Tony Arcieri
Tony Arcieri
There was some discussion of upstreaming an Ed448 implementation here: https://github.com/RustCrypto/elliptic-curves/issues/114#issuecomment-2054201295
I think it might make sense to match version numbers with rustls to make compatibility more obvious
Yeah, we can potentially add passthroughs for this like we have for `heapless`
Fixed in v2.0.0
It looks like `EncryptedPrivateKeyInfo::encrypt` needs to be changed to use `pbes2::Parameters::recommended()` which was introduced in https://github.com/RustCrypto/formats/issues/1205 See the current implementation here: https://github.com/RustCrypto/formats/blob/c501837/pkcs8/src/encrypted_private_key_info.rs#L77 Right now it's using `scrypt::Params::default`, i.e. the OWASP...
There is currently no `Default` impl for `pbes2::Parameters`. `pbes2::Parameters::recommended()` takes an explicit RNG parameter to initialize the salt and cipher IV parameters. We could potentially add a `Default` impl gated...
Fixed in https://github.com/RustCrypto/formats/pull/1430
The reason it's a bit scary to add different types of decryption errors is because the information sidechannel they introduce can potentially be leveraged by an attacker. Example: https://en.wikipedia.org/wiki/Padding_oracle_attack A...
Joan Daemen is listed as one of the authors on the paper, so I wouldn't completely discount it, but I'm not seeing a whole lot in the way of peer...
Note: #125 includes a fix