QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-10 00:19:40 +00:00
Code Issues Projects Releases Wiki Activity

RT2679: Fix error if keysize too short

Browse Source 
In keygen, return KEY_SIZE_TOO_SMALL not INVALID_KEYBITS.

** I also increased the minimum from 256 to 512, which is now
documented in CHANGES file. **

Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Annie Yousar 2014-09-08 16:50:03 -04:00 committed by Rich Salz
parent 14d3b76be8
commit c56a50b229
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -4,6 +4,10 @@
Changes between 1.0.2 and 1.1.0 [xx XXX xxxx] Changes between 1.0.2 and 1.1.0 [xx XXX xxxx]
*) Increased the minimal RSA keysize from 256 to 512 bits [Rich Salz],
done while fixing the error code for the key-too-small case.
[Annie Yousar <a.yousar@informatik.hu-berlin.de>]
*) Experimental support for a new, fast, unbiased prime candidate generator, *) Experimental support for a new, fast, unbiased prime candidate generator,
bn_probable_prime_dh_coprime(). Not currently used by any prime generator. bn_probable_prime_dh_coprime(). Not currently used by any prime generator.
[Felix Laurie von Massenbach <felix@erbridge.co.uk>] [Felix Laurie von Massenbach <felix@erbridge.co.uk>]

4
crypto/rsa/rsa_pmeth.c
View File

@ -504,9 +504,9 @@ static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return 1; return 1;
case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
if (p1 < 256) if (p1 < 512)
{ {
RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS); RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_KEY_SIZE_TOO_SMALL);
return -2; return -2;
} }
rctx->nbits = p1; rctx->nbits = p1;