[openssl/openssl] 2b84a6: RSA keygen fixes

slontis noreply at reply.github.openssl.org
Mon Jun 13 08:58:15 UTC 2022


  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 2b84a620d299b9614ab59342eb2911617b1bb3c3
      https://github.openssl.org/openssl/openssl/commit/2b84a620d299b9614ab59342eb2911617b1bb3c3
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/bn/bn_rsa_fips186_4.c

  Log Message:
  -----------
  RSA keygen fixes

Fixes #18321

Increase the iteration factor used when 'Computing a Probable Prime Factor Based on Auxiliary Primes' from 5 to 20.
This matches the algorithm update made in FIPS 186-5.

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)

(cherry picked from commit ad7e0fd550a9eb2946edf38003ebc6d5b988dac7)


  Commit: d5a749b883eb7bcf8bbf28d8be1ef64353b4f7aa
      https://github.openssl.org/openssl/openssl/commit/d5a749b883eb7bcf8bbf28d8be1ef64353b4f7aa
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/rsa/rsa_gen.c

  Log Message:
  -----------
  RSA Keygen update - When using the default provider fallback to default multiprime keygen if e is < 65537

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)

(cherry picked from commit 27c1cfd7653b7204af3301f93ccd2a3decfc309b)


  Commit: 7b92153cfb8ffe1c90ac0a02be8e8d271b342caa
      https://github.openssl.org/openssl/openssl/commit/7b92153cfb8ffe1c90ac0a02be8e8d271b342caa
  Author: slontis <shane.lontis at oracle.com>
  Date:   2022-06-13 (Mon, 13 Jun 2022)

  Changed paths:
    M crypto/bn/bn_err.c
    M crypto/bn/bn_rsa_fips186_4.c
    M crypto/err/openssl.txt
    M include/crypto/bnerr.h
    M include/openssl/bnerr.h

  Log Message:
  -----------
  RSA keygen update: Raise an error if no prime candidate q is found.

Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18429)

(cherry picked from commit d2399d8cd29f56e6614f0b3db4e7e563a745902a)


Compare: https://github.openssl.org/openssl/openssl/compare/e8c886104f94...7b92153cfb8f


More information about the openssl-commits mailing list