diff options
| author | Dwayne C. Litzenberger <dlitz@dlitz.net> | 2010-08-27 00:13:44 -0400 |
|---|---|---|
| committer | Dwayne C. Litzenberger <dlitz@dlitz.net> | 2010-08-27 00:14:40 -0400 |
| commit | 6833a7bf18aa2b78798a31afeaad3d0b0f3ae2ed (patch) | |
| tree | 336c190a857d6225dbd95512c477459f26047062 | |
| parent | 1d68d2b9fdf6edc4cc672fa8f2605e6d7e4f517e (diff) | |
| download | pycrypto-6833a7bf18aa2b78798a31afeaad3d0b0f3ae2ed.tar.gz | |
Make RSA.generate raise a more user-friendly exception message when the user tries to generate a bogus-length key.
Before this change, doing RSA.generate(128*5) would raise an exception saying:
"bits must be multiple of 128 and > 512"
This was because getStrongPrime was raising the exception when trying to
generate 320-bit primes (which is correct behaviour). Now, we raise a more
friendly error message:
"RSA modulus length must be a multiple of 256 and > 1024"
| -rw-r--r-- | lib/Crypto/PublicKey/RSA.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/Crypto/PublicKey/RSA.py b/lib/Crypto/PublicKey/RSA.py index 90df785..6e123d6 100644 --- a/lib/Crypto/PublicKey/RSA.py +++ b/lib/Crypto/PublicKey/RSA.py @@ -202,6 +202,9 @@ class RSAImplementation(object): return self._current_randfunc def generate(self, bits, randfunc=None, progress_func=None): + if bits < 1024 or (bits & 0xff) != 0: + # pubkey.getStrongPrime doesn't like anything that's not a multiple of 128 and > 512 + raise ValueError("RSA modulus length must be a multiple of 256 and > 1024") rf = self._get_randfunc(randfunc) obj = _RSA.generate_py(bits, rf, progress_func) # TODO: Don't use legacy _RSA module key = self._math.rsa_construct(obj.n, obj.e, obj.d, obj.p, obj.q, obj.u) |