Skip to content

ZKVM-1458: Update RSA patch to v0.9.9 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nategraf merged 11 commits into from
Jan 23, 2026
Merged

ZKVM-1458: Update RSA patch to v0.9.9 #8

nategraf merged 11 commits into from
Jan 23, 2026

Conversation

@nategraf
Copy link

@nategraf nategraf commented Jan 5, 2026
edited
Loading

This PR merges in the upstream commits up to v0.9.9. It additionally updates to use the latest version of risc0-bigint2, from crates.io instead of a git dependency, and does some work to allow for cargo risczero guest test to work in this repo.

This PR should be merged into risc0 as a rebase, preserving this constituent commits instead of squashing them. Once this is done, tags for v0.9.8-risczero.0 and v0.9.9-risczero.0 can be pushed as new releases of this patch.

dignifiedquire and others added 11 commits November 18, 2024 10:05
@dignifiedquire
fix: handle tiny keys
201ad81
@dignifiedquire
fix: always validate keys in from_components
2edd479 
Otherwise the inner precompute could fail
@dignifiedquire
release: v0.9.7
551f6e5
@Its-Just-Nans
Add comment to specify the rand version (RustCrypto#473)
bd3575b
@newpavlov
Release v0.9.8 (RustCrypto#495)
85f03b5
@hko-s
Support for cryptographic operations with larger keys (RustCrypto#594)
c1f00a3 
Currently, this crate allows instantiation of public keys larger than
4096 bit (via `RsaPublicKey::new_with_max_size`), but doing
cryptographic operations with such public keys fails in
`key::check_public`, which always checks the modulus size against the
constant `RsaPublicKey::MAX_SIZE`.

I think it would be nice to cap both public and private key sizes to
4096 bit by default, but to allow opt-in creation of larger keys
(complete with working cryptographic operations).
@dignifiedquire
chore: release 0.9.9
488d2ad
@nategraf
update risc0-bigint2 to 1.4.11 and get cargo risczero guest test work…
9eaecfd 
…ing (v0.9.6)
@nategraf
Merge tag 'v0.9.7' into victor/0-9-x
eb9b013
@nategraf
Merge tag 'v0.9.8' into victor/0-9-x
1c3df2d
@nategraf
Merge remote-tracking branch 'upstream/0-9-x' into victor/0-9-x (v0.9.9)
93de4c5
@github-actions github-actions bot changed the title Update RSA patch to v0.9.9 ZKVM-1458: Update RSA patch to v0.9.9 Jan 5, 2026
@nategraf nategraf requested a review from flaub January 5, 2026 22:17
@nategraf
Copy link
Author

nategraf commented Jan 5, 2026

Note that most of the diff comes from the merged commits. Clicking on the individual commits will show what I changed.

@nategraf nategraf mentioned this pull request Jan 6, 2026
Merged
@flaub
Copy link
Member

flaub commented Jan 6, 2026

This seems ok, but I wonder if we should avoid merging tags. To me each branch that relates to the upstream branch should have one or more risc0 commits relating to the changes needed. It might be safe this time, but in general we should probably try and commit the set of commits for risc0 ontop of whatever tag we are patching, rather than trying to move this branch forward a tag at a time.

@flaub
Copy link
Member

flaub commented Jan 6, 2026

I'm not sure it makes sense to have a single risc0 branch, we probably need a separate risc0-<major.minor> that tracks the upstream major.minor that we are patching.

@nategraf
Copy link
Author

nategraf commented Jan 6, 2026

Can you clarify the suggested workflow. Are you suggesting that I rebase the RISC Zero commits (i.e. those made by our team) on top of the patch that I intend to patch? Or maybe you are thinking something else?

As for branches, yes I think it makes sense to have separate branches. In this repo (RSA) in particular, the line from 0.9.6 to 0.9.9 is a linear history, but the 0.10 line branches off so using a single branch could not work without rewriting history.

@nategraf nategraf merged commit 30de2b6 into risc0 Jan 23, 2026
2 checks passed
@nategraf nategraf deleted the victor/0-9-x branch January 23, 2026 23:24
nategraf added a commit to risc0/risc0 that referenced this pull request Jan 30, 2026
@nategraf @coderabbitai
Update precompile docs, examples, and remove RISC0_FEATURE_bigint2 re…
b9f08f3 
…quirement (#3634)

This PR updates our supported precompile patches. It:

* Updates the docs and examples to reflect precompile versions we
already released, but did not document.
* Updates the docs to include new precompile versions, to be released
shortly (see below)
* Removes the build-time check for the RISC0_FEATURE_bigint2 env var
which was used when bigint2 required the `unstable` feature flag.
* Removes the information about stability from the docs, as all listed
precompile patches no longer require unstable (on `main`).

This PR is follow-up to the release of `rsa` and `blst` patch versions
in the following PRs:
1. risc0/RustCrypto-RSA#8
2. risc0/blst#14

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@flaub flaub flaub approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@nategraf @flaub @dignifiedquire @Its-Just-Nans @newpavlov @hko-s