Remove libcrypto (use tutasdk RSA impl for iOS/Android) #7344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
paw-hub
force-pushed
the
kick-libcrypto
branch
4 times, most recently
from
7898bf1
to
a95edf8
Compare
paw-hub
force-pushed
the
kick-libcrypto
branch
7 times, most recently
from
c3a0d6a
to
746ccf4
Compare
paw-hub
force-pushed
the
kick-libcrypto
branch
2 times, most recently
from
027ee99
to
c8c3b27
Compare
|
A couple comments after quickly looking over all of this:
|
paw-hub
changed the title
7 tasks
paw-hub
force-pushed
the
kick-libcrypto
branch
3 times, most recently
from
f7a35fb
to
3fb9b6b
Compare
charlag
reviewed
Aug 8, 2024
| let prime_p = Zeroizing::new(prime_p); | ||
| let prime_q = Zeroizing::new(prime_q); | ||
|
|
||
| let modulus = Zeroizing::new(BASE64_STANDARD.decode(modulus).map_err(|_| RSAError::InvalidKey { reason: "modulus is not valid base64".to_owned() })?); |
There was a problem hiding this comment.
I feel like all the base64 should be done outside but also this is how RSA keys always are so maybe it's fine?
There was a problem hiding this comment.
It probably shouldn't be in base64 to begin with. I'm fairly certain we don't store it as base64, and it is just an intermediate format on the TypeScript side.
We could move the base64 decoding to the TypeScript side, but since this method will anyway be invoked from TypeScript, it doesn't really change anything.
There was a problem hiding this comment.
I assumed we store them like this but turns out it's really us??
whyyy
we should get rid of it at some point
charlag
reviewed
Aug 8, 2024
tutao-mac
force-pushed
the
kick-libcrypto
branch
2 times, most recently
from
87aff17
to
1570c6a
Compare
tutao-mac
force-pushed
the
kick-libcrypto
branch
from
1570c6a
to
c1a87eb
Compare
paw-hub
force-pushed
the
kick-libcrypto
branch
4 times, most recently
from
fbc3b43
to
9801633
Compare
paw-hub
force-pushed
the
kick-libcrypto
branch
from
9801633
to
6a7b8e7
Compare
paw-hub
force-pushed
the
kick-libcrypto
branch
from
6a7b8e7
to
d0458e5
Compare
Our usage of libcrypto (OpenSSL) had a lot of issues. For example, it was compiled a long time ago and the only Macs it ran on were x86 Macs. As such, we were unable to run tests on newer ARM-based Macs. We had a recompiled version made a long time ago that worked on new Mac, but it was postponed, and now that it is months out of date and uses the old build system (xcodeproj instead of xcodegen), it is way less work to just switch to using the SDK. We do this with Kyber anyway... Closes #6603
We no longer use libcrypto in builds, so we are not beholden to an x86 dependency for simulator. Bumping xcode version also fixes PinsStorage issue from earlier.
This brings it in line with the earlier iOS change. It also means we can test encryption results, since seeds are accepted.
paw-hub
force-pushed
the
kick-libcrypto
branch
from
d0458e5
to
e2c9eee
Compare
charlag
changed the title
charlag
added
android
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #6603