git.ipfire.org Git - thirdparty/openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Fri, 26 Mar 2021 16:49:27 +0000 (16:49 +0000)
committer	Tomas Mraz <tomas@openssl.org>
	Tue, 30 Mar 2021 17:22:33 +0000 (19:22 +0200)
commit	c6b09ea0fe23a572a781681b3c1f436e8b0932fe
tree	7faff1aad786605cd05cc823b1da74034e34c7e0	tree \| snapshot
parent	6635ea531e9f7709e5880dd77fd4c3403a5c3db7	commit \| diff

Fix change in behaviour of EVP_PKEY_CTRL_RSA_KEYGEN_BITS

In 1.1.1 the ctrl EVP_PKEY_CTRL_RSA_KEYGEN_BITS would fail immediately
if the number of bits was too small. In 3.0 it always succeeds, and only
fails later during the key generation stage.

We fix that so that it fails early like it used to in 1.1.1.

Note that in 1.1.1 it fails with a -2 return code. That is not the case
in 3.0 and has not been addressed here (see #14442)

Fixes #14443

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14702)

crypto/rsa/rsa_local.h		diff \| blob \| blame \| history
include/crypto/rsa.h		diff \| blob \| blame \| history
providers/implementations/keymgmt/rsa_kmgmt.c		diff \| blob \| blame \| history
test/recipes/30-test_evp_data/evppkey_rsa.txt		diff \| blob \| blame \| history