diff options
author | slontis <shane.lontis@oracle.com> | 2022-05-30 18:03:11 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-06-13 10:58:05 +0200 |
commit | d5a749b883eb7bcf8bbf28d8be1ef64353b4f7aa (patch) | |
tree | cafa0699fcf44ac76e30839a6ee460cb2c83aaef | |
parent | 2b84a620d299b9614ab59342eb2911617b1bb3c3 (diff) |
RSA Keygen update - When using the default provider fallback to default multiprime keygen if e is < 65537
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)
(cherry picked from commit 27c1cfd7653b7204af3301f93ccd2a3decfc309b)
-rw-r--r-- | crypto/rsa/rsa_gen.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index ac64483e6a..4a3387f19e 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -426,20 +426,22 @@ static int rsa_keygen(OSSL_LIB_CTX *libctx, RSA *rsa, int bits, int primes, { int ok = 0; +#ifdef FIPS_MODULE + ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); + pairwise_test = 1; /* FIPS MODE needs to always run the pairwise test */ +#else /* - * Only multi-prime keys or insecure keys with a small key length will use - * the older rsa_multiprime_keygen(). + * Only multi-prime keys or insecure keys with a small key length or a + * public exponent <= 2^16 will use the older rsa_multiprime_keygen(). */ - if (primes == 2 && bits >= 2048) + if (primes == 2 + && bits >= 2048 + && (e_value == NULL || BN_num_bits(e_value) > 16)) ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); -#ifndef FIPS_MODULE else ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb); #endif /* FIPS_MODULE */ -#ifdef FIPS_MODULE - pairwise_test = 1; /* FIPS MODE needs to always run the pairwise test */ -#endif if (pairwise_test && ok > 0) { OSSL_CALLBACK *stcb = NULL; void *stcbarg = NULL; |