[Idpy-discuss] getting beyond RSA and PKCS1 v1.5 for pyXMLSecurity
15 Sep
2018
15 Sep
'18
12:27 p.m.
On Sat, 15 Sep 2018 at 00:32, Leif Johansson <leifj at sunet.se> wrote:
Might be better to hash out on email..,
I think it's a good idea to discuss this in the call. If Klemer is
there that could turn into a nice conversation regarding the state of
the library and how we want to move forward with refactoring. I've
already gone through Klemer's PR and your proposed PR and I have my
objections to how some things are done. I would be interested in
having a chat around how such a library should be designed. After that
we can turn this into a concrete proposal.
If you're going to be on the call, I say we should do this.
--
Ivan c00kiemon5ter Kanakarakis >:3
On 9/14/18 10:46 AM, Leif Johansson wrote:
https://github.com/IdentityPython/pyXMLSecurity/pull/49
This PR refactors how padders and hashers are created for the
cryptography backend and adds a test validating an ecdsa-sha512 signature
My plan after this is sorta like this:
1. remove the do_padding/do_hashing boolean and move the
outside-the-pkcs11-token hashing and padding into sign/verify of
XMLSecCryptoP11
2. refactor crypto to along the lines of what Steffen and others have
suggested.
3. add support for explicit parametrized padding mechanisms
Thoughts?
Do you want to add this to the agenda for next week's call?