diff options
author | afshinpir <afshinpir@users.noreply.github.com> | 2023-03-08 20:31:54 +1300 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-03-15 08:28:59 +1100 |
commit | 9208967ada02af9c2621efa90402396f831ce344 (patch) | |
tree | 85f03e217aa388f168433397c53fa3cb1dbe1801 /providers | |
parent | 0ad18226d00e57419239c6d1b3e29dcc8960f355 (diff) |
Updated `rsa_has()` for correct validation
CLA: trivial
In RSA, `(n,e)` and `(n,d)` identify public key and private key.
Modulus `n` is the common part. So I updated `rsa_has()` to validate
these pairs correctly. `OSSL_KEYMGMT_SELECT_KEYPAIR` is common part
for both public and private key, so I changed it to check `n` of
RSA and for `OSSL_KEYMGMT_SELECT_PUBLIC_KEY`, `e` is checked. Before
this change, if `selection` was `OSSL_KEYMGMT_SELECT_PRIVATE_KEY` and
only `e` and `d` was in the RSA structure, the function returns 1
while it was incorrect.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20455)
(cherry picked from commit a3207163ef3d30658a41a9c9e3750ca4c5b16677)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/keymgmt/rsa_kmgmt.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index b76835ccc4..7e67316deb 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -124,9 +124,9 @@ static int rsa_has(const void *keydata, int selection) /* OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS are always available even if empty */ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && (RSA_get0_e(rsa) != NULL); - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) ok = ok && (RSA_get0_n(rsa) != NULL); + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) + ok = ok && (RSA_get0_e(rsa) != NULL); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) ok = ok && (RSA_get0_d(rsa) != NULL); return ok; |