Increase OSSL_PARAM_BLD_MAX for multi-prime RSA

The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime RSA. That code has this assert: if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1 + numprimes + numexps + numcoeffs <= OSSL_PARAM_BLD_MAX)) goto err; So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes (more than you would ever reasonably want). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10152)
2019-10-28 14:43:42 +00:00 · 2019-10-28 14:43:42 +00:00 · 081d08fa58
parent 2c938e2ee8
commit 081d08fa58
2 changed files with 2 additions and 5 deletions
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@ -1096,10 +1096,7 @@ static void *rsa_pkey_export_to(const EVP_PKEY *pk, EVP_KEYMGMT *keymgmt,
        if (numprimes < 2 || numexps < 2 || numcoeffs < 1)
            goto err;

-        /*
-         * assert that an OSSL_PARAM_BLD has enough space.
-         * (the current 10 places doesn't have space for multi-primes)
-         */
+        /* assert that an OSSL_PARAM_BLD has enough space. */
        if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
                         + numprimes + numexps + numcoeffs
                         <= OSSL_PARAM_BLD_MAX))
--- a/include/internal/param_build.h
+++ b/include/internal/param_build.h
@ -11,7 +11,7 @@
 #include <openssl/params.h>
 #include <openssl/types.h>

-#define OSSL_PARAM_BLD_MAX 10
+#define OSSL_PARAM_BLD_MAX 25

 typedef struct {
    const char *key;