Skip to content

[WIP] Minimum modulus size checks #526

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Conversation

tarcieri
Copy link
Member

@tarcieri tarcieri commented Jun 3, 2025

Changes the existing checked APIs to respect a minimum modulus size in addition to a maximum one.

Note: several tests fail because of this, so we'll need to go through them and convert to an unchecked API where appropriate (or decide if the test is bogus to begin with).

Closes #445

Changes the existing checked APIs to respect a minimum modulus size in
addition to a maximum one.

Note: several tests fail because of this, so we'll need to go through
them and convert to an unchecked API where appropriate (or decide if the
test is bogus to begin with)
@tarcieri tarcieri force-pushed the modulus-size-checks branch from 2b9e941 to f5eaf0e Compare June 14, 2025 17:46
Comment on lines -772 to 837
key_generation!(key_generation_128, 2, 128);
key_generation!(key_generation_1024, 2, 1024);

key_generation!(key_generation_multi_3_256, 3, 256);

key_generation!(key_generation_multi_4_64, 4, 64);

key_generation!(key_generation_multi_5_64, 5, 64);
key_generation!(key_generation_multi_8_576, 8, 576);
key_generation!(key_generation_multi_16_1024, 16, 1024);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed tests that generate tiny keys. I think we probably don't actually want to provide functionality to generate such keys?

Tests that need to go fast can use a tiny key test vector rather than a factory for insecure keys.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

they are pretty useful when debugging, so I would appreciate a 64 one

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to add an API specifically for generating insecure keys then. Perhaps it could be crate internal?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, I would really like to have it under the hazmat API.. I know it's dangerous, but still sometimes useful :/

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, I would really like to have it under the hazmat API.. I know it's dangerous, but still sometimes useful :/

@@ -821,21 +877,43 @@ mod tests {
use serde_test::{assert_tokens, Configure, Token};

let mut rng = ChaCha8Rng::from_seed([42; 32]);
let priv_key = RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key");
let priv_key = RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key");
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this is an example that should probably be switched to a test vector key rather than trying to make one on-the-fly with a deterministic RNG.

Comment on lines +343 to +347
// Always validate the key, to ensure precompute can't fail
k.validate()?;

// Precompute when possible, ignore error otherwise.
k.precompute().ok();
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These comments seem a little confusing, the first says "precompute can't fail", and the second says "ignore error", so it seems even with validation precomputation can still fail?

If that's the case, perhaps precomputation can be moved to from_components_unchecked

@tarcieri
Copy link
Member Author

Down to 35 test failures 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Minimum modulus size
2 participants