From: afshinpir Date: Wed, 8 Mar 2023 07:31:54 +0000 (+1300) Subject: Updated `rsa_has()` for correct validation X-Git-Tag: openssl-3.2.0-alpha1~1176 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3207163ef3d30658a41a9c9e3750ca4c5b16677;p=thirdparty%2Fopenssl.git Updated `rsa_has()` for correct validation CLA: trivial In RSA, `(n,e)` and `(n,d)` identify public key and private key. Modulus `n` is the common part. So I updated `rsa_has()` to validate these pairs correctly. `OSSL_KEYMGMT_SELECT_KEYPAIR` is common part for both public and private key, so I changed it to check `n` of RSA and for `OSSL_KEYMGMT_SELECT_PUBLIC_KEY`, `e` is checked. Before this change, if `selection` was `OSSL_KEYMGMT_SELECT_PRIVATE_KEY` and only `e` and `d` was in the RSA structure, the function returns 1 while it was incorrect. Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/20455) --- diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index b76835ccc43..7e67316deb3 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -124,9 +124,9 @@ static int rsa_has(const void *keydata, int selection) /* OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS are always available even if empty */ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && (RSA_get0_e(rsa) != NULL); - if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) ok = ok && (RSA_get0_n(rsa) != NULL); + if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) + ok = ok && (RSA_get0_e(rsa) != NULL); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) ok = ok && (RSA_get0_d(rsa) != NULL); return ok;