024
Open
@github-project-automation github-project-automation bot moved this to Mbed TLS 4.0 SHOULD in Backlog for Mbed TLS Aug 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api-break This issue/PR breaks the API and must wait for a new major version component-crypto Crypto primitives and low-level interfaces
Projects
Backlog for Mbed TLS
Status: Mbed TLS 4.0 SHOULD
Mbed TLS 4.0 planning
Status: Planning needed
Milestone
No milestone
Development

No branches or pull requests
4 participants
@daverodgman @yanesca @gilles-peskine-arm @mschulz-at-hilscher