Skip to content

Commit 89d1a36

Browse files
crewjamcrewjam
authored
xmlenv: add support for newer RSA OAEP 2009 algorithms (crewjam#600)
This is cherry-picked from crewjam#581 submitted by @wz2b
1 parent abf97a1 commit 89d1a36

File tree

1 file changed

+41
-0
lines changed

1 file changed

+41
-0
lines changed

xmlenc/pubkey.go

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -125,6 +125,9 @@ func (e RSA) Decrypt(key interface{}, ciphertextEl *etree.Element) ([]byte, erro
125125
// the block cipher used is AES-256 CBC and the digest method is SHA-256. You can
126126
// specify other ciphers and digest methods by assigning to BlockCipher or
127127
// DigestMethod.
128+
//
129+
// OAEP implements the older RSA-OAEP (2001 spec) for backward compatibility, you might
130+
// perfer OAEP_2009_256 over using this method.
128131
func OAEP() RSA {
129132
return RSA{
130133
BlockCipher: AES256CBC,
@@ -139,6 +142,44 @@ func OAEP() RSA {
139142
}
140143
}
141144

145+
// OAEP_SHA256 returns a version of RSA that implements RSA in OAEP mode. By default
146+
// the block cipher used is AES-256 CBC and the digest method is SHA-256. You can
147+
// specify other ciphers and digest methods by assigning to BlockCipher or
148+
// DigestMethod.
149+
func OAEP_SHA256() RSA { //nolint:revive
150+
return RSA{
151+
BlockCipher: AES256CBC,
152+
DigestMethod: SHA256,
153+
algorithm: "http://www.w3.org/2009/xmlenc11#rsa-oaep",
154+
155+
keyEncrypter: func(e RSA, pubKey *rsa.PublicKey, plaintext []byte) ([]byte, error) {
156+
return rsa.EncryptOAEP(e.DigestMethod.Hash(), RandReader, pubKey, plaintext, nil)
157+
},
158+
keyDecrypter: func(e RSA, privKey *rsa.PrivateKey, ciphertext []byte) ([]byte, error) {
159+
return rsa.DecryptOAEP(e.DigestMethod.Hash(), RandReader, privKey, ciphertext, nil)
160+
},
161+
}
162+
}
163+
164+
// OAEP_SHA512 returns a version of RSA that implements RSA in OAEP mode. By default
165+
// the block cipher used is AES-256 CBC and the digest method is SHA-512. You can
166+
// specify other ciphers and digest methods by assigning to BlockCipher or
167+
// DigestMethod.
168+
func OAEP_SHA512() RSA { //nolint:revive
169+
return RSA{
170+
BlockCipher: AES256CBC,
171+
DigestMethod: SHA512,
172+
algorithm: "http://www.w3.org/2009/xmlenc11#rsa-oaep",
173+
174+
keyEncrypter: func(e RSA, pubKey *rsa.PublicKey, plaintext []byte) ([]byte, error) {
175+
return rsa.EncryptOAEP(e.DigestMethod.Hash(), RandReader, pubKey, plaintext, nil)
176+
},
177+
keyDecrypter: func(e RSA, privKey *rsa.PrivateKey, ciphertext []byte) ([]byte, error) {
178+
return rsa.DecryptOAEP(e.DigestMethod.Hash(), RandReader, privKey, ciphertext, nil)
179+
},
180+
}
181+
}
182+
142183
// PKCS1v15 returns a version of RSA that implements RSA in PKCS1v15 mode. By default
143184
// the block cipher used is AES-256 CBC. The DigestMethod field is ignored because PKCS1v15
144185
// does not use a digest function.

0 commit comments

Comments
 (0)