Support for `RSASSA-PKCS1-v1_5` with `SHA1` digest

[cocool97]

I'm maintaining adb_client, a rust crate used to communicate using Android devices over ADB protocol. I'd like to move from rsa crate to ring to handle authentication (as rsa currently has a known security vulnerability, and as I'm already depending on ring through rcgen(rustls))

When authenticating, devices need to sign random data using Pkcs1v1.5 with a SHA1 digest. rsa crate is providing this feature, but did not find any way to achieve this using ring crate .

Are you planning to provide a static RSA_PKCS1_SHA1 implementing RsaEncoding trait ? Or is there another way to achieve this ?

[briansmith]

Right now, we have ```RsaKeyPair::sign()that takes anRsaEncoding`. We intentionally don't provide an `RsaEncoding` for any SHA-1 encoding.

I am fine with accepting the addition of an RsaKeyPair::sign_with_pkcs1_sha1_for_legacy_use_only function that is basically a copy-paste of RsaKeyPair::sign() but hard-coded to use SHA-1 and PKCS1, so that we don't have to expose an RsaEncoding for SHA-1, if tests are added along with it. Many of our test vectors are from NIST and we just deleted/skipped the SHA-1-based ones, so we just need to "undelete" them.

[complexspaces]

Would that be close to #1503 (which has the test vectors, etc already handled) but just with the different public API like you proposed above?

[cocool97]

Indeed, except for a new public API as described above this PR does the trick :)

Maybe you could have a look at it @briansmith ? This would also fill other users needs !

[complexspaces]

I could take on porting that PR's contents to the new proposed API.

[cocool97]

@complexspaces do you have any updates on it ? Do you want me to handle it ?

[briansmith]

I think the existing PR's design is probably OK. If I need to separate the SHA-1 API in the future for some reason, I will do that in the next SemVer-breaking release. I have put that PR in my review queue for the next release.

[cocool97]

What PR are you referring to ? I don't see it 😅

I can test it on my project to validate this suits my need

[complexspaces]

@cocool97 I believe Brian is also referring to #1503.

My apologies for not immediately getting to the port PR, some other life items needed taken care of first. If everyone's happy enough with the existing approach of simply exposing RSA_PKCS1_SHA1_FOR_LEGACY_USE_ONLY directly, I won't put any new changes up but instead offer to help complete any PR review suggestions or rebasing required.

[cocool97]

Definitely is what I need :) Look forward to see it merge into master !