-
Notifications
You must be signed in to change notification settings - Fork 156
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RsaPublicKey::from_public_key_pem crashing when using more than 4096 bits #210
Comments
What version are you using? Can you try 0.7.0-rc.1 if you haven’t already? |
Sorry for not specifying, yes I'm using "0.7.0-rc.1" |
Here's some sample code that triggers this panic let bits = 4097;
let private_key = RsaPrivateKey::new(OsRng.borrow_mut(), bits).expect("failed to generate a key");
fs::write("privkey.txt", private_key.to_pkcs8_pem(LineEnding::LF).unwrap().as_str());
let public_key = RsaPublicKey::from(&private_key);
fs::write("pubkey.txt", public_key.to_public_key_pem(LineEnding::LF).unwrap());
let pub_key_str = fs::read_to_string("pubkey.txt").unwrap(); |
Can not reproduce this with Rust 1.60, and RSA 0.6.1 or 0.7.0-rc. |
Are you neither checking the result of your writes, nor flushing after them? Did you check if the read content of |
@AppleSheeple yes:
|
I used Rust 1.60 with latest version of the crate on Windows 10 with latest updates, did you use this on GNU/Linux? Also sorry for the late reply |
I don't think fs::write needs flushing, the keys generated are fine, importing them seems to have problems |
@PaulDotSH can you post the panic message and backtrace? You have multiple unwraps in your example. Are you sure it's not one of those? Note we added a deliberate cap of 4096-bits to address #166 in #176. We could potentially raise that if there are legitimate use cases, but the higher we raise it the more it can enable an algorithmic DoS. However, that case should surface as |
Thanks! Not sure there is a use case, for my app I was going to let the user select any amount from 2048 to 8192 |
We just shipped We can potentially bikeshed that cap if you'd like to open an issue. However I would argue 4096-bits is commonly used as an upper bound as it's a point of diminishing returns after which the security margin is already quite large but performance drops off exponentially. See the ISRG CPS v2.0 guidelines as an example of this from the X.509 ecosystem: https://letsencrypt.org/documents/isrg-cps-v2.0/#dv-ssl-end-entity-certificate
Beyond that feels like a case of Too Much Crypto. |
Going to close this as working as expected, however feel free to open a separate issue to discuss the size cap. |
Generating a private key with more than 4096 bits using RsaPrivateKey::new and deriving a public key from it works fine, however when trying to read the same key from a string using RsaPublicKey::from_public_key_pem, the lib panics if the key uses more than 4096 bits, it works fine with 4096 or less, jumping to 4097 makes it panic.
The text was updated successfully, but these errors were encountered: