Nikos Mavrogiannopoulos nmav@redhat.com writes:
On Fri, 2016-08-05 at 09:56 +0200, Niels Möller wrote:
Nikos Mavrogiannopoulos nmav@redhat.com writes:
That's correct, but it still bugs me as a cost that gets added into busy servers.
But only once per hostkey and server restart, right?
As it is now I do not set the size explicitly and call the prepare function on every RSA operation (sign/decrypt).
Hmm. I'd imagine that you would create and initialize nettle's struct rsa_public_key and rsa_private_key at the time you read the key files on disk, and then that's also the right time to call _prepare. Is tharre any reason it's hard to organize that way?
That's correct, but I think that's the responsibility of the caller to supply the corresponding keys.
But I think we'de want to ensure that nettle doesn't crash; an application should be able to read key files controlled by an attacker and use them with nettle without crashing (bogus outputs are of course expected).
And I feel a little uneasy about ensuring that nettle's rsa functions work without crashing if the size field is too large or too small; that violates assumptions I made when writing the code quite some time ago... It might be not too difficult, but I'd feel better about having the _prepare functions be responsible for setting the size correctly.
Regards, /Niels