Ensure that the generated RSA key has the desired length #1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently it is possible that RSAGenerate generates RSA keys with a public key of length
B-1
instead ofB
(for example 1023 bit instead of 1024 bit). For use cases that require specific bit lengths (for example Certificate Authorities), that will not work. The patch adds a check to the bit length of the public key (n). If the length is less than B (desired bit length), p and q are chosen again.There was another option, where the two most significant bits of both p and q would be tested (independently) and re-generated when both were not significant.
I profiled both methods and found out that the method in the commit has less overhead. I profiled all three methods with 100 keys each.
Still, this commit increases the time to generate keys in some cases significantly. In ~33% of the key generations the run-time nearly doubled.
But it is important to notice the original library didn't generate correct keys in that cases. So actually, this fixes a serious bug in the original library that led to the generation of faulty keys in 33% of the cases but was faster.