)]}' { "commit": "86ada1ea2f51ff41baa2919337e5d721bd27f764", "tree": "5ca45782053f4467ef87d5353398383cda1cb98f", "parents": [ "048d21cc1412429f2fa3c470ac95d2e4b2d2abf9" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Wed Apr 26 17:06:17 2023 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Mon May 01 21:50:19 2023 +0000" }, "message": "Add new APIs for creating RSA keys\n\nThis adds APIs for constructing RSA keys given all the parameters. This\nis much less tedious than the set0 functions, and also avoids issues\ncaused by deferred initialization.\n\nIt doesn\u0027t quite finish initializing the keys on construction, as that\nis tied up in the rest of this mess. But later work, probably after\nConscrypt is moved to these APIs, will do this.\n\nAs part of this, add APIs that explicitly create RSA keys with no e.\nThere is actually no way to do this right now without reaching into\nlibrary internals, because RSA_set0_key refuses to accept an e-less\nprivate key. Handle this by adding a flag.\n\nI also had to add a path for Conscrypt to make an RSA_METHOD-backed key\nwith n but no e. (They need n to compute RSA-PSS padding.) I think that\nall wants to be rethought but, for now, just add an API for it.\n\nThis bumps BORINGSSL_API_VERSION so Conscrypt can have an easier time\nswitching to the new APIs.\n\nBug: 316\nChange-Id: I81498a7d0690886842016c3680ea27d1ee0fa490\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/59386\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "8f5cb5ff16fac34a65e3a5737b2413471ad99c18", "old_mode": 33188, "old_path": "crypto/fipsmodule/rsa/rsa.c", "new_id": "5b687b7a934110cc0e8a7b9d6f960fdc01981cef", "new_mode": 33188, "new_path": "crypto/fipsmodule/rsa/rsa.c" }, { "type": "modify", "old_id": "6eb44381d39ef353f50f1169532908bbbaac3ea4", "old_mode": 33188, "old_path": "crypto/fipsmodule/rsa/rsa_impl.c", "new_id": "e9379d9946d08665eb1ee018f88f6aeabc7ecda4", "new_mode": 33188, "new_path": "crypto/fipsmodule/rsa/rsa_impl.c" }, { "type": "modify", "old_id": "97afa3db347603a8ad021907908b503ea0610ff2", "old_mode": 33188, "old_path": "crypto/rsa_extra/rsa_crypt.c", "new_id": "c9d29fc170195bd997a5d2d67f9a180f49e91ab4", "new_mode": 33188, "new_path": "crypto/rsa_extra/rsa_crypt.c" }, { "type": "modify", "old_id": "b6ab5b864f3ff44a59f2705dce33b68107886310", "old_mode": 33188, "old_path": "crypto/rsa_extra/rsa_test.cc", "new_id": "4a450e596a80275c62298885a68fd5feb9ffe751", "new_mode": 33188, "new_path": "crypto/rsa_extra/rsa_test.cc" }, { "type": "modify", "old_id": "80d18a78d8ab9aca3235eec612a59f6a8c775cd5", "old_mode": 33188, "old_path": "include/openssl/base.h", "new_id": "ee266274471080015f10fd90d2938b7ebdbe2b8e", "new_mode": 33188, "new_path": "include/openssl/base.h" }, { "type": "modify", "old_id": "a1c03cd3b371f38e37016b5fd96f32db3ab9c00f", "old_mode": 33188, "old_path": "include/openssl/rsa.h", "new_id": "49a6aa6d15c32e88a710af6863a2b9b01d82e50f", "new_mode": 33188, "new_path": "include/openssl/rsa.h" } ] }