Add RsaPrivateKey::from_components_with_large_exponent#648
Merged
tarcieri merged 1 commit intoRustCrypto:masterfrom Jan 27, 2026
Merged
Add RsaPrivateKey::from_components_with_large_exponent#648tarcieri merged 1 commit intoRustCrypto:masterfrom
RsaPrivateKey::from_components_with_large_exponent#648tarcieri merged 1 commit intoRustCrypto:masterfrom
Conversation
tarcieri
reviewed
Jan 26, 2026
Comment on lines
416
to
427
| /// # ⚠️ Warning: Hazmat! | ||
| /// | ||
| /// This method accepts public exponents outside the standard bounds (2 ≤ e ≤ 2^33-1), | ||
| /// but still performs full cryptographic validation to ensure the key is mathematically | ||
| /// correct (i.e., verifies that de ≡ 1 mod λ(n)). | ||
| /// | ||
| /// This is intended for interoperating with systems that use non-standard exponents | ||
| /// or loading legacy keys. Use [`RsaPrivateKey::from_components`] for standard key | ||
| /// construction. |
Member
There was a problem hiding this comment.
It might be good to add some citations on why large public exponents are bad to deter use: https://www.imperialviolet.org/2012/03/17/rsados.html
Contributor
|
fwiw for long term I think the whole construct is redundant when the key can be expressed through trait impl (and it's associated types) where we can impl it for the common things I also allows expressivity to stack based things without copying things given trait provided methods can provide validation. |
mendess
force-pushed
the
private-key-unchecked
branch
from
200eec9 to
7002035
Compare
tarcieri
approved these changes
Jan 27, 2026
tarcieri
changed the title
RsaPrivateKey::from_components_with_large_exponent
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We need to use rsa keys with large exponents, this was something that was a breaking change introduced in 2edd479#diff-0988d5d2259e1a401001675578c38d09c46290b877b66b07fb96a7e034ccdf70L274-R273
This commit mostly moves code around to avoid having duplicate code and introduces
RsaPrivateKey::from_components_with_large_exponentas a way to support this use case