[openssl/openssl] ad7e0f: RSA keygen fixes

slontis noreply at reply.github.openssl.org
Mon Jun 13 08:57:46 UTC 2022 

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: ad7e0fd550a9eb2946edf38003ebc6d5b988dac7
      https://github.openssl.org/openssl/openssl/commit/ad7e0fd550a9eb2946edf38003ebc6d5b988dac7
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/bn/bn_rsa_fips186_4.c

  Log Message:
  -----------
  RSA keygen fixes

Fixes #18321

Increase the iteration factor used when 'Computing a Probable Prime Factor Based on Auxiliary Primes' from 5 to 20.
This matches the algorithm update made in FIPS 186-5.

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)


  Commit: 27c1cfd7653b7204af3301f93ccd2a3decfc309b
      https://github.openssl.org/openssl/openssl/commit/27c1cfd7653b7204af3301f93ccd2a3decfc309b
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/rsa/rsa_gen.c

  Log Message:
  -----------
  RSA Keygen update - When using the default provider fallback to default multiprime keygen if e is < 65537

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)


  Commit: d2399d8cd29f56e6614f0b3db4e7e563a745902a
      https://github.openssl.org/openssl/openssl/commit/d2399d8cd29f56e6614f0b3db4e7e563a745902a
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/bn/bn_err.c
    M crypto/bn/bn_rsa_fips186_4.c
    M crypto/err/openssl.txt
    M include/crypto/bnerr.h
    M include/openssl/bnerr.h

  Log Message:
  -----------
  RSA keygen update: Raise an error if no prime candidate q is found.

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)


Compare: https://github.openssl.org/openssl/openssl/compare/a644cb7c1c19...d2399d8cd29f

More information about the openssl-commits mailing list