code and tests to check RSA key sizes

src/allmydata/crypto/rsa.py

@@ -77,6 +77,18 @@ def create_signing_keypair_from_string(private_key_der):
         password=None,
         backend=default_backend(),
     )
+    if not isinstance(priv_key, rsa.RSAPrivateKey):
+        raise ValueError(
+            "Private Key did not decode to an RSA key"
+        )
+    if priv_key.key_size < 2048:
+        raise ValueError(
+            "Private Key is smaller than 2048 bits"
+        )
+    if priv_key.key_size > (2048 * 8):
+        raise ValueError(
+            "Private Key is unreasonably large"
+        )
     return priv_key, priv_key.public_key()
 
 

src/allmydata/test/data/pycryptopp-rsa-1024-priv.txt

@@ -0,0 +1 @@
+MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAJLEAfZueLuT4vUQ1+c8ZM9dJ/LA29CYgA5toaMklQjbVQ2Skywvw1wEkRjhMpjQAx5+lpLTE2xCtqtfkHooMRNnquOxoh0o1Xya60jUHze7VB5QMV7BMKeUTff1hQqpIgw/GLvJRtar53cVY+SYf4SXx2/slDbVr8BI3DPwdeNtAgERAoGABzHD3GTJrteQJRxu+cQ3I0NPwx2IQ/Nlplq1GZDaIQ/FbJY+bhZrdXOswnl4cOcPNjNhu+c1qHGznv0ntayjCGgJ9dDySGqknDau+ezZcBO1JrIpPOABS7MVMst79mn47vB2+t8w5krrBYahAVp/L5kY8k+Pr9AU+L9mbevFW9MCQQDA+bAeMRNBfGc4gvoVV8ecovE1KRksFDlkaDVEOc76zNW6JZazHhQF/zIoMkV81rrg5UBntw3WR3R8A3l9osgDAkEAwrLQICJ3zjsJBt0xEkCBv9tK6IvSIc7MUQIc4J2Y1hiSjqsnTRACRy3UMsODfx/Lg7ITlDbABCLfv3v4D39jzwJBAKpFuYQNLxuqALlkgk8RN6hTiYlCYYE/BXa2TR4U4848RBy3wTSiEarwO1Ck0+afWZlCwFuDZo/kshMSH+dTZS8CQQC3PuIAIHDCGXHoV7W200zwzmSeoba2aEfTxcDTZyZvJi+VVcqi4eQGwbioP4rR/86aEQNeUaWpijv/g7xK0j/RAkBbt2U9bFFcja10KIpgw2bBxDU/c67h4+38lkrBUnM9XVBZxjbtQbnkkeAfOgQDiq3oBDBrHF3/Q8XM0CzZJBWS

src/allmydata/test/test_crypto.py

@@ -60,6 +60,28 @@ class TestRegression(unittest.TestCase):
         # The public key corresponding to `RSA_2048_PRIV_KEY`.
         RSA_2048_PUB_KEY = b64decode(f.read().strip())
 
+    with RESOURCE_DIR.child('pycryptopp-rsa-1024-priv.txt').open('r') as f:
+        # Created using `pycryptopp`:
+        #
+        #     from base64 import b64encode
+        #     from pycryptopp.publickey import rsa
+        #     priv = rsa.generate(1024)
+        #     priv_str = b64encode(priv.serialize())
+        #     pub_str = b64encode(priv.get_verifying_key().serialize())
+        RSA_TINY_PRIV_KEY = b64decode(f.read().strip())
+        assert isinstance(RSA_TINY_PRIV_KEY, native_bytes)
+
+    with RESOURCE_DIR.child('pycryptopp-rsa-32768-priv.txt').open('r') as f:
+        # Created using `pycryptopp`:
+        #
+        #     from base64 import b64encode
+        #     from pycryptopp.publickey import rsa
+        #     priv = rsa.generate(32768)
+        #     priv_str = b64encode(priv.serialize())
+        #     pub_str = b64encode(priv.get_verifying_key().serialize())
+        RSA_HUGE_PRIV_KEY = b64decode(f.read().strip())
+        assert isinstance(RSA_HUGE_PRIV_KEY, native_bytes)
+
     def test_old_start_up_test(self):
         """
         This was the old startup test run at import time in `pycryptopp.cipher.aes`.
@@ -232,6 +254,22 @@ class TestRegression(unittest.TestCase):
         priv_key, pub_key = rsa.create_signing_keypair_from_string(self.RSA_2048_PRIV_KEY)
         rsa.verify_signature(pub_key, self.RSA_2048_SIG, b'test')
 
+    def test_decode_tiny_rsa_keypair(self):
+        '''
+        An unreasonably small RSA key is rejected ("unreasonably small"
+        means less that 2048 bits)
+        '''
+        with self.assertRaises(ValueError):
+            rsa.create_signing_keypair_from_string(self.RSA_TINY_PRIV_KEY)
+
+    def test_decode_huge_rsa_keypair(self):
+        '''
+        An unreasonably _large_ RSA key is rejected ("unreasonably large"
+        means 32768 or more bits)
+        '''
+        with self.assertRaises(ValueError):
+            rsa.create_signing_keypair_from_string(self.RSA_HUGE_PRIV_KEY)
+
     def test_encrypt_data_not_bytes(self):
         '''
         only bytes can be encrypted