Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:jengelh:branches:security:tls
openssl-3
openssl-FIPS-RSA-encapsulate.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-FIPS-RSA-encapsulate.patch of Package openssl-3
From afab56d09edb525dd794fcb2ae2295ab7f39400a Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy <dbelyavs@redhat.com> Date: Mon, 21 Aug 2023 16:01:48 +0200 Subject: [PATCH 42/48] 0091-FIPS-RSA-encapsulate.patch Patch-name: 0091-FIPS-RSA-encapsulate.patch Patch-id: 91 --- providers/implementations/kem/rsa_kem.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index 365ae3d7d6..8a6f585d0b 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -265,6 +265,14 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx, *secretlen = nlen; return 1; } + +#ifdef FIPS_MODULE + if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) { + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); + return 0; + } +#endif + /* * Step (2): Generate a random byte string z of nlen bytes where * 1 < z < n - 1 @@ -308,6 +316,13 @@ static int rsasve_recover(PROV_RSA_CTX *prsactx, return 1; } +#ifdef FIPS_MODULE + if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) { + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); + return 0; + } +#endif + /* Step (2): check the input ciphertext 'inlen' matches the nlen */ if (inlen != nlen) { ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH); -- 2.41.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor