[PATCH] OAEP support

Daiki Ueno ueno at unixuser.org
Wed Jul 1 07:39:23 CEST 2009

>>>>> In <87zlbqc8ny.fsf at wheatstone.g10code.de> 
>>>>>	Werner Koch <wk at gnupg.org> wrote:
> I would like to keep the flags list a real flags list without
> parameters.  Would anything speak against:

>    (data
>      (flags oaep)
>      (hash sha1)
>      (label "test")
>      (value #11223344556677889900AA#))

> I can do this change if you agree.

Yes, I would appreciate you making the interface more intuitive.

> > - After decryption, it stores the decoded value as a `decoded' token
> >   instead of `value', unlike other encodings (`raw' and `pkcs1').  This
> >   is for backward compatibility.  For example,
> >
> >   (decoded #11223344556677889900AA#)

> That is so that the caller can easily see whether OAEP has been used and
> that the code needs to be adjusted, right?

Not really.  I just felt it unnatural to reuse the same `value' tag for
both padded and unpadded plaintexts since gcry_pk_decrypt currently does
not remove any paddings.

Daiki Ueno

More information about the Gcrypt-devel mailing list