diff options
| author | Filippo Valsorda <hi@filippo.io> | 2025-01-08 09:32:30 +0100 |
|---|---|---|
| committer | Gopher Robot <gobot@golang.org> | 2025-01-08 14:29:42 -0800 |
| commit | 409cb7b975690fe2868f9ac2d40093108930dd49 (patch) | |
| tree | ab2b8b64ec9223b91080e4f78c17ec30cb40b5ec | |
| parent | 303bf19d62f308613cd14fdcd64f3b74b9ca8f9b (diff) | |
| download | go-x-website-409cb7b975690fe2868f9ac2d40093108930dd49.tar.xz | |
_content/doc/go1.24: more crypto/rsa minor release notes
Change-Id: I6a6a465689b67a9eb4525bdd4802981a6dd4caf1
Reviewed-on: https://go-review.googlesource.com/c/website/+/641275
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Russ Cox <rsc@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
| -rw-r--r-- | _content/doc/go1.24.md | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/_content/doc/go1.24.md b/_content/doc/go1.24.md index e039f872..9b00c616 100644 --- a/_content/doc/go1.24.md +++ b/_content/doc/go1.24.md @@ -391,16 +391,31 @@ provides an easy-to-use standard 2048-bit test key. It is now safe and more efficient to call [`PrivateKey.Precompute`](/pkg/crypto/rsa#PrivateKey.Precompute) before [`PrivateKey.Validate`](/pkg/crypto/rsa#PrivateKey.Validate). +`Precompute` is now faster in the presence of partially filled out +[`PrecomputedValues`](/pkg/crypto/rsa#PrecomputedValues), such as when +unmarshaling a key from JSON. -The package now rejects more invalid keys, and -[`GenerateKey`](/pkg/crypto/rsa#GenerateKey) may return new errors for broken -random sources. See also the changes to [`crypto/x509`](#cryptox509pkgcryptox509) below. +The package now rejects more invalid keys, even when `Validate` is not called, +and [`GenerateKey`](/pkg/crypto/rsa#GenerateKey) may return new errors for +broken random sources. +The [`Primes`](/pkg/crypto/rsa#PrivateKey.Primes) and +[`Precomputed`](/pkg/crypto/rsa#PrivateKey.Precomputed) fields of +[`PrivateKey`](/pkg/crypto/rsa#PrivateKey) are now used and validated even when +some values are missing. +See also the changes to `crypto/x509` parsing and marshaling of RSA keys +[described below](#cryptox509pkgcryptox509). <!-- go.dev/issue/43923 --> [`SignPKCS1v15`](/pkg/crypto/rsa#SignPKCS1v15) and [`VerifyPKCS1v15`](/pkg/crypto/rsa#VerifyPKCS1v15) now support SHA-512/224, SHA-512/256, and SHA-3. +<!-- CL 639936 --> +[`GenerateKey`](/pkg/crypto/rsa#GenerateKey) now uses a slightly different +method to generate the private exponent (Carmichael's totient instead of Euler's +totient). Rare applications that externally regenerate keys from only the prime +factors may produce different but compatible results. + <!-- CL 626957 --> Public and private key operations are now up to two times faster on wasm. |