Built with:
Built with untrusted = "0.6.2" - Using "0.7.0" causes errors
Built with ring = "0.16.5"
Not testing:
-
The writing of PKS8 files to disk. Just keeping them in memory.
-
Does not test nonce advance as we want to try an unlimited number of attempts. Uses less_safe_key in aead.
-
RSA signatures: Ring does not have a rust function to generate primes. This is because there is a lot of risk in picking improper primes. For more information read this blog post https://blog.trailofbits.com/2019/07/08/fuck-rsa/
-
When performing hashes (digest), we used the two step method of adding context.update(data)
Might Impact Outcome:
In aead nonce is first 12 bytes of the key.
zero length in random1 or random2 can cause crashes. (PBKDF2 needs non zero values).