Merge pull request #34 from libp2p/bug/weak-rsa-keys

Raise minimum bits required for RSA key to 2048

Merge pull request #34 from libp2p/bug/weak-rsa-keys
Raise minimum bits required for RSA key to 2048
a7cc4bff · bigs · GitHub · 62b2c6c4 · f1175dbc · a7cc4bff
Unverified Commit a7cc4bff authored Aug 01, 2019 by bigs Committed by GitHub Aug 01, 2019
Showing with 24 additions and 8 deletions

.travis.yml .travis.yml +1 -0

crypto/rsa_common.go crypto/rsa_common.go +19 -4

crypto/rsa_go.go crypto/rsa_go.go +3 -3

crypto/rsa_openssl.go crypto/rsa_openssl.go +1 -1

No files found.
--- a/.travis.yml
+++ b/.travis.yml
@@ -9,6 +9,7 @@ go:
 env:
  global:
    - BUILD_DEPTYPE=gomod
+    - LIBP2P_ALLOW_WEAK_RSA_KEYS=1
  matrix:
    - GOTFLAGS="-race"
    - GOTFLAGS="-race -tags=openssl"

--- a/crypto/rsa_common.go
+++ b/crypto/rsa_common.go
 package crypto

 import (
-	"errors"
+	"fmt"
+	"os"
 )

+// WeakRsaKeyEnv is an environment variable which, when set, lowers the
+// minimum required bits of RSA keys to 512. This should be used exclusively in
+// test situations.
+const WeakRsaKeyEnv = "LIBP2P_ALLOW_WEAK_RSA_KEYS"
+
+var MinRsaKeyBits = 2048
+
 // ErrRsaKeyTooSmall is returned when trying to generate or parse an RSA key
-// that's smaller than 512 bits. Keys need to be larger enough to sign a 256bit
-// hash so this is a reasonable absolute minimum.
-var ErrRsaKeyTooSmall = errors.New("rsa keys must be >= 512 bits to be useful")
+// that's smaller than MinRsaKeyBits bits. In test
+var ErrRsaKeyTooSmall error
+
+func init() {
+	if _, ok := os.LookupEnv(WeakRsaKeyEnv); ok {
+		MinRsaKeyBits = 512
+	}
+
+	ErrRsaKeyTooSmall = fmt.Errorf("rsa keys must be >= %d bits to be useful", MinRsaKeyBits)
+}
--- a/crypto/rsa_go.go
+++ b/crypto/rsa_go.go
@@ -27,7 +27,7 @@ type RsaPublicKey struct {

 // GenerateRSAKeyPair generates a new rsa private and public key
 func GenerateRSAKeyPair(bits int, src io.Reader) (PrivKey, PubKey, error) {
-	if bits < 512 {
+	if bits < MinRsaKeyBits {
 		return nil, nil, ErrRsaKeyTooSmall
 	}
 	priv, err := rsa.GenerateKey(src, bits)
@@ -102,7 +102,7 @@ func UnmarshalRsaPrivateKey(b []byte) (PrivKey, error) {
 	if err != nil {
 		return nil, err
 	}
-	if sk.N.BitLen() < 512 {
+	if sk.N.BitLen() < MinRsaKeyBits {
 		return nil, ErrRsaKeyTooSmall
 	}
 	return &RsaPrivateKey{sk: *sk}, nil
@@ -118,7 +118,7 @@ func UnmarshalRsaPublicKey(b []byte) (PubKey, error) {
 	if !ok {
 		return nil, errors.New("not actually an rsa public key")
 	}
-	if pk.N.BitLen() < 512 {
+	if pk.N.BitLen() < MinRsaKeyBits {
 		return nil, ErrRsaKeyTooSmall
 	}
 	return &RsaPublicKey{*pk}, nil

--- a/crypto/rsa_openssl.go
+++ b/crypto/rsa_openssl.go
@@ -21,7 +21,7 @@ type RsaPublicKey struct {

 // GenerateRSAKeyPair generates a new rsa private and public key
 func GenerateRSAKeyPair(bits int, _ io.Reader) (PrivKey, PubKey, error) {
-	if bits < 512 {
+	if bits < MinRsaKeyBits {
 		return nil, nil, ErrRsaKeyTooSmall
 	}