summary refs log tree commit diff
path: root/crypto
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2017-06-09 17:38:17 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2017-06-09 17:38:17 +0700
commitc8354a4635bc66c4878eca13b0c0ebc9da266839 (patch)
treefab5a7deb4540a01a30c05b4d051ff66b2983567 /crypto
parentAdd validation to DH public key constructor (diff)
downloadBouncyCastle.NET-ed25519-c8354a4635bc66c4878eca13b0c0ebc9da266839.tar.xz
Add validation to RSA public key constructor
Diffstat (limited to 'crypto')
-rw-r--r--crypto/src/crypto/parameters/RsaKeyParameters.cs24


-rw-r--r--crypto/test/src/crypto/test/RsaTest.cs4


2 files changed, 25 insertions, 3 deletions
diff --git a/crypto/src/crypto/parameters/RsaKeyParameters.cs b/crypto/src/crypto/parameters/RsaKeyParameters.cs

index 72c0d806f..5480f0561 100644
--- a/crypto/src/crypto/parameters/RsaKeyParameters.cs
+++ b/crypto/src/crypto/parameters/RsaKeyParameters.cs
@@ -8,6 +8,26 @@ namespace Org.BouncyCastle.Crypto.Parameters
 	public class RsaKeyParameters
 		: AsymmetricKeyParameter
     {
+        // the value is the product of the 132 smallest primes from 3 to 751
+        private static BigInteger SmallPrimesProduct = new BigInteger( 
+            "8138E8A0FCF3A4E84A771D40FD305D7F4AA59306D7251DE54D98AF8FE95729A1" +
+            "F73D893FA424CD2EDC8636A6C3285E022B0E3866A565AE8108EED8591CD4FE8D" +
+            "2CE86165A978D719EBF647F362D33FCA29CD179FB42401CBAF3DF0C614056F9C" +
+            "8F3CFD51E474AFB6BC6974F78DB8ABA8E9E517FDED658591AB7502BD41849462F",
+            16);
+
+        private static BigInteger Validate(BigInteger modulus)
+        {
+            if ((modulus.IntValue & 1) == 0)
+                throw new ArgumentException("RSA modulus is even", "modulus");
+            if (!modulus.Gcd(SmallPrimesProduct).Equals(BigInteger.One))
+                throw new ArgumentException("RSA modulus has a small prime factor");
+
+            // TODO: add additional primePower/Composite test - expensive!!
+
+            return modulus;
+        }
+
         private readonly BigInteger modulus;
         private readonly BigInteger exponent;
 
@@ -25,8 +45,10 @@ namespace Org.BouncyCastle.Crypto.Parameters
 				throw new ArgumentException("Not a valid RSA modulus", "modulus");
 			if (exponent.SignValue <= 0)
 				throw new ArgumentException("Not a valid RSA exponent", "exponent");
+            if (!isPrivate && (exponent.IntValue & 1) == 0)
+                throw new ArgumentException("RSA publicExponent is even", "exponent");
 
-			this.modulus = modulus;
+            this.modulus = Validate(modulus);
 			this.exponent = exponent;
         }
 
diff --git a/crypto/test/src/crypto/test/RsaTest.cs b/crypto/test/src/crypto/test/RsaTest.cs

index d0cbedace..e3fc18d02 100644
--- a/crypto/test/src/crypto/test/RsaTest.cs
+++ b/crypto/test/src/crypto/test/RsaTest.cs
@@ -563,7 +563,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 			}
 
 			genParam = new RsaKeyGenerationParameters(
-				BigInteger.ValueOf(0x11), new SecureRandom(), 16, 25);
+				BigInteger.ValueOf(0x11), new SecureRandom(), 128, 25);
 			pGen.Init(genParam);
 
 			for (int i = 0; i < 100; ++i)
@@ -572,7 +572,7 @@ namespace Org.BouncyCastle.Crypto.Tests
 				RsaPrivateCrtKeyParameters privKey = (RsaPrivateCrtKeyParameters) pair.Private;
 				BigInteger pqDiff = privKey.P.Subtract(privKey.Q).Abs();
 
-				if (pqDiff.BitLength < 5)
+				if (pqDiff.BitLength < 42)
 				{
 					Fail("P and Q too close in RSA key pair");
 				}

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-10 21:35:12 +0000