fix: do not panic on a prime being 1 when loading a secret key (#624)

Fixes
GHSA-9c48-w39g-hm26

Author: dignifiedquire

Cargo.lock

@@ -13,7 +13,7 @@ readme = "README.md"
 rust-version = "1.65"
 
 [dependencies]
-num-bigint = { version = "0.8.2", features = ["i128", "prime", "zeroize"], default-features = false, package = "num-bigint-dig" }
+num-bigint = { version = "0.8.6", features = ["i128", "prime", "zeroize"], default-features = false, package = "num-bigint-dig" }
 num-traits = { version= "0.2.9", default-features = false, features = ["libm"] }
 num-integer = { version = "0.1.39", default-features = false }
 rand_core = { version = "0.6.4", default-features = false }

Cargo.toml

@@ -391,7 +391,7 @@ impl RsaPrivateKey {
         let mut m = BigUint::one();
         for prime in &self.primes {
             // Any primes ≤ 1 will cause divide-by-zero panics later.
-            if *prime < BigUint::one() {
+            if *prime <= BigUint::one() {
                 return Err(Error::InvalidPrime);
             }
             m *= prime;
@@ -538,7 +538,7 @@ mod tests {
     use crate::algorithms::rsa::{rsa_decrypt_and_check, rsa_encrypt};
 
     use hex_literal::hex;
-    use num_traits::{FromPrimitive, ToPrimitive};
+    use num_traits::{FromPrimitive, ToPrimitive, Zero};
     use pkcs8::DecodePrivateKey;
     use rand_chacha::{rand_core::SeedableRng, ChaCha8Rng};
 
@@ -841,4 +841,19 @@ mod tests {
 
         assert_eq!(key.d(), ref_key.d());
     }
+
+    #[test]
+    fn test_key_invalid_primes() {
+        let e = RsaPrivateKey::from_components(
+            BigUint::from_u64(239).unwrap(),
+            BigUint::from_u64(185).unwrap(),
+            BigUint::zero(),
+            vec![
+                BigUint::from_u64(1).unwrap(),
+                BigUint::from_u64(239).unwrap(),
+            ],
+        )
+        .unwrap_err();
+        assert_eq!(e, Error::InvalidPrime);
+    }
 }