diff options
author | Clemens Lang <cllang@redhat.com> | 2023-10-16 15:30:26 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-10-25 09:26:51 +0100 |
commit | 8b268541d9aabee51699aef22963407362830ef9 (patch) | |
tree | 97e0b588645924b1f0d44cca06f9583ffbeda400 /crypto/rsa | |
parent | df5f419b14de9ff47082c42f2a2db6557ceca84f (diff) |
rsa: Add SP800-56Br2 6.4.1.2.1 (3.c) check
The code did not yet check that the length of the RSA key is positive
and even.
Signed-off-by: Clemens Lang <cllang@redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/22403)
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa_sp800_56b_check.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c index fc8f19b487..e6b79e953d 100644 --- a/crypto/rsa/rsa_sp800_56b_check.c +++ b/crypto/rsa/rsa_sp800_56b_check.c @@ -403,6 +403,11 @@ int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_KEYPAIR); return 0; } + /* (Step 3.c): check that the modulus length is a positive even integer */ + if (nbits <= 0 || (nbits & 0x1)) { + ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_KEYPAIR); + return 0; + } ctx = BN_CTX_new_ex(rsa->libctx); if (ctx == NULL) |