Skip to content

Commit

Permalink
added RSA key length check
Browse files Browse the repository at this point in the history
  • Loading branch information
@udi0peled
udi0peled committed Dec 3, 2020
1 parent e9cf9bf commit 0be17c8
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
2 changes: 1 addition & 1 deletion fb_bls_generate_key.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
def main():
parser = argparse.ArgumentParser() #formatter_class=argparse.ArgumentDefaultsHelpFormatter)
parser.add_argument("RSA_public_keys", type=str, nargs="+", help="space seperated list of RSA public key files")
parser.add_argument("--threshold", type=int, help="minimal number of shares able to reconstruct private key", required=True)
parser.add_argument("-t", "--threshold", type=int, help="minimal number of shares able to reconstruct private key", required=True)
args = parser.parse_args()

# Get passphrase for integrity check
Expand Down
3 changes: 3 additions & 0 deletions utils/genver.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,9 @@ def generate_bls_key_shares_with_verification(rsa_key_files:Dict[int,str], thres
except:
raise GenVerErrorBasic(f'Reading RSA key file {rsa_key_file}')

if rsa_key.n.bit_length() < 4096:
GenVerErrorBasic(f'RSA key is too short: {rsa_key.n.bit_length()}, should be at least 4096 bits')

try:
encrypted_master_private_key_shares[id] = cipher.encrypt(master_private_key_shares[id])
encrypted_integrity_passphrase[id] = cipher.encrypt(integrity_passphrase)
Expand Down

0 comments on commit 0be17c8

Please sign in to comment.