diff options
author | afshinpir <afshinpir@users.noreply.github.com> | 2023-03-08 20:31:54 +1300 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-03-15 08:28:39 +1100 |
commit | a3207163ef3d30658a41a9c9e3750ca4c5b16677 (patch) | |
tree | a89c9b3e4ff93362b7a15d5f323b272481bbf656 /providers | |
parent | 559e078d94f1213318105b03f4e88b848fc28314 (diff) | |
download | openssl-new-a3207163ef3d30658a41a9c9e3750ca4c5b16677.tar.gz |
Updated `rsa_has()` for correct validation
CLA: trivial
In RSA, `(n,e)` and `(n,d)` identify public key and private key.
Modulus `n` is the common part. So I updated `rsa_has()` to validate
these pairs correctly. `OSSL_KEYMGMT_SELECT_KEYPAIR` is common part
for both public and private key, so I changed it to check `n` of
RSA and for `OSSL_KEYMGMT_SELECT_PUBLIC_KEY`, `e` is checked. Before
this change, if `selection` was `OSSL_KEYMGMT_SELECT_PRIVATE_KEY` and
only `e` and `d` was in the RSA structure, the function returns 1
while it was incorrect.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20455)
Diffstat (limited to 'providers')
-rw-r--r-- | providers/implementations/keymgmt/rsa_kmgmt.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index b76835ccc4..7e67316deb 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -124,9 +124,9 @@ static int rsa_has(const void *keydata, int selection) /* OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS are always available even if empty */ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && (RSA_get0_e(rsa) != NULL); - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) ok = ok && (RSA_get0_n(rsa) != NULL); + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) + ok = ok && (RSA_get0_e(rsa) != NULL); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) ok = ok && (RSA_get0_d(rsa) != NULL); return ok; |