diff options
author | Dirkjan Ochtman <dirkjan@ochtman.nl> | 2016-07-19 21:12:59 +0200 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-07-19 14:12:59 -0500 |
commit | 0edf7993c66bf8e78803d771d49f5e214dbe3815 (patch) | |
tree | dabba8ea4d2a1ae27b4275a68bef2d8ac57978c5 | |
parent | 6868b1f01904270b286a4bf9dbb355e792df8f36 (diff) | |
download | cryptography-0edf7993c66bf8e78803d771d49f5e214dbe3815.tar.gz cryptography-0edf7993c66bf8e78803d771d49f5e214dbe3815.tar.bz2 cryptography-0edf7993c66bf8e78803d771d49f5e214dbe3815.zip |
Enforce that p > q to improve OpenSSL compatibility (fixes #2990) (#3010)
-rw-r--r-- | docs/hazmat/primitives/asymmetric/rsa.rst | 4 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/rsa.py | 2 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 3 |
3 files changed, 6 insertions, 3 deletions
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 4cf9fa78..10e48b4a 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -509,7 +509,9 @@ this without having to do the math themselves. .. note:: When recovering prime factors this algorithm will always return ``p`` - and ``q`` such that ``p < q``. + and ``q`` such that ``p > q``. Note: before 1.5, this function always + returned ``p`` and ``q`` such that ``p < q``. It was changed because + libraries commonly require ``p > q``. :return: A tuple ``(p, q)`` diff --git a/src/cryptography/hazmat/primitives/asymmetric/rsa.py b/src/cryptography/hazmat/primitives/asymmetric/rsa.py index d78b1b41..3157aed4 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/rsa.py +++ b/src/cryptography/hazmat/primitives/asymmetric/rsa.py @@ -257,7 +257,7 @@ def rsa_recover_prime_factors(n, e, d): # Found ! q, r = divmod(n, p) assert r == 0 - + p, q = sorted((p, q), reverse=True) return (p, q) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index e4e43780..81e3f946 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1985,10 +1985,11 @@ class TestRSAPrimeFactorRecovery(object): private["private_exponent"] ) # Unfortunately there is no convention on which prime should be p - # and which one q. The function we use always makes p < q, but the + # and which one q. The function we use always makes p > q, but the # NIST vectors are not so consistent. Accordingly, we verify we've # recovered the proper (p, q) by sorting them and asserting on that. assert sorted([p, q]) == sorted([private["p"], private["q"]]) + assert p > q def test_invalid_recover_prime_factors(self): with pytest.raises(ValueError): |