Since this is one of the more widespread used rsa crates, it would be great if this could be audited by a third party. Are there currently any plans to do so?

I don't think anyone is planning an audit. If anyone would like to pay for one, that'd be great.

According to the README for the pgp crate, rsa actually has gotten a review. If this is true then we could take that note out of the README about the lack of an audit and replace it with this statement, which would be nice. :)

rPGP and its RSA dependency got a first independent security review mid 2019.

Interesting! No one told us about it! 😉

We will soon publish the full review report.

It'd be great to know who performed the audit and have a published copy of the report so we can include it in the README.md. We've done something similar for the RustCrypto/AEAD crates:

https://github.com/RustCrypto/AEADs/tree/master/aes-gcm#security-notes

the RSA audit was performed by Include Security and was granted by the Open Technology Fund while supporting Delta Chat developments.

not sure if there is already a copy of the report published somewhere, but it is planned iirc :) cc @hpk42

@r10s @hpk42 is there an ETA of the mentioned report?

Hey,
Has there been anymore progress/confirmation on the above issues? Have any low risk issues been fixed?

Also, is this crate still maintained?

I believe this might be it:

https://delta.chat/assets/1907-otf-deltachat-rpgp-rustrsa-gb-reportv1.pdf

The following warning is still in README.md:

⚠️ WARNING: This crate has been audited by a 3rd party, but a full blog post with the results and the updates made since the audit has not been officially released yet. See #60 for more information.

Has this information been made publicly available via a first-party site yet? (i.e. hosted by someone directly involved in the audit)

The report I linked in the previous post seems to have been uploaded to a chat service, so it'd be nice to link to something official instead.

In case the report disappears, it looks like there was 1 finding with this RSA library:

• key sizes are not bounded, so if a user can pass in an arbitrarily large key it could cause memory/cpu to be consumed for a very long time and lead to DOS (very rough summary)

Key sizes are now bounded unless the user explicitly opts out of that. See e.g.:

https://docs.rs/rsa/0.7.2/rsa/struct.RsaPublicKey.html#method.new

(as well as new_with_max_size and new_unchecked)

The following warning is still in README.md:

warning WARNING: This crate has been audited by a 3rd party, but a full blog post with the results and the updates made since the audit has not been officially released yet. See #60 for more information.

Has this information been made publicly available via a first-party site yet? (i.e. hosted by someone directly involved in the audit)

The report I linked in the previous post seems to have been uploaded to a chat service, so it'd be nice to link to something official instead.

Could we just upload it to this repository instead? The warning is very discouraging from using the crate when in reality, the only problem found has been fixed already.

I opened #287 to remove the scary warning (which was somewhat nonsensical in its current state), and link to an officially hosted copy of the audit instead