fix: handle tiny keys

RustCrypto · Nov 13, 2024 · e08adb6 · e08adb6
1 parent 8797ee2
commit e08adb6
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 2 deletions.
diff --git a/src/algorithms/pkcs1v15.rs b/src/algorithms/pkcs1v15.rs
@@ -41,7 +41,7 @@ pub(crate) fn pkcs1v15_encrypt_pad<R>(
 where
     R: CryptoRngCore + ?Sized,
 {
-    if msg.len() > k - 11 {
+    if msg.len() + 11 > k {
         return Err(Error::MessageTooLong);
     }
 

diff --git a/src/key.rs b/src/key.rs
@@ -174,6 +174,9 @@ impl RsaPublicKey {
     /// Maximum size of the modulus `n` in bits.
     pub const MAX_SIZE: usize = 4096;
 
+    /// Minimum size of the modulus `n` in bits.
+    pub const MIN_SIZE: usize = 16;
+
     /// Create a new public key from its components.
     ///
     /// This function accepts public keys with a modulus size up to 4096-bits,
@@ -504,7 +507,11 @@ pub fn check_public(public_key: &impl PublicKeyParts) -> Result<()> {
 /// Check that the public key is well formed and has an exponent within acceptable bounds.
 #[inline]
 fn check_public_with_max_size(public_key: &impl PublicKeyParts, max_size: usize) -> Result<()> {
-    if public_key.n().bits() > max_size {
+    let public_bits = public_key.n().bits();
+    if public_bits < RsaPublicKey::MIN_SIZE {
+        return Err(Error::InvalidModulus);
+    }
+    if public_bits > max_size {
         return Err(Error::ModulusTooLarge);
     }