Make RsaPrivateKey::from_components
fallible (#167)
Adds an error case in the event the number of `primes` provides is fewer than 2, which prevents panics when invoking methods which expect primes to always be present at indices 0 and 1 (i.e. `p` and `q`) Fixes #163
This commit is contained in:
parent
b626d48a4f
commit
4ccdcf92a9
@ -63,3 +63,6 @@ getrandom = ["rand_core/getrandom"]
|
||||
[package.metadata.docs.rs]
|
||||
features = ["std", "pem", "serde", "expose-internals"]
|
||||
rustdoc-args = ["--cfg", "docsrs"]
|
||||
|
||||
[profile.dev]
|
||||
opt-level = 2
|
||||
|
@ -131,12 +131,7 @@ pub fn generate_multi_prime_key_with_exp<R: RngCore + CryptoRng>(
|
||||
}
|
||||
}
|
||||
|
||||
Ok(RsaPrivateKey::from_components(
|
||||
n_final,
|
||||
exp.clone(),
|
||||
d_final,
|
||||
primes,
|
||||
))
|
||||
RsaPrivateKey::from_components(n_final, exp.clone(), d_final, primes)
|
||||
}
|
||||
|
||||
/// Mask generation function.
|
||||
|
@ -41,7 +41,7 @@ impl TryFrom<pkcs8::PrivateKeyInfo<'_>> for RsaPrivateKey {
|
||||
let prime1 = BigUint::from_bytes_be(pkcs1_key.prime1.as_bytes());
|
||||
let prime2 = BigUint::from_bytes_be(pkcs1_key.prime2.as_bytes());
|
||||
let primes = vec![prime1, prime2];
|
||||
Ok(RsaPrivateKey::from_components(n, e, d, primes))
|
||||
RsaPrivateKey::from_components(n, e, d, primes).map_err(|_| pkcs8::Error::KeyMalformed)
|
||||
}
|
||||
}
|
||||
|
||||
|
18
src/key.rs
18
src/key.rs
@ -312,7 +312,13 @@ impl RsaPrivateKey {
|
||||
e: BigUint,
|
||||
d: BigUint,
|
||||
primes: Vec<BigUint>,
|
||||
) -> RsaPrivateKey {
|
||||
) -> Result<RsaPrivateKey> {
|
||||
// TODO(tarcieri): support recovering `p` and `q` from `d` if `primes` is empty
|
||||
// See method in Appendix C: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br1.pdf
|
||||
if primes.len() < 2 {
|
||||
return Err(Error::NprimesTooSmall);
|
||||
}
|
||||
|
||||
let mut k = RsaPrivateKey {
|
||||
pubkey_components: RsaPublicKey { n, e },
|
||||
d,
|
||||
@ -323,7 +329,7 @@ impl RsaPrivateKey {
|
||||
// precompute when possible, ignore error otherwise.
|
||||
let _ = k.precompute();
|
||||
|
||||
k
|
||||
Ok(k)
|
||||
}
|
||||
|
||||
/// Get the public key from the private key, cloning `n` and `e`.
|
||||
@ -692,7 +698,8 @@ mod tests {
|
||||
BigUint::from_bytes_le(&vec![105, 101, 60, 173, 19, 153, 3, 192]),
|
||||
BigUint::from_bytes_le(&vec![235, 65, 160, 134, 32, 136, 6, 241]),
|
||||
],
|
||||
);
|
||||
)
|
||||
.unwrap();
|
||||
|
||||
for _ in 0..1000 {
|
||||
test_key_basics(&private_key);
|
||||
@ -785,7 +792,8 @@ mod tests {
|
||||
BigUint::from_bytes_be(&e),
|
||||
BigUint::from_bytes_be(&d),
|
||||
primes.iter().map(|p| BigUint::from_bytes_be(p)).collect(),
|
||||
);
|
||||
)
|
||||
.unwrap();
|
||||
}
|
||||
|
||||
fn get_private_key() -> RsaPrivateKey {
|
||||
@ -825,7 +833,7 @@ mod tests {
|
||||
BigUint::parse_bytes(b"00f827bbf3a41877c7cc59aebf42ed4b29c32defcb8ed96863d5b090a05a8930dd624a21c9dcf9838568fdfa0df65b8462a5f2ac913d6c56f975532bd8e78fb07bd405ca99a484bcf59f019bbddcb3933f2bce706300b4f7b110120c5df9018159067c35da3061a56c8635a52b54273b31271b4311f0795df6021e6355e1a42e61",16).unwrap(),
|
||||
BigUint::parse_bytes(b"00da4817ce0089dd36f2ade6a3ff410c73ec34bf1b4f6bda38431bfede11cef1f7f6efa70e5f8063a3b1f6e17296ffb15feefa0912a0325b8d1fd65a559e717b5b961ec345072e0ec5203d03441d29af4d64054a04507410cf1da78e7b6119d909ec66e6ad625bf995b279a4b3c5be7d895cd7c5b9c4c497fde730916fcdb4e41b", 16).unwrap()
|
||||
],
|
||||
)
|
||||
).unwrap()
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -259,7 +259,7 @@ mod tests {
|
||||
BigUint::from_str_radix("98920366548084643601728869055592650835572950932266967461790948584315647051443",10).unwrap(),
|
||||
BigUint::from_str_radix("94560208308847015747498523884063394671606671904944666360068158221458669711639", 10).unwrap()
|
||||
],
|
||||
)
|
||||
).unwrap()
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -265,7 +265,7 @@ mod test {
|
||||
BigUint::from_str_radix("98920366548084643601728869055592650835572950932266967461790948584315647051443",10).unwrap(),
|
||||
BigUint::from_str_radix("94560208308847015747498523884063394671606671904944666360068158221458669711639", 10).unwrap()
|
||||
],
|
||||
)
|
||||
).unwrap()
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
Loading…
x
Reference in New Issue
Block a user