Make RsaKeyData::new fallible (#517)

Replaces unwraps with `Error::AlgorithmError`
This commit is contained in:
Tony Arcieri (iqlusion)
2023-08-15 17:33:30 -07:00
committed by GitHub
parent 75ce24a3ea
commit 45915e5e5a
+11 -10
View File
@@ -764,11 +764,12 @@ pub struct RsaKeyData {
#[cfg(feature = "untested")] #[cfg(feature = "untested")]
impl RsaKeyData { impl RsaKeyData {
/// Generates a new RSA key data set from two randomly generated, secret, primes. /// Generates a new RSA key data set from two (randomly generated) secret primes.
/// ///
/// Panics if `secret_p` or `secret_q` are invalid primes. /// # Returns
#[allow(clippy::unwrap_used)] // TODO(tarcieri): make fallible and handle errors /// - `Ok(key_data)` if `secret_p` and `secret_q` are valid primes.
pub fn new(secret_p: &[u8], secret_q: &[u8]) -> Self { /// - `Err(Error::AlgorithmError)` if `secret_p`/`secret_q` are invalid primes.
pub fn new(secret_p: &[u8], secret_q: &[u8]) -> Result<Self> {
let p = BigUint::from_bytes_be(secret_p); let p = BigUint::from_bytes_be(secret_p);
let q = BigUint::from_bytes_be(secret_q); let q = BigUint::from_bytes_be(secret_q);
@@ -779,10 +780,10 @@ impl RsaKeyData {
p_t.lcm(&q_t) p_t.lcm(&q_t)
}; };
let exp = BigUint::from_u64(KEYDATA_RSA_EXP).unwrap(); let exp = BigUint::from_u64(KEYDATA_RSA_EXP).ok_or(Error::AlgorithmError)?;
let d = exp.mod_inverse(&totient).unwrap(); let d = exp.mod_inverse(&totient).ok_or(Error::AlgorithmError)?;
let d = d.to_biguint().unwrap(); let d = d.to_biguint().ok_or(Error::AlgorithmError)?;
// We calculate the optimization values ahead of time, instead of making the user // We calculate the optimization values ahead of time, instead of making the user
// do so. // do so.
@@ -790,16 +791,16 @@ impl RsaKeyData {
let dp = &d % (&p - BigUint::one()); let dp = &d % (&p - BigUint::one());
let dq = &d % (&q - BigUint::one()); let dq = &d % (&q - BigUint::one());
let qinv = q.clone().mod_inverse(&p).unwrap(); let qinv = q.clone().mod_inverse(&p).ok_or(Error::AlgorithmError)?;
let (_, qinv) = qinv.to_bytes_be(); let (_, qinv) = qinv.to_bytes_be();
RsaKeyData { Ok(RsaKeyData {
p: Zeroizing::new(p.to_bytes_be()), p: Zeroizing::new(p.to_bytes_be()),
q: Zeroizing::new(q.to_bytes_be()), q: Zeroizing::new(q.to_bytes_be()),
dp: Zeroizing::new(dp.to_bytes_be()), dp: Zeroizing::new(dp.to_bytes_be()),
dq: Zeroizing::new(dq.to_bytes_be()), dq: Zeroizing::new(dq.to_bytes_be()),
qinv: Zeroizing::new(qinv), qinv: Zeroizing::new(qinv),
} })
} }
fn total_len(&self) -> usize { fn total_len(&self) -> usize {