lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Merge pull request #7864 from waleed-elmelegy-arm/enforce-min-RSA-key-size

Browse Source 
Enforce minimum key size when generating RSA key size
This commit is contained in:
Dave Rodgman
2023-08-03 12:57:52 +00:00
committed by GitHub
parent 1d4d944e19 d4e7fe09b3
commit 6f80ac4979
11 changed files with 91 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
library/psa_crypto.c
View File

@ -7364,6 +7364,9 @@ static psa_status_t psa_validate_key_type_and_size_for_key_generation(
if (bits > PSA_VENDOR_RSA_MAX_KEY_BITS) {
return PSA_ERROR_NOT_SUPPORTED;
}
if (bits < PSA_VENDOR_RSA_GENERATE_MIN_KEY_BITS) {
return PSA_ERROR_NOT_SUPPORTED;
}
/* Accept only byte-aligned keys, for the same reasons as
* in psa_import_rsa_key(). */

7
library/rsa.c
View File

@ -545,7 +545,12 @@ int mbedtls_rsa_gen_key(mbedtls_rsa_context *ctx,
mbedtls_mpi_init(&G);
mbedtls_mpi_init(&L);
if (nbits < 128 || exponent < 3 || nbits % 2 != 0) {
if (exponent < 3 || nbits % 2 != 0) {
ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
goto cleanup;
}
if (nbits < MBEDTLS_RSA_GEN_KEY_MIN_BITS) {
ret = MBEDTLS_ERR_RSA_BAD_INPUT_DATA;
goto cleanup;
}