Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add range checks to decrypt_int and decrypt_int_fast #235

Open
myheroyuki opened this issue Feb 1, 2024 · 0 comments
Open

Add range checks to decrypt_int and decrypt_int_fast #235

myheroyuki opened this issue Feb 1, 2024 · 0 comments

Comments

@myheroyuki
Copy link
Collaborator

According to RFC 8017: PKCS#1 v2.2, all cryptographic primitives should be performing range checks on their inputs. Specifically, section 5.1.2. says for RSADP

If the ciphertext representative c is not between 0 and n - 1, output "ciphertext representative out of range" and stop

and section 5.2.1. says for RSASP1

If the message representative m is not between 0 and n - 1, output "message representative out of range" and stop.

These two functions are the same and correspond to decrypt_int/decrypt_int_fast in Python-RSA. These functions should be updated since they do not have the necessary range checks. This would result in a minor API change because the user would have to consider handling new possible exceptions.

See #234 for more context.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@myheroyuki