From 5ddbe05c076e1e207afec384f28da14fd54651b5 Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Thu, 29 Dec 2022 14:16:10 +0100 Subject: [PATCH] crypto/rsa: deprecate multiprime RSA support Fixes #56921 Change-Id: I03f9969a5146ab7becd983784d8cb5b23a3fbb18 Reviewed-on: https://go-review.googlesource.com/c/go/+/459976 TryBot-Bypass: Dmitri Shuralyov Run-TryBot: Filippo Valsorda Reviewed-by: Roland Shoemaker Auto-Submit: Filippo Valsorda Reviewed-by: Dmitri Shuralyov --- api/next/56921.txt | 2 ++ src/crypto/rsa/rsa.go | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 api/next/56921.txt diff --git a/api/next/56921.txt b/api/next/56921.txt new file mode 100644 index 0000000000..8faea42557 --- /dev/null +++ b/api/next/56921.txt @@ -0,0 +1,2 @@ +pkg crypto/rsa, func GenerateMultiPrimeKey //deprecated #56921 +pkg crypto/rsa, type PrecomputedValues struct, CRTValues //deprecated #56921 diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go index 11f87e8e49..adb76b6ce5 100644 --- a/src/crypto/rsa/rsa.go +++ b/src/crypto/rsa/rsa.go @@ -204,7 +204,7 @@ type PrecomputedValues struct { // differently in PKCS #1 and interoperability is sufficiently // important that we mirror this. // - // Note: these values are still filled in by Precompute for + // Deprecated: These values are still filled in by Precompute for // backwards compatibility but are not used. Multi-prime RSA is very rare, // and is implemented by this package without CRT optimizations to limit // complexity. @@ -278,7 +278,7 @@ func GenerateKey(random io.Reader, bits int) (*PrivateKey, error) { // This package does not implement CRT optimizations for multi-prime RSA, so the // keys with more than two primes will have worse performance. // -// Note: The use of this function with a number of primes different from +// Deprecated: The use of this function with a number of primes different from // two is not recommended for the above security, compatibility, and performance // reasons. Use GenerateKey instead. // -- 2.44.0