fa96b8cfdd
1 OBS-URL: https://build.opensuse.org/request/show/390473 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=131
43 lines
1.5 KiB
Diff
43 lines
1.5 KiB
Diff
Index: openssl-1.0.2g/crypto/rsa/rsa_gen.c
|
|
===================================================================
|
|
--- openssl-1.0.2g.orig/crypto/rsa/rsa_gen.c 2016-04-13 15:07:34.371851679 +0200
|
|
+++ openssl-1.0.2g/crypto/rsa/rsa_gen.c 2016-04-13 15:18:00.630306031 +0200
|
|
@@ -177,6 +177,7 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
|
BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
|
|
BIGNUM local_r0, local_d, local_p;
|
|
BIGNUM *pr0, *d, *p;
|
|
+ BIGNUM *gcd_p1_q1 = NULL, *lcm_p1_q1 = NULL;
|
|
BN_CTX *ctx = NULL;
|
|
int ok = -1;
|
|
int i;
|
|
@@ -204,6 +205,8 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
|
r1 = BN_CTX_get(ctx);
|
|
r2 = BN_CTX_get(ctx);
|
|
r3 = BN_CTX_get(ctx);
|
|
+ gcd_p1_q1 = BN_CTX_get(ctx);
|
|
+ lcm_p1_q1 = BN_CTX_get(ctx);
|
|
|
|
if (r3 == NULL)
|
|
goto err;
|
|
@@ -372,12 +375,18 @@ static int FIPS_rsa_builtin_keygen(RSA *
|
|
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
|
|
} else
|
|
pr0 = r0;
|
|
- if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))
|
|
+
|
|
+ /* calculate lcm(p-1,q-1) = (p-1)*(q-1) / gcd(p-1,q-1) */
|
|
+ if (!BN_gcd(gcd_p1_q1, r1, r2, ctx))
|
|
+ goto err; /* gcd(p-1,q-1) */
|
|
+ if (!BN_div(lcm_p1_q1, NULL, pr0, gcd_p1_q1, ctx))
|
|
+ goto err;
|
|
+ if (!BN_mod_inverse(rsa->d, rsa->e, lcm_p1_q1, ctx))
|
|
goto err; /* d */
|
|
|
|
if (BN_num_bits(rsa->d) < pbits)
|
|
goto retry; /* d is too small */
|
|
-
|
|
+
|
|
/* set up d for correct BN_FLG_CONSTTIME flag */
|
|
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
|
|
d = &local_d;
|