diff options
| author | Tomas Mraz <tomas@openssl.org> | 2023-04-11 16:24:44 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-04-13 15:23:59 +0200 |
| commit | b3bcdea36df118b0b7ad9f59cd3e21e155a8011c (patch) | |
| tree | 1ead77835885c425009c48710d29eac65b2f7064 /crypto | |
| parent | 74dea9b99364e8d32716e995255c875da1f11b7b (diff) | |
Fix the LCM computation in the RSA multiprime key check
Fixes #20693
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20708)
(cherry picked from commit efbff4de3e259cee71a4e1bbd86b30ebd86bbdae)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/rsa/rsa_chk.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index cccc2d5bac..f65261f5cd 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -124,13 +124,17 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) ret = -1; goto err; } + if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */ + ret = -1; + goto err; + } for (idx = 0; idx < ex_primes; idx++) { pinfo = sk_RSA_PRIME_INFO_value(key->prime_infos, idx); if (!BN_sub(k, pinfo->r, BN_value_one())) { ret = -1; goto err; } - if (!BN_mul(l, l, k, ctx)) { + if (!BN_mul(l, m, k, ctx)) { ret = -1; goto err; } @@ -138,12 +142,12 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) ret = -1; goto err; } + if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */ + ret = -1; + goto err; + } } - if (!BN_div(k, NULL, l, m, ctx)) { /* remainder is 0 */ - ret = -1; - goto err; - } - if (!BN_mod_mul(i, key->d, key->e, k, ctx)) { + if (!BN_mod_mul(i, key->d, key->e, m, ctx)) { ret = -1; goto err; } |