Limit the execution time of RSA public key check

Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take very long time due to no limit being applied to the RSA public key size and unnecessarily high number of Miller-Rabin algorithm rounds used for non-primality check of the modulus. Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS) will fail the check with RSA_R_MODULUS_TOO_LARGE error reason. Also the number of Miller-Rabin rounds was set to 5. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243)
author: Tomas Mraz <tomas@openssl.org> 2023-12-22 16:25:56 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-01-15 10:54:34 +0100
commit: e09fc1d746a4fd15bb5c3d7bbbab950aadd005db (patch)
tree: a5355086a070e72c0862e296810731a5e924003c /test/recipes/91-test_pkey_check.t
parent: 486ab0fb003d05f89620662260486d31bd3faa8c (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/test/recipes/91-test_pkey_check.t b/test/recipes/91-test_pkey_check.t
index dc7cc64533..f8088df14d 100644
--- a/test/recipes/91-test_pkey_check.t
+++ b/test/recipes/91-test_pkey_check.t
@@ -70,7 +70,7 @@ push(@positive_tests, (
     "dhpkey.pem"
     )) unless disabled("dh");
 
-my @negative_pubtests = ();
+my @negative_pubtests = ("rsapub_17k.pem");  # Too big RSA public key
 
 push(@negative_pubtests, (
     "dsapub_noparam.der"
author	Tomas Mraz <tomas@openssl.org>	2023-12-22 16:25:56 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-01-15 10:54:34 +0100
commit	e09fc1d746a4fd15bb5c3d7bbbab950aadd005db (patch)
tree	a5355086a070e72c0862e296810731a5e924003c /test/recipes/91-test_pkey_check.t
parent	486ab0fb003d05f89620662260486d31bd3faa8c (diff)