Skip to content

Commit

Permalink
Fix the LCM computation in the RSA multiprime key check
Browse files Browse the repository at this point in the history 
Fixes #20693

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from #20708)

(cherry picked from commit efbff4d)
  • Loading branch information
@t8m
t8m committed Apr 13, 2023
1 parent 691cb61 commit 8e62506
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 7 deletions.
16 changes: 10 additions & 6 deletions crypto/rsa/rsa_chk.c
View file
Expand Up @@ -124,26 +124,30 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb)
ret = -1;
goto err;
}
if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */
ret = -1;
goto err;
}
for (idx = 0; idx < ex_primes; idx++) {
pinfo = sk_RSA_PRIME_INFO_value(key->prime_infos, idx);
if (!BN_sub(k, pinfo->r, BN_value_one())) {
ret = -1;
goto err;
}
if (!BN_mul(l, l, k, ctx)) {
if (!BN_mul(l, m, k, ctx)) {
ret = -1;
goto err;
}
if (!BN_gcd(m, m, k, ctx)) {
ret = -1;
goto err;
}
if (!BN_div(m, NULL, l, m, ctx)) { /* remainder is 0 */
ret = -1;
goto err;
}
}
if (!BN_div(k, NULL, l, m, ctx)) { /* remainder is 0 */
ret = -1;
goto err;
}
if (!BN_mod_mul(i, key->d, key->e, k, ctx)) {
if (!BN_mod_mul(i, key->d, key->e, m, ctx)) {
ret = -1;
goto err;
}
Expand Down
5 changes: 4 additions & 1 deletion test/recipes/15-test_mp_rsa.t
View file
Expand Up @@ -35,10 +35,13 @@ my @test_param = (
},
);

plan tests => 1 + scalar(@test_param) * 5 * 2;
plan tests => 2 + scalar(@test_param) * 5 * 2;

ok(run(test(["rsa_mp_test"])), "running rsa multi prime test");

ok(run(app(['openssl', 'pkey', '-noout', '-check', '-in',
data_file('rsamplcm.pem')])), "checking lcm in key check");

my $cleartext = data_file("plain_text");

# genrsa
Expand Down
55 changes: 55 additions & 0 deletions test/recipes/15-test_mp_rsa_data/rsamplcm.pem
View file
@@ -0,0 +1,55 @@
-----BEGIN PRIVATE KEY-----
MIIJ3gIBADANBgkqhkiG9w0BAQEFAASCCcgwggnEAgEBAoICAQChMJM44ZMm2OQI
eKTnSEFib0cmahfRV8Byh5fKbcliL8aHRx9IJskg72JRiFfwnsWCYfsrrNzSAY4B
phPE4gZzdN45HTc32rvSzxImNBiIvhA3duzMmFwWBO9RBrNNZQZI3HJ/P3S0iNfV
ZvJz75ClJaQOtXrF9yluBaoFW7spRfMQNXqvYqZXXYMfx8KiQ62FWPEmQOAYrArn
PgB58LJKPAP2d2TwhEKGYjfi45zWAb4GUhCVYqXev/zQyW+oyvhcxlSSrtfmyFpU
7q7crI8ZLz7DLelG2jx5Z83+IiOahIRtENma2Ct+2e0dnH+vrq6eVRiKaHnmBwrR
oR9Oot13kSUhHsYekWDqZDkeAUNxCnoV9Op/I/vsON6fBXKa2N/sICRDihJGLdaN
/Ust2z+Jrn1BBAVEaJVZeePiPJSb6JtVW66erhfkxhyLx17mTNF5v1VRK+M8ZdVt
WUxNCisSCVi3aEVQ5hpcVmOgynR3f1rEDO4WuoOoq/CrE6ESr/2qvmetkXgpOnxQ
s5XZlE5pbB7Xtfkc0rtEmy23RGywq5MzF0N088h7b3cN1i6rXWbAKwBeCXY9POK0
lxPydRwsQsnS9W2qkMLMjIHXJlarpxKUtY+XWr0U9BL4x6qrNAMhSZUjTkUil8Y8
PFYwVLmQNKj6tAM7Ab0IsQax4YszcQIDAQABAoIB/28iCS5bdr6XPY7+N3CvU6hI
EiDK5PHFQDKqb/xRT0ImyEWBPOrEUwRvE8FJFdiSnxK9fL7fTZoMVVDMKv5GeV5u
w5qPfqsPO7S9cu/ZbYGvRgOWHtbJMhvg7i5iOilbXQPLYWvJchQ6nV3NIHl6utcu
SwRue0FGz+dhbIxZBYMB8z87PFxgBDKvLQgY6JspArGQL0U//5QmWF7H/JqJynfu
WvH3GSy819y7S8XFXgQGytalUue8sa9am9ROBlFRy21HuoSZskKTmT5XB43lO18g
jTYZBO8loHG5lihn0BbDfIehckhYMCz/qFJrdln/kCe+6kx78fhzixXOhQxANKnR
dOHP2V5xsTix/Y3RvRL/yBGaPEDBIFMmFGDV8z7cAtF9gI+iSJUjR1dDNNoBgarc
oCj99p+A0BV5AaJKeO7pumMHqNs1Xh+uZTyx2s4E9TeI2Yhf28AJS+h7bWnIIuua
qe9ajptul2QuVlD05dqzZq+QjHhSpP1IbRQsosFYDwZDFklsaFMJ1gzmlNWGFGp1
yDKmZhUCuYF0q8p5g4nixnVGcWe6wzPQv2tPrijKAX78als0HhjACoJXwVbohkPo
4vhdUtIquUmZmGzlELMhEcjiqLCzOx01jhPiy3cHCxIkgjL7+sy2P/DNziOyFZPC
m56Uif62o8CVDGcPN1ECgYEA+GJmtHmVQaoYXwR6l7aYFtuScMJuDZwLQ3hafV8W
Fa7/it0F9UD+H0RC1Jn8vN55oeDD45Hw/9yxGUkdWYPh0gcMsl5PkOL5BVD62aM9
wn2WZ2FqOdrZ0iZzXks7WC6gTWf4CNqIR6f8BfMoj6Xj81fq+KqSmuD9uqLWMPkL
vzcCgYEAxRTNf1AbZhTmMkMIRO1oJbFzu4kW3tUG+MQFT3A3+dPxHn0fDkOmFkNe
unrMPLCrJTDfNPBBQuI1NMTz9URoIcFoiyMqUvmwWLf1NlfXVJnA/SMeLsJuw749
G5y4Tv+o8p8XeeH4/B8WKujqZeWD3l6y632GPqKNUQ1ilcv6kosCgYEA5GhInem4
cVvjcW0C9wR4M3zS21JQNb+rM+42+Fc6TdJRN/csBW4wwbvZ4PuByISlQVEZkemg
vwjI6sGrdaerP6Iv8M59SHUQHe1r4DsXDgTDDGoubulrqK6nJKz1849c5hGXqzya
WZqGTUpfoEkip6HPd8ATdM01Ri173ikGvl0CgYBTj3Vt1H45cwUDLI62At7UlH+Y
dRCgXDw/f4Us4EyrfWRPZAel2aLy74+bi3NLDDEUbLtGy9Mv049xl0xEosNwBHwZ
+kf4tGtDwoOSjf37ndFIwvoKI2ApWGC6c2FmBVoRvMiMYfZal6eje+veVkjqIMbF
uAwSRIOcaQtyrfDI7wKBgBNLowhr4m5L+p2D2SMx/BEmBl04L+HNBWQ0Pf3/RTc3
/vDwgI9wF6w4lG+gpKNwp+UGT8zdASzSxjo9aV2PgfXwqNap9hKfnyvvjUdF2WDm
ysBOmjbbU+03UvVFJrRMxltN8cu+jfX4R6HdxiiPF2n/PzW7kcE+SbdcysSUmnJX
MIIDHjCCAYsCgYEA+7KNCLZLbS/LtgxW6XHcysuudvnS5ivdXguxio8kUpmkhEaC
JHgDgrDXTUBDK9VHqY/uUY9obWjYthWR+MmUJ+isQIyIdujFbFsgvO9YyuPoBvWw
9PTPMk32GE9XfYhy866pE+UpON4dLkaZfU6POYTPafCN1KEQ/xVjF5LdI7UCgYEA
jAyTsQ9N9NktboR7L7XtduHSl9z2XqB1skirZz+ypEtdYUSiUYx915BynEdvmMo5
771oi/VR098NBnQGHvp696HdhqUroY5vm5UxKC+9plcd2hGHfyVgzMrYbjpnoi/0
VmcPKUTPpRbiAcfCzBiUVRrzFi2FnZRpkqXh11IevikCgYANVNtUnTAYTUM2PKTX
NSKgUF3idCans2yotCl6xkCm0NA5+pj+Lqd54yF54JNif7VdCLQQP7cBsGst93L9
Gwk0vNbntpdfjprmsF6xerXmkzmyHROVWbHyavpaeoJpKBZdgh/HcFaP1n6BkI70
Kqn5H3HVhb623tXPNAGRcuRShDCCAYsCgYEA23ytxzFECsxJR+48k+1B4RRb8mS3
dTDPm/+hwWDOAGSouv5iHtlCbzHtJJZHAXrJe9zXE6t0G5u6GUsB/SkIMo++pj0P
48Ol/vXUJP4mPJXUrWMJGndEUQwlygmm1CkN6+CLCYvfU//gS06ePqqagipL41nk
6NTLchQfhAh31DECgYAwOtBw4emCuessbDRRiSQd0nx14h3SGZy1OdIQjTYXLgdJ
t9ZV0wXfK0hh7sfBknqtxhRY1ScZXfnhzvKr75VGjwGkw+w272oNgXVRf6tlSsNG
Kmn4r9aKPLIdGEvZeP//IgNLYLn9Wk+uHKN3P8Pd8G9mkP1VEFV4RuW5/KZgMQKB
gQCRkPn1I58UdGpQf5HzOLsZYWfsoj1RlYUULVCynM9V1FD6uiVeS3VlXNUXAZZj
wQGJF3jx1/xnG5kIpcORq+5t3Oz+Qe6KAOmLyu0R9AUrlreTtHLBFBFLyjXJ/p+O
BiCxZMc6HI7nc0pY8bdcKv/vw7mKRGNuuiZ7+KvWLAX9Pg==
-----END PRIVATE KEY-----

0 comments on commit 8e62506

Please sign in to comment.