diff options
author | Annie Yousar <a.yousar@informatik.hu-berlin.de> | 2014-09-08 16:50:03 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2014-11-20 13:45:25 -0500 |
commit | c56a50b229932d2cef651d931b71a8cbffb029da (patch) | |
tree | 2c0064de0702bf68aa169c0c1b83c6b97a429086 /crypto/rsa/rsa_pmeth.c | |
parent | 14d3b76be88ec68cda613186bb62415c7a17e573 (diff) |
RT2679: Fix error if keysize too short
In keygen, return KEY_SIZE_TOO_SMALL not INVALID_KEYBITS.
** I also increased the minimum from 256 to 512, which is now
documented in CHANGES file. **
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'crypto/rsa/rsa_pmeth.c')
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 96d1d05735..651127846e 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -504,9 +504,9 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: - if (p1 < 256) + if (p1 < 512) { - RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS); + RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_KEY_SIZE_TOO_SMALL); return -2; } rctx->nbits = p1; |