test in the non-FIPS RSA keygen for minimal distance of p and q

similarly to the FIPS RSA keygen
This commit is contained in:
Tomas Mraz 2015-01-16 16:16:14 +01:00
parent 7e7e3f299f
commit 6a450be963
2 changed files with 34 additions and 3 deletions

View File

@ -0,0 +1,25 @@
diff -up openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.0.1e/crypto/rsa/rsa_gen.c
--- openssl-1.0.1e/crypto/rsa/rsa_gen.c.cc-reqs 2015-01-13 12:45:51.000000000 +0100
+++ openssl-1.0.1e/crypto/rsa/rsa_gen.c 2015-01-15 17:35:04.649697922 +0100
@@ -438,6 +438,10 @@ static int rsa_builtin_keygen(RSA *rsa,
if(!rsa->dmq1 && ((rsa->dmq1=BN_new()) == NULL)) goto err;
if(!rsa->iqmp && ((rsa->iqmp=BN_new()) == NULL)) goto err;
+ /* prepare minimum p and q difference */
+ if (!BN_one(r3)) goto err;
+ if (bitsp > 100 && !BN_lshift(r3, r3, bitsp - 100)) goto err;
+
BN_copy(rsa->e, e_value);
/* generate p and q */
@@ -463,7 +467,9 @@ static int rsa_builtin_keygen(RSA *rsa,
{
if(!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
goto err;
- } while((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
+ if (!BN_sub(r2, rsa->q, rsa->p))
+ goto err;
+ } while((BN_ucmp(r2, r3) <= 0) && (++degenerate < 3));
if(degenerate == 3)
{
ok = 0; /* we set our own err */

View File

@ -23,7 +23,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.1k
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@ -88,7 +88,8 @@ Patch80: openssl-1.0.1j-evp-wrap.patch
Patch81: openssl-1.0.1k-padlock64.patch
Patch84: openssl-1.0.1k-trusted-first.patch
Patch85: openssl-1.0.1e-arm-use-elf-auxv-caps.patch
Patch89: openssl-1.0.1k-ephemeral-key-size.patch
Patch86: openssl-1.0.1k-ephemeral-key-size.patch
Patch87: openssl-1.0.1e-cc-reqs.patch
License: OpenSSL
Group: System Environment/Libraries
@ -210,7 +211,8 @@ cp %{SOURCE12} %{SOURCE13} crypto/ec/
%patch81 -p1 -b .padlock64
%patch84 -p1 -b .trusted-first
%patch85 -p1 -b .armcap
%patch89 -p1 -b .ephemeral
%patch86 -p1 -b .ephemeral
%patch87 -p1 -b .cc-reqs
sed -i 's/SHLIB_VERSION_NUMBER "1.0.0"/SHLIB_VERSION_NUMBER "%{version}"/' crypto/opensslv.h
@ -478,6 +480,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun libs -p /sbin/ldconfig
%changelog
* Thu Jan 15 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-2
- test in the non-FIPS RSA keygen for minimal distance of p and q
similarly to the FIPS RSA keygen
* Fri Jan 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-1
- new upstream release fixing multiple security issues