Potential license changes

Question

Potential license changes

dignifiedquire opened this issue a year ago · 3 comments

Hey, I was just starting to look around what pieces are missing to move RustCrypto/RSA to use crypto-bigint. One big one of course is implementing primality checks. It seems you have done a much more detailed job here, than I did for num-bigint-dig, and I would love to use this code in the future. But the licensing of all those crates is MIT/Apache2 which will be incompatible with AGPL unfortunately.

Answer 1 · 2023-06-28T18:39:49.000Z

Thanks for your interest! We were in fact planning to switch to MIT/Apache, I just got distracted by other tasks. I will relicense it in 0.3.1, which will be released shortly. We were also planning to move this library under RustCrypto umbrella, but there are still some ongoing discussions about the details (in particular, whether it should be a standalone crate, or a submodule of crypto-bigint).

Incidentally, this crate is currently undergoing a security audit, along with crypto-bigint. Nothing serious has been found yet, a few minor fixes will be merged with #26.

If you're planning to use it for RSA, you may want to have FIPS compatibility (#4). While in general the low-level algorithms should be compatible, there are two known deviations at the moment:

We are using method A to get the initial parameters for the Lucas test, instead of A*. This will be fixed in 0.3.1.
We are using one random-base MR test, while FIPS requires several. If you trust Baillie et al, even one is technically an overkill. In general I would feel safer with their new strengthened BPSW test (#21) as opposed to what FIPS requires.

Also, I looked through your code, and I wonder: is there any specific reason you're using almost-extra-strong check in the Lucas test? BPSW and FIPS both prefer the strong one. I initially implemented almost-extra-strong for testing purposes, and I was thinking of removing it from the public API, to avoid confusion.

Answer 2 · 2023-06-28T18:55:17.000Z

Also, I looked through your code, and I wonder: is there any specific reason you're using almost-extra-strong check in the Lucas test

As I oriented myself on golangs implemenation of RSA, I used their implementation of primality checks as reference as well: https://github.com/golang/go/blob/master/src/math/big/prime.go

Answer 3 · 2023-06-28T18:55:45.000Z

Thanks for your interest! We were in fact planning to switch to MIT/Apache, I just got distracted by other tasks. I will relicense it in 0.3.1, which will be released shortly. We were also planning to move this library under RustCrypto umbrella.

Awesome, this sounds like a great way forward!