diff options
| author | slontis <shane.lontis@oracle.com> | 2022-10-26 11:10:50 +1000 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-10-27 11:43:18 +0200 |
| commit | c7424fe68c65aa2187a8e4028d7dea742b95d81a (patch) | |
| tree | ed5c88184f386ffa5e0583b4ef52d13d47843b65 | |
| parent | da7db83cc44d2c8761e9074caf8befd443ea8be8 (diff) | |
Use RSA CRT parameters in FIPS self tests.
Fixes #19488
Use the correct OSSL_PKEY_PARAM_RSA CRT names fior the self tests.
The invalid names cause CRT parameters to be silently ignored.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19501)
| -rw-r--r-- | CHANGES.md | 10 | ||||
| -rw-r--r-- | providers/fips/self_test_data.inc | 10 |
2 files changed, 15 insertions, 5 deletions
diff --git a/CHANGES.md b/CHANGES.md index c05b906a71..f0ecb25483 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -24,6 +24,16 @@ OpenSSL 3.2 ### Changes between 3.0 and 3.2 [xx XXX xxxx] + * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT parameters + in OpenSSL code. + Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR, + OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT. + Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead. + Using these invalid names may cause algorithms to use slower methods + that ignore the CRT parameters. + + *Shane Lontis* + * Add support for certificate compression (RFC8879), including library support for Brotli and Zstandard compression. diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index 5f057d5679..8ae8cd6f4a 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -1270,11 +1270,11 @@ static const ST_KAT_PARAM rsa_crt_key[] = { ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n), ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e), ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv), ST_KAT_PARAM_END() }; |