From 8c82846cb56337c80a8f0abe1ad85ae83a553799 Mon Sep 17 00:00:00 2001
From: Aumetra Weisman <aumetra@cryptolab.net>
Date: Fri, 12 Apr 2024 18:28:59 +0200
Subject: [PATCH] File unmaintained advisory for `rsa-export` (#1933)

---
 crates/rsa-export/RUSTSEC-0000-0000.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 crates/rsa-export/RUSTSEC-0000-0000.md

diff --git a/crates/rsa-export/RUSTSEC-0000-0000.md b/crates/rsa-export/RUSTSEC-0000-0000.md
new file mode 100644
index 0000000..891d90f
--- /dev/null
+++ b/crates/rsa-export/RUSTSEC-0000-0000.md
@@ -0,0 +1,25 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "rsa-export"
+date = "2024-04-06"
+references = [
+    "https://crates.io/crates/rsa-export/0.3.3",
+    "https://gitlab.com/smallglitch/rsa-export/-/commit/e29f17170d655a6f62eca8bf1f64ef0ce5807058",
+]
+informational = "unmaintained"
+
+[versions]
+patched = []
+```
+
+# `rsa-export` is unmaintained
+
+This crate has been deprecated in favour of using the native support for exporting RSA keys into the standard PEM format.  
+See [docs.rs documentation].
+
+In addition to that, the operations in this crate (arithmetic and Base64 encoding) are not done in constant-time, 
+potentially [exposing the user to sidechannel attacks].
+
+[docs.rs documentation]: https://docs.rs/rsa/0.9.6/rsa/index.html#pkcs8-rsa-key-encoding
+[exposing the user to sidechannel attacks]: https://arxiv.org/pdf/2108.04600.pdf