diff options
author | Matt Caswell <matt@openssl.org> | 2021-03-26 16:49:27 +0000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-03-30 19:22:33 +0200 |
commit | c6b09ea0fe23a572a781681b3c1f436e8b0932fe (patch) | |
tree | 7faff1aad786605cd05cc823b1da74034e34c7e0 | |
parent | 6635ea531e9f7709e5880dd77fd4c3403a5c3db7 (diff) |
Fix change in behaviour of EVP_PKEY_CTRL_RSA_KEYGEN_BITS
In 1.1.1 the ctrl EVP_PKEY_CTRL_RSA_KEYGEN_BITS would fail immediately
if the number of bits was too small. In 3.0 it always succeeds, and only
fails later during the key generation stage.
We fix that so that it fails early like it used to in 1.1.1.
Note that in 1.1.1 it fails with a -2 return code. That is not the case
in 3.0 and has not been addressed here (see #14442)
Fixes #14443
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14702)
-rw-r--r-- | crypto/rsa/rsa_local.h | 1 | ||||
-rw-r--r-- | include/crypto/rsa.h | 2 | ||||
-rw-r--r-- | providers/implementations/keymgmt/rsa_kmgmt.c | 12 | ||||
-rw-r--r-- | test/recipes/30-test_evp_data/evppkey_rsa.txt | 2 |
4 files changed, 12 insertions, 5 deletions
diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index 6979adfcd1..ea70da05ad 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -14,7 +14,6 @@ #include "crypto/rsa.h" #define RSA_MAX_PRIME_NUM 5 -#define RSA_MIN_MODULUS_BITS 512 typedef struct rsa_prime_info_st { BIGNUM *r; diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index 69fa8a4d8a..73bf03f615 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -16,6 +16,8 @@ # include <openssl/x509.h> # include "crypto/types.h" +#define RSA_MIN_MODULUS_BITS 512 + typedef struct rsa_pss_params_30_st { int hash_algorithm_nid; struct { diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index eac3843884..1bcb6ed603 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -19,6 +19,7 @@ #include <openssl/err.h> #include <openssl/rsa.h> #include <openssl/evp.h> +#include <openssl/proverr.h> #include "prov/implementations.h" #include "prov/providercommon.h" #include "prov/provider_ctx.h" @@ -473,9 +474,14 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) if (params == NULL) return 1; - if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_BITS)) != NULL - && !OSSL_PARAM_get_size_t(p, &gctx->nbits)) - return 0; + if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_BITS)) != NULL) { + if (!OSSL_PARAM_get_size_t(p, &gctx->nbits)) + return 0; + if (gctx->nbits < RSA_MIN_MODULUS_BITS) { + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); + return 0; + } + } if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_PRIMES)) != NULL && !OSSL_PARAM_get_size_t(p, &gctx->primes)) return 0; diff --git a/test/recipes/30-test_evp_data/evppkey_rsa.txt b/test/recipes/30-test_evp_data/evppkey_rsa.txt index 4354bd649a..79e6715f4c 100644 --- a/test/recipes/30-test_evp_data/evppkey_rsa.txt +++ b/test/recipes/30-test_evp_data/evppkey_rsa.txt @@ -614,5 +614,5 @@ Title = Test RSA keygen KeyGen = rsaEncryption Ctrl = rsa_keygen_bits:128 KeyName = tmprsa -Result = KEYGEN_GENERATE_ERROR +Result = PKEY_CTRL_ERROR Reason = key size too small |