root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Avoid generating RSA keys with p < q 

We swap p and q in that case except when ACVP tests are being run.

Fixes #20823

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20833)
This commit is contained in:
rkarmaka98 2023-04-26 07:53:35 +00:00 committed by Tomas Mraz
parent 004bd8f97d
commit dc231eb598
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/rsa/rsa_sp800_56b_gen.c
View File

@ -361,6 +361,7 @@ int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
BN_CTX *ctx = NULL;
BIGNUM *e = NULL;
RSA_ACVP_TEST *info = NULL;
BIGNUM *tmp;
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
info = rsa->acvp_test;
@ -392,6 +393,14 @@ int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
/* (Step 2) Generate prime factors */
if (!ossl_rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, cb))
goto err;
/* p>q check and skipping in case of acvp test */
if (info == NULL && BN_cmp(rsa->p, rsa->q) < 0) {
tmp = rsa->p;
rsa->p = rsa->q;
rsa->q = tmp;
}
/* (Steps 3-5) Compute params d, n, dP, dQ, qInv */
ok = ossl_rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx);
if (ok < 0)