add RSA private key generation restrictions to primitive layer

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-05-27 08:07:31 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-05-27 08:07:31 -0500
commit: 2f7f5e9691d8c61e042b4a7e6762c5982984fdca (patch)
tree: 5c87cc578d4b677f41a518f4c16891ce9a9d81c5 /cryptography
parent: fd3572923816d3bf89b5a57671ce21ee9959f222 (diff)
download: cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.tar.gz
cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.tar.bz2
cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/cryptography/hazmat/primitives/asymmetric/rsa.py b/cryptography/hazmat/primitives/asymmetric/rsa.py
index a9f57838..e3ad5f1d 100644
--- a/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/rsa.py
@@ -187,6 +187,15 @@ class RSAPrivateKey(object):
                 _Reasons.BACKEND_MISSING_INTERFACE
             )
 
+        if public_exponent < 3:
+            raise ValueError("public_exponent must be >= 3.")
+
+        if public_exponent & 1 == 0:
+            raise ValueError("public_exponent must be odd.")
+
+        if key_size < 512:
+            raise ValueError("key_size must be at least 512-bits.")
+
         return backend.generate_rsa_private_key(public_exponent, key_size)
 
     def signer(self, padding, algorithm, backend):
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-05-27 08:07:31 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-05-27 08:07:31 -0500
commit	2f7f5e9691d8c61e042b4a7e6762c5982984fdca (patch)
tree	5c87cc578d4b677f41a518f4c16891ce9a9d81c5 /cryptography
parent	fd3572923816d3bf89b5a57671ce21ee9959f222 (diff)
download	cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.tar.gz cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.tar.bz2 cryptography-2f7f5e9691d8c61e042b4a7e6762c5982984fdca.zip