Handle minimum key size for OAEP (prevent overflow error with 512bit keys and OaepSHA256), add testing for more key sizes

Author: cwhde

RSA.commons/ICommonRSAUnitTest.cs

@@ -2,7 +2,7 @@ namespace RSA.commons;
 
 public interface ICommonRSAUnitTest
 {
-    void GenerateKeys_ShouldNotErrorAndReturnWorkingKeys();
+    void GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes();
     void EncryptString_ShouldRunWithProvenKeysOfMultipleFormats();
     void DecryptString_ShouldOutputCorrectTextWithProvenKeysOfMultipleFormats();
     void EncryptString_ShouldThrowExceptionWithInvalidPadding();

RSA/RSA.cs

@@ -268,6 +268,13 @@ private static byte[] ApplyPkcs1Padding(byte[] dataBytes, int keySize)
 
     private static byte[] ApplyOaepPadding(byte[] dataBytes, int keySize, bool useSHA256)
     {
+        // Check if the key size is large enough for OAEP
+        int maxKeySize = useSHA256 ? 1024 : 512;
+        if (keySize < maxKeySize)
+        {
+            throw new ArgumentException("Key size too small for OAEP padding (minimum 1024 bits for SHA256, 512 bits for SHA1)");
+        }
+        
         int chunkSize = keySize / 8; // Chunk size is the key's size in bytes
         int hashLength = useSHA256 ? 32 : 20;
         int dbLength = chunkSize - hashLength - 1;

cs-RSA.sln.DotSettings.user

@@ -7,7 +7,24 @@
 	<s:String x:Key="/Default/Environment/UnitTesting/CreateUnitTestDialog/TestProjectMapping/=69E3EC28_002D9C44_002D4220_002DACEE_002D5FE1CF7A4C42/@EntryIndexedValue">E56C5D00-9269-48D3-AC8A-C0CF7FD60592</s:String>
 	<s:String x:Key="/Default/Environment/UnitTesting/CreateUnitTestDialog/TestProjectMapping/=6CD39657_002D12AF_002D456D_002DA7E7_002D65106279F02E/@EntryIndexedValue">ReferenceRSA.Tests</s:String>
 	<s:String x:Key="/Default/Environment/UnitTesting/CreateUnitTestDialog/TestTemplateMapping/=MSTest/@EntryIndexedValue">d6790ab7-33c2-4425-b2c9-51480cd1a852</s:String>
-	<s:String x:Key="/Default/Environment/UnitTesting/UnitTestSessionStore/Sessions/=d027b926_002D8256_002D4fc4_002D8f60_002D601fb40bbfd3/@EntryIndexedValue">&lt;SessionState ContinuousTestingMode="0" IsActive="True" Name="GenerateKeys_ShouldNotErrorAndReturnWorkingKeys" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"&gt;&#xD;
+	<s:String x:Key="/Default/Environment/UnitTesting/UnitTestSessionStore/Sessions/=10f3e468_002D8ebc_002D4d90_002D980c_002D37791e2f0eeb/@EntryIndexedValue">&lt;SessionState ContinuousTestingMode="0" IsActive="True" Name="GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes #2" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"&gt;&#xD;
+  &lt;TestAncestor&gt;&#xD;
+    &lt;TestId&gt;MSTest::E56C5D00-9269-48D3-AC8A-C0CF7FD60592::net9.0::csRSA.Tests.RSATest.GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes&lt;/TestId&gt;&#xD;
+  &lt;/TestAncestor&gt;&#xD;
+&lt;/SessionState&gt;</s:String>
+	<s:String x:Key="/Default/Environment/UnitTesting/UnitTestSessionStore/Sessions/=3364e7df_002Df20f_002D487b_002D82ad_002Dfad6c0538bf0/@EntryIndexedValue">&lt;SessionState ContinuousTestingMode="0" Name="GenerateKeys_ShouldNotErrorAndReturnWorkingKeys" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"&gt;&#xD;
+  &lt;TestAncestor&gt;&#xD;
+    &lt;TestId&gt;MSTest::E56C5D00-9269-48D3-AC8A-C0CF7FD60592::net9.0::csRSA.Tests.RSATest&lt;/TestId&gt;&#xD;
+    &lt;TestId&gt;MSTest::E56C5D00-9269-48D3-AC8A-C0CF7FD60592::net9.0::csRSA.Tests.ReferenceRSATest.GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes&lt;/TestId&gt;&#xD;
+  &lt;/TestAncestor&gt;&#xD;
+&lt;/SessionState&gt;</s:String>
+	<s:String x:Key="/Default/Environment/UnitTesting/UnitTestSessionStore/Sessions/=b2bbe27c_002Da36a_002D49c3_002D95b5_002Df24073568e90/@EntryIndexedValue">&lt;SessionState ContinuousTestingMode="0" Name="GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"&gt;&#xD;
+  &lt;TestAncestor&gt;&#xD;
+    &lt;TestId&gt;MSTest::E56C5D00-9269-48D3-AC8A-C0CF7FD60592::net9.0::csRSA.Tests.ReferenceRSATest.GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes&lt;/TestId&gt;&#xD;
+    &lt;TestId&gt;MSTest::E56C5D00-9269-48D3-AC8A-C0CF7FD60592::net9.0::csRSA.Tests.RSATest.GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes&lt;/TestId&gt;&#xD;
+  &lt;/TestAncestor&gt;&#xD;
+&lt;/SessionState&gt;</s:String>
+	<s:String x:Key="/Default/Environment/UnitTesting/UnitTestSessionStore/Sessions/=d027b926_002D8256_002D4fc4_002D8f60_002D601fb40bbfd3/@EntryIndexedValue">&lt;SessionState ContinuousTestingMode="0" Name="GenerateKeys_ShouldNotErrorAndReturnWorkingKeys" xmlns="urn:schemas-jetbrains-com:jetbrains-ut-session"&gt;&#xD;
   &lt;Solution /&gt;&#xD;
 &lt;/SessionState&gt;</s:String>
 	<s:Boolean x:Key="/Default/UserDictionary/Words/=bitperbyte/@EntryIndexedValue">True</s:Boolean>

csRSA.Tests/RSATest.cs

@@ -14,9 +14,9 @@ public class RSATest : ICommonRSAUnitTest
 
     [TestMethod]
     // Pass if generating keys and then using them doesn't throw an error and the decrypted text is the same as the original text
-    public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeys()
+    public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes()
     {
-        int[] keySizes = [512, 1024, 2048, 4096];
+        int[] keySizes = [512, 1024, 2048, 4096, 8192];
         string text = "Less than 256 bits";
 
         foreach (int keySize in keySizes)
@@ -25,6 +25,7 @@ public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeys()
 
             string encryptedText = _selfImplementedRSA.EncryptString(publicKey, "pkcs1", text);
             string decryptedText = _selfImplementedRSA.DecryptString(privateKey, "pkcs1", encryptedText);
+            
             Assert.AreEqual(text, decryptedText);
         }
     }
@@ -44,6 +45,7 @@ public void EncryptString_ShouldRunWithProvenKeysOfMultipleFormats()
         {
             string cipherText = _selfImplementedRSA.EncryptString(publicKey, "pkcs1", plainText);
             byte[] encryptedBytes = Convert.FromBase64String(cipherText);
+            
             Assert.AreEqual(256, encryptedBytes.Length);
         }
     }

csRSA.Tests/ReferenceRSATest.cs

@@ -14,9 +14,9 @@ public class ReferenceRSATest : ICommonRSAUnitTest
 
     [TestMethod]
     // Pass if generating keys and then using them doesn't throw an error and the decrypted text is the same as the original text
-    public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeys()
+    public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeysInAllSizes()
     {
-        int[] keySizes = [512, 1024, 2048, 4096];
+        int[] keySizes = [512, 1024, 2048, 4096, 8192];
         string text = "Less than 256 bits";
 
         foreach (int keySize in keySizes)
@@ -25,6 +25,7 @@ public void GenerateKeys_ShouldNotErrorAndReturnWorkingKeys()
 
             string encryptedText = _referenceRSA.EncryptString(publicKey, "pkcs1", text);
             string decryptedText = _referenceRSA.DecryptString(privateKey, "pkcs1", encryptedText);
+            
             Assert.AreEqual(text, decryptedText);
         }
     }
@@ -44,6 +45,7 @@ public void EncryptString_ShouldRunWithProvenKeysOfMultipleFormats()
         {
             string cipherText = _referenceRSA.EncryptString(publicKey, "pkcs1", plainText);
             byte[] encryptedBytes = Convert.FromBase64String(cipherText);
+            
             Assert.AreEqual(256, encryptedBytes.Length);
         }
     }