diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2017-06-09 17:38:17 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2017-06-09 17:38:17 +0700 |
| commit | c8354a4635bc66c4878eca13b0c0ebc9da266839 (patch) | |
| tree | fab5a7deb4540a01a30c05b4d051ff66b2983567 | |
| parent | Add validation to DH public key constructor (diff) | |
| download | BouncyCastle.NET-ed25519-c8354a4635bc66c4878eca13b0c0ebc9da266839.tar.xz | |
Add validation to RSA public key constructor
| -rw-r--r-- | crypto/src/crypto/parameters/RsaKeyParameters.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/crypto/test/RsaTest.cs | 4 |
2 files changed, 25 insertions, 3 deletions
diff --git a/crypto/src/crypto/parameters/RsaKeyParameters.cs b/crypto/src/crypto/parameters/RsaKeyParameters.cs index 72c0d806f..5480f0561 100644 --- a/crypto/src/crypto/parameters/RsaKeyParameters.cs +++ b/crypto/src/crypto/parameters/RsaKeyParameters.cs @@ -8,6 +8,26 @@ namespace Org.BouncyCastle.Crypto.Parameters public class RsaKeyParameters : AsymmetricKeyParameter { + // the value is the product of the 132 smallest primes from 3 to 751 + private static BigInteger SmallPrimesProduct = new BigInteger( + "8138E8A0FCF3A4E84A771D40FD305D7F4AA59306D7251DE54D98AF8FE95729A1" + + "F73D893FA424CD2EDC8636A6C3285E022B0E3866A565AE8108EED8591CD4FE8D" + + "2CE86165A978D719EBF647F362D33FCA29CD179FB42401CBAF3DF0C614056F9C" + + "8F3CFD51E474AFB6BC6974F78DB8ABA8E9E517FDED658591AB7502BD41849462F", + 16); + + private static BigInteger Validate(BigInteger modulus) + { + if ((modulus.IntValue & 1) == 0) + throw new ArgumentException("RSA modulus is even", "modulus"); + if (!modulus.Gcd(SmallPrimesProduct).Equals(BigInteger.One)) + throw new ArgumentException("RSA modulus has a small prime factor"); + + // TODO: add additional primePower/Composite test - expensive!! + + return modulus; + } + private readonly BigInteger modulus; private readonly BigInteger exponent; @@ -25,8 +45,10 @@ namespace Org.BouncyCastle.Crypto.Parameters throw new ArgumentException("Not a valid RSA modulus", "modulus"); if (exponent.SignValue <= 0) throw new ArgumentException("Not a valid RSA exponent", "exponent"); + if (!isPrivate && (exponent.IntValue & 1) == 0) + throw new ArgumentException("RSA publicExponent is even", "exponent"); - this.modulus = modulus; + this.modulus = Validate(modulus); this.exponent = exponent; } diff --git a/crypto/test/src/crypto/test/RsaTest.cs b/crypto/test/src/crypto/test/RsaTest.cs index d0cbedace..e3fc18d02 100644 --- a/crypto/test/src/crypto/test/RsaTest.cs +++ b/crypto/test/src/crypto/test/RsaTest.cs @@ -563,7 +563,7 @@ namespace Org.BouncyCastle.Crypto.Tests } genParam = new RsaKeyGenerationParameters( - BigInteger.ValueOf(0x11), new SecureRandom(), 16, 25); + BigInteger.ValueOf(0x11), new SecureRandom(), 128, 25); pGen.Init(genParam); for (int i = 0; i < 100; ++i) @@ -572,7 +572,7 @@ namespace Org.BouncyCastle.Crypto.Tests RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters) pair.Private; BigInteger pqDiff = privKey.P.Subtract(privKey.Q).Abs(); - if (pqDiff.BitLength < 5) + if (pqDiff.BitLength < 42) { Fail("P and Q too close in RSA key pair"); } |