diff options
author | slontis <shane.lontis@oracle.com> | 2022-10-26 11:10:50 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-10-27 11:48:13 +0200 |
commit | 34e3cbf99f2113ca01b460cf37b56460262979af (patch) | |
tree | 5da3572d6b3c27b896fb5174de5447199766f56d | |
parent | 1cfc95b25c930df4de19c428a74d35f7a7411ab5 (diff) |
Use RSA CRT parameters in FIPS self tests.
Fixes #19488
Use the correct OSSL_PKEY_PARAM_RSA CRT names fior the self tests.
The invalid names cause CRT parameters to be silently ignored.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19501)
(cherry picked from commit c7424fe68c65aa2187a8e4028d7dea742b95d81a)
(cherry picked from commit 4215d649e92bc4c42997ec4a1e65beba1055bbe1)
-rw-r--r-- | CHANGES.md | 10 | ||||
-rw-r--r-- | providers/fips/self_test_data.inc | 10 |
2 files changed, 15 insertions, 5 deletions
diff --git a/CHANGES.md b/CHANGES.md index 27cbc974c3..4adcde7785 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -30,6 +30,16 @@ breaking changes, and mappings for the large list of deprecated functions. ### Changes between 3.0.6 and 3.0.7 [xx XXX xxxx] + * Removed all references to invalid OSSL_PKEY_PARAM_RSA names for CRT parameters + in OpenSSL code. + Applications should not use the names OSSL_PKEY_PARAM_RSA_FACTOR, + OSSL_PKEY_PARAM_RSA_EXPONENT and OSSL_PKEY_PARAM_RSA_COEFFICIENT. + Use the numbered names such as OSSL_PKEY_PARAM_RSA_FACTOR1 instead. + Using these invalid names may cause algorithms to use slower methods + that ignore the CRT parameters. + + *Shane Lontis* + * Added RIPEMD160 to the default provider. *Paul Dale* diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index 5f057d5679..8ae8cd6f4a 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -1270,11 +1270,11 @@ static const ST_KAT_PARAM rsa_crt_key[] = { ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n), ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e), ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_p), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR, rsa_q), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dp), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT, rsa_dq), - ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT, rsa_qInv), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq), + ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv), ST_KAT_PARAM_END() }; |