Skip to content

Commit

Permalink
Add warning about low public key exponent (#5234)
Browse files Browse the repository at this point in the history
Co-authored-by: Ernesto García <[email protected]>
Signed-off-by: Hadrien Croubois <[email protected]>
  • Loading branch information
Amxx and ernestognw committed Oct 2, 2024
1 parent 4e2ac51 commit fd29158
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions contracts/utils/cryptography/RSA.sol
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,12 @@ library RSA {
* 2048 bits. If you use a smaller key, consider replacing it with a larger, more secure, one.
*
* WARNING: This verification algorithm doesn't prevent replayability. If called multiple times with the same
* digest, public key and (valid signature), it will return true every time. Consider including an onchain nonce or
* unique identifier in the message to prevent replay attacks.
* digest, public key and (valid signature), it will return true every time. Consider including an onchain nonce
* or unique identifier in the message to prevent replay attacks.
*
* WARNING: This verification algorithm supports any exponent. NIST recommends using `65537` (or higher).
* That is the default value many libraries use, such as OpenSSL. Developers may choose to reject public keys
* using a low exponent out of security concerns.
*
* @param digest the digest to verify
* @param s is a buffer containing the signature
Expand Down

0 comments on commit fd29158

Please sign in to comment.