-
Notifications
You must be signed in to change notification settings - Fork 163
[WIP] Minimum modulus size checks #526
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
Changes the existing checked APIs to respect a minimum modulus size in addition to a maximum one. Note: several tests fail because of this, so we'll need to go through them and convert to an unchecked API where appropriate (or decide if the test is bogus to begin with)
2b9e941
to
f5eaf0e
Compare
key_generation!(key_generation_128, 2, 128); | ||
key_generation!(key_generation_1024, 2, 1024); | ||
|
||
key_generation!(key_generation_multi_3_256, 3, 256); | ||
|
||
key_generation!(key_generation_multi_4_64, 4, 64); | ||
|
||
key_generation!(key_generation_multi_5_64, 5, 64); | ||
key_generation!(key_generation_multi_8_576, 8, 576); | ||
key_generation!(key_generation_multi_16_1024, 16, 1024); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I removed tests that generate tiny keys. I think we probably don't actually want to provide functionality to generate such keys?
Tests that need to go fast can use a tiny key test vector rather than a factory for insecure keys.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
they are pretty useful when debugging, so I would appreciate a 64
one
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We will need to add an API specifically for generating insecure keys then. Perhaps it could be crate internal?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, I would really like to have it under the hazmat
API.. I know it's dangerous, but still sometimes useful :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm, I would really like to have it under the hazmat
API.. I know it's dangerous, but still sometimes useful :/
@@ -821,21 +877,43 @@ mod tests { | |||
use serde_test::{assert_tokens, Configure, Token}; | |||
|
|||
let mut rng = ChaCha8Rng::from_seed([42; 32]); | |||
let priv_key = RsaPrivateKey::new(&mut rng, 64).expect("failed to generate key"); | |||
let priv_key = RsaPrivateKey::new(&mut rng, 1024).expect("failed to generate key"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess this is an example that should probably be switched to a test vector key rather than trying to make one on-the-fly with a deterministic RNG.
// Always validate the key, to ensure precompute can't fail | ||
k.validate()?; | ||
|
||
// Precompute when possible, ignore error otherwise. | ||
k.precompute().ok(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These comments seem a little confusing, the first says "precompute can't fail", and the second says "ignore error", so it seems even with validation precomputation can still fail?
If that's the case, perhaps precomputation can be moved to from_components_unchecked
Down to 35 test failures 😅 |
Changes the existing checked APIs to respect a minimum modulus size in addition to a maximum one.
Note: several tests fail because of this, so we'll need to go through them and convert to an unchecked API where appropriate (or decide if the test is bogus to begin with).
Closes #445