diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-10-31 13:10:41 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-10-31 13:10:41 +0000 |
| commit | bfc6803e10a381ffdf7313315a96f008ade380f5 (patch) | |
| tree | 8eb30a34f4a92621af3865e29da45c11ef5730f9 /lib/libcrypto/rsa | |
| parent | 935b93767a12adf1868d5a45f6e33ebeee0249d0 (diff) | |
Move RSA min modulus to a define and increase from 256 to 512 bits.
From OpenSSL 1.1.1d.
ok inoguchi@
Diffstat (limited to 'lib/libcrypto/rsa')
| -rw-r--r-- | lib/libcrypto/rsa/rsa_locl.h | 4 | ||||
| -rw-r--r-- | lib/libcrypto/rsa/rsa_pmeth.c | 6 |
2 files changed, 6 insertions, 4 deletions
diff --git a/lib/libcrypto/rsa/rsa_locl.h b/lib/libcrypto/rsa/rsa_locl.h index 0d867997773..a10ea958b58 100644 --- a/lib/libcrypto/rsa/rsa_locl.h +++ b/lib/libcrypto/rsa/rsa_locl.h @@ -1,7 +1,9 @@ -/* $OpenBSD: rsa_locl.h,v 1.6 2019/10/24 16:26:13 jsing Exp $ */ +/* $OpenBSD: rsa_locl.h,v 1.7 2019/10/31 13:10:40 jsing Exp $ */ __BEGIN_HIDDEN_DECLS +#define RSA_MIN_MODULUS_BITS 512 + typedef struct rsa_oaep_params_st { X509_ALGOR *hashFunc; X509_ALGOR *maskGenFunc; diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c index 1d51e52fe26..1b6d1de35de 100644 --- a/lib/libcrypto/rsa/rsa_pmeth.c +++ b/lib/libcrypto/rsa/rsa_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pmeth.c,v 1.29 2019/10/31 13:06:30 jsing Exp $ */ +/* $OpenBSD: rsa_pmeth.c,v 1.30 2019/10/31 13:10:40 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -454,8 +454,8 @@ pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: - if (p1 < 256) { - RSAerror(RSA_R_INVALID_KEYBITS); + if (p1 < RSA_MIN_MODULUS_BITS) { + RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); return -2; } rctx->nbits = p1; |