diff options
| author | Tomas Mraz <tomas@openssl.org> | 2023-04-11 16:24:44 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-04-13 15:23:05 +0200 |
| commit | efbff4de3e259cee71a4e1bbd86b30ebd86bbdae (patch) | |
| tree | e46415bf08e2a004afe63d691f097d33aea5e71a /crypto | |
| parent | Fix typo in ssl_ciph.c (diff) | |
| download | openssl-efbff4de3e259cee71a4e1bbd86b30ebd86bbdae.tar.xz openssl-efbff4de3e259cee71a4e1bbd86b30ebd86bbdae.zip | |
Fix the LCM computation in the RSA multiprime key check
Fixes #20693
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/20708)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/rsa/rsa_chk.c | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index f2fc89285b..73ac607da9 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -124,13 +124,17 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) ret = -1; goto err; } + if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */ + ret = -1; + goto err; + } for (idx = 0; idx < ex_primes; idx++) { pinfo = sk_RSA_PRIME_INFO_value(key->prime_infos, idx); if (!BN_sub(k, pinfo->r, BN_value_one())) { ret = -1; goto err; } - if (!BN_mul(l, l, k, ctx)) { + if (!BN_mul(l, m, k, ctx)) { ret = -1; goto err; } @@ -138,12 +142,12 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) ret = -1; goto err; } + if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */ + ret = -1; + goto err; + } } - if (!BN_div(k, NULL, l, m, ctx)) { /* remainder is 0 */ - ret = -1; - goto err; - } - if (!BN_mod_mul(i, key->d, key->e, k, ctx)) { + if (!BN_mod_mul(i, key->d, key->e, m, ctx)) { ret = -1; goto err; } |