RustCrypto
Introduce a crate feature to allow <1024 bit RSA keys
There are still tons of legacy devices (in particular network switches) out there that use 1024bit RSA keys. The ssh-key crate should provide an escape hatch that lets the consumer make these security decisions themselves.
I'll make a PR shortly
We're discussing enforcing a minimum modulus of 1024-bits in the rsa crate itself: https://github.com/RustCrypto/RSA/issues/445
rsa itself having a feature for that would be a nicer solution I guess? ssh-key could then just forward it.
The only issue I see is that any crate in a workspace could "poison" the rsa create by enabling that feature for the entire workspace.
For my use case personally, I'd be fine with rsa just having a 1024 bit minimum hardcoded (that would be the same that OpenSSH already has)
Yeah, I don't think it makes sense to remove the key size check entirely. 1024-bits should be the hard floor
What's the current thought on the minimum here?
For Arti (the Rust implementation of Tor), we need support for 1024 bit RSA keys (they aren't used for any security purpose, they're legacy keys that exist for backwards compatibility). Would you be open to reducing the minimum to 1024 bits for now?
I'll make a PR for this, but if there's some alternative you'd prefer let me know and I could implement that as well.
@tarcieri given that https://github.com/RustCrypto/RSA/pull/576 is merged, is it acceptable to remove this limit from ssh-key now, or will you want to wait for more to be done on https://github.com/RustCrypto/RSA/issues/445 first?
Just want to get an idea of what the timeline is like on this :)
We ended up reverting that but the plan is to get a soft limit in place before the next release.
I guess we can go ahead and remove the limit here, even if that isn’t fully implemented yet