Skip to content

Commit

Permalink
Make RsaPrivateKey::from_components fallible (#167)
Browse files Browse the repository at this point in the history
Adds an error case in the event the number of `primes` provides is fewer
than 2, which prevents panics when invoking methods which expect primes
to always be present at indices 0 and 1 (i.e. `p` and `q`)

Fixes #163
  • Loading branch information
tarcieri authored Jul 25, 2022
1 parent b626d48 commit 4ccdcf9
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 14 deletions.
3 changes: 3 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -63,3 +63,6 @@ getrandom = ["rand_core/getrandom"]
[package.metadata.docs.rs]
features = ["std", "pem", "serde", "expose-internals"]
rustdoc-args = ["--cfg", "docsrs"]

[profile.dev]
opt-level = 2
7 changes: 1 addition & 6 deletions src/algorithms.rs
Original file line number Diff line number Diff line change
Expand Up @@ -131,12 +131,7 @@ pub fn generate_multi_prime_key_with_exp<R: RngCore + CryptoRng>(
}
}

Ok(RsaPrivateKey::from_components(
n_final,
exp.clone(),
d_final,
primes,
))
RsaPrivateKey::from_components(n_final, exp.clone(), d_final, primes)
}

/// Mask generation function.
Expand Down
2 changes: 1 addition & 1 deletion src/encoding.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ impl TryFrom<pkcs8::PrivateKeyInfo<'_>> for RsaPrivateKey {
let prime1 = BigUint::from_bytes_be(pkcs1_key.prime1.as_bytes());
let prime2 = BigUint::from_bytes_be(pkcs1_key.prime2.as_bytes());
let primes = vec![prime1, prime2];
Ok(RsaPrivateKey::from_components(n, e, d, primes))
RsaPrivateKey::from_components(n, e, d, primes).map_err(|_| pkcs8::Error::KeyMalformed)
}
}

Expand Down
18 changes: 13 additions & 5 deletions src/key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,13 @@ impl RsaPrivateKey {
e: BigUint,
d: BigUint,
primes: Vec<BigUint>,
) -> RsaPrivateKey {
) -> Result<RsaPrivateKey> {
// TODO(tarcieri): support recovering `p` and `q` from `d` if `primes` is empty
// See method in Appendix C: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf
if primes.len() < 2 {
return Err(Error::NprimesTooSmall);
}

let mut k = RsaPrivateKey {
pubkey_components: RsaPublicKey { n, e },
d,
Expand All @@ -323,7 +329,7 @@ impl RsaPrivateKey {
// precompute when possible, ignore error otherwise.
let _ = k.precompute();

k
Ok(k)
}

/// Get the public key from the private key, cloning `n` and `e`.
Expand Down Expand Up @@ -692,7 +698,8 @@ mod tests {
BigUint::from_bytes_le(&vec![105, 101, 60, 173, 19, 153, 3, 192]),
BigUint::from_bytes_le(&vec![235, 65, 160, 134, 32, 136, 6, 241]),
],
);
)
.unwrap();

for _ in 0..1000 {
test_key_basics(&private_key);
Expand Down Expand Up @@ -785,7 +792,8 @@ mod tests {
BigUint::from_bytes_be(&e),
BigUint::from_bytes_be(&d),
primes.iter().map(|p| BigUint::from_bytes_be(p)).collect(),
);
)
.unwrap();
}

fn get_private_key() -> RsaPrivateKey {
Expand Down Expand Up @@ -825,7 +833,7 @@ mod tests {
BigUint::parse_bytes(b"00f827bbf3a41877c7cc59aebf42ed4b29c32defcb8ed96863d5b090a05a8930dd624a21c9dcf9838568fdfa0df65b8462a5f2ac913d6c56f975532bd8e78fb07bd405ca99a484bcf59f019bbddcb3933f2bce706300b4f7b110120c5df9018159067c35da3061a56c8635a52b54273b31271b4311f0795df6021e6355e1a42e61",16).unwrap(),
BigUint::parse_bytes(b"00da4817ce0089dd36f2ade6a3ff410c73ec34bf1b4f6bda38431bfede11cef1f7f6efa70e5f8063a3b1f6e17296ffb15feefa0912a0325b8d1fd65a559e717b5b961ec345072e0ec5203d03441d29af4d64054a04507410cf1da78e7b6119d909ec66e6ad625bf995b279a4b3c5be7d895cd7c5b9c4c497fde730916fcdb4e41b", 16).unwrap()
],
)
).unwrap()
}

#[test]
Expand Down
2 changes: 1 addition & 1 deletion src/pkcs1v15.rs
Original file line number Diff line number Diff line change
Expand Up @@ -259,7 +259,7 @@ mod tests {
BigUint::from_str_radix("98920366548084643601728869055592650835572950932266967461790948584315647051443",10).unwrap(),
BigUint::from_str_radix("94560208308847015747498523884063394671606671904944666360068158221458669711639", 10).unwrap()
],
)
).unwrap()
}

#[test]
Expand Down
2 changes: 1 addition & 1 deletion src/pss.rs
Original file line number Diff line number Diff line change
Expand Up @@ -265,7 +265,7 @@ mod test {
BigUint::from_str_radix("98920366548084643601728869055592650835572950932266967461790948584315647051443",10).unwrap(),
BigUint::from_str_radix("94560208308847015747498523884063394671606671904944666360068158221458669711639", 10).unwrap()
],
)
).unwrap()
}

#[test]
Expand Down

0 comments on commit 4ccdcf9

Please sign in to comment.