diff options
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/rsa.rst | 7 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/rsa.py | 8 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 10 |
3 files changed, 9 insertions, 16 deletions
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 7a22c204..4423aa8e 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -395,15 +395,14 @@ this without having to do the math themselves. .. versionadded:: 0.8 + Computes ``(p, q)`` given the modulus, public exponent, and private + exponent. + .. note:: When recovering prime factors this algorithm will always return ``p`` and ``q`` such that ``p < q``. - - Computes ``(p, q)`` given the modulus, public exponent, and private - exponent. - :return: A tuple ``(p, q)`` diff --git a/src/cryptography/hazmat/primitives/asymmetric/rsa.py b/src/cryptography/hazmat/primitives/asymmetric/rsa.py index 15aba3e4..d267c387 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/rsa.py +++ b/src/cryptography/hazmat/primitives/asymmetric/rsa.py @@ -138,7 +138,7 @@ def rsa_recover_prime_factors(n, e, d): # any candidate a leads to successful factoring. # See "Digitalized Signatures and Public Key Functions as Intractable # as Factorization", M. Rabin, 1979 - spotted = 0 + spotted = False a = 2 while not spotted and a < 1000: k = t @@ -150,11 +150,11 @@ def rsa_recover_prime_factors(n, e, d): # We have found a number such that (cand-1)(cand+1)=0 (mod n). # Either of the terms divides n. p = gcd(cand + 1, n) - spotted = 1 + spotted = True break - k = k * 2 + k *= 2 # This value was not any good... let's try another! - a = a + 2 + a += 2 if not spotted: raise ValueError("Unable to compute factors p and q from exponent d.") # Found ! diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 3de228bb..33e5373b 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -1719,14 +1719,8 @@ class TestRSAPrimeFactorRecovery(object): # Unfortunately there is no convention on which prime should be p # and which one q. The function we use always makes p < q, but the # NIST vectors are not so consistent. Accordingly we verify we've - # recovered the proper (p, q) by being willing to match against either - # one and then altering the asserts accordingly. - if p == private["p"]: - assert p == private["p"] - assert q == private["q"] - else: - assert p == private["q"] - assert q == private["p"] + # recovered the proper (p, q) by sorting them and asserting on that. + assert sorted([p, q]) == sorted([private["p"], private["q"]]) def test_invalid_recover_prime_factors(self): with pytest.raises(ValueError): |