diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-06-16 13:04:57 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-08-12 09:25:49 +1000 |
commit | 7c9a7cf12715ac3e906b8d55466f19285fc59e78 (patch) | |
tree | 908ad763b756ba550f6a3a465017306933f4f589 /crypto/bn | |
parent | 1017ab21e478b18dd2d9266955dee7e418932a3c (diff) |
Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072
Fixes #11863
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12162)
Diffstat (limited to 'crypto/bn')
-rw-r--r-- | crypto/bn/bn_rsa_fips186_4.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/bn/bn_rsa_fips186_4.c b/crypto/bn/bn_rsa_fips186_4.c index a8b0a69aee..ab1e1f14ae 100644 --- a/crypto/bn/bn_rsa_fips186_4.c +++ b/crypto/bn/bn_rsa_fips186_4.c @@ -65,7 +65,7 @@ static int bn_rsa_fips186_4_aux_prime_min_size(int nbits) { if (nbits >= 3072) return 171; - if (nbits == 2048) + if (nbits >= 2048) return 141; return 0; } @@ -83,7 +83,7 @@ static int bn_rsa_fips186_4_aux_prime_max_sum_size_for_prob_primes(int nbits) { if (nbits >= 3072) return 1518; - if (nbits == 2048) + if (nbits >= 2048) return 1007; return 0; } |