On 03/23/2010 04:16 PM, Niels Möller wrote:
I just realized that supporting RSA with SHA-512 leads to an interface problem.
ugh, sorry about this.
- Introduce a return value for the signing functions, to let them return a success/failure indication. This is analogous to the rsa_encrypt function, which checks if the key size is large enough for the current message size.
This sounds like the best option of the ones above; i really don't like the idea of the library aborting the calling program because of unexpected arguments.
would nettle still need to export RSA_MINIMUM_N_* with this option?
If we do this, is the return value from the rsa_*_key_prepare functions still useful?
I'm not sure about this -- i haven't used nettle widely enough to be able to give good feedback here.
No matter how the problem is solved, it will break backwards compatibility in some way. Suggestions?
yuck. it sounds like an soname bump will be needed. Do you know if any nettle client uses the #defines that we're talking about?
This exercise is probably a good one to go through (even though it's painful) so that nettle is flexible enough to be able to handle new message digests when they show up (e.g. when the SHA-3 contest reaches a conclusion).
Regards,
--dkg