Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure RSA keys have p > q #20833

Closed
wants to merge 1 commit into from
Closed

Ensure RSA keys have p > q #20833

wants to merge 1 commit into from

Conversation

rkarmaka98
Copy link
Contributor

Fixes #20823

Adding p>q check in ossl_rsa_sp800_56b_generate_key() function as mentioned in #20823 (comment).

CLA: trivial

@rkarmaka98 rkarmaka98 changed the title bug: OpenSSL 3.0 may generate RSA keys with p < q #20823 bug: OpenSSL 3.0 may generate RSA keys with p < q Apr 26, 2023
paulidale
paulidale approved these changes Apr 26, 2023
View reviewed changes
Copy link
Contributor

@paulidale paulidale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm okay calling this trivial.

@paulidale paulidale added branch: master Merge to master branch approval: review pending This pull request needs review by a committer branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 labels Apr 26, 2023
tom-cosgrove-arm
tom-cosgrove-arm approved these changes Apr 26, 2023
View reviewed changes
Copy link
Contributor

@tom-cosgrove-arm tom-cosgrove-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tom-cosgrove-arm tom-cosgrove-arm added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Apr 26, 2023
@github-actions github-actions bot added the severity: fips change The pull request changes FIPS provider sources label Apr 26, 2023
@hlandau hlandau added approval: review pending This pull request needs review by a committer and removed approval: done This pull request has the required number of approvals labels Apr 26, 2023
@tom-cosgrove-arm tom-cosgrove-arm changed the title bug: OpenSSL 3.0 may generate RSA keys with p < q Ensure RSA keys have p > q Apr 26, 2023
@t8m t8m added hold: cla required The contributor needs to submit a license agreement cla: trivial One of the commits is marked as 'CLA: trivial' triaged: bug The issue/pr is/fixes a bug labels Apr 26, 2023
t8m
t8m requested changes Apr 26, 2023
View reviewed changes
Copy link
Member

@t8m t8m left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my opinion, this is outside of what is acceptable with CLA: trivial.

@openssl-machine openssl-machine removed the hold: cla required The contributor needs to submit a license agreement label Apr 26, 2023
t8m
t8m reviewed Apr 26, 2023
View reviewed changes
crypto/rsa/rsa_sp800_56b_gen.c Outdated
@@ -395,7 +395,7 @@ int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
goto err;

/* p>q check and skipping in case of acvp test */
if (!info && (BN_cmp(rsa->p, rsa->q) < 0)) {
if ((info == NULL) && (BN_cmp(rsa->p, rsa->q) < 0)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please drop the extra parentheses

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@t8m Did you want both pairs of redundant parentheses removed, or just the first pair? IIRC the precedence of < is > that of ==, so if we remove the brackets for the first term we should remove it for the second, too

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, both

@rkarmaka98
Copy link
Contributor Author

In my opinion, this is outside of what is acceptable with CLA: trivial.

Signed ICLA and sent it to legal.

t8m
t8m reviewed Apr 26, 2023
View reviewed changes
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
tom-cosgrove-arm
tom-cosgrove-arm approved these changes Apr 26, 2023
View reviewed changes
Copy link
Contributor

@tom-cosgrove-arm tom-cosgrove-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tom-cosgrove-arm tom-cosgrove-arm added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Apr 26, 2023
@tom-cosgrove-arm
Copy link
Contributor

tom-cosgrove-arm commented Apr 26, 2023
edited

It seems that this is no longer CLA: trivial, and the OP has sent in their ICLA, but how do we know when that has been received? (openssl-machine removed the hold: cla required - does that mean the CLA is now on file?)

@paulidale
Copy link
Contributor

@tom-cosgrove-arm, the merge will fail without the CLA. Closing and reopening the PR will kick the CLA bot into action.

@t8m, I really don't see a different way to write this which is why I was okay with trivial. I guess the comment or variable name could vary???

@t8m
Copy link
Member

t8m commented Apr 27, 2023
edited

@tom-cosgrove-arm, the merge will fail without the CLA. Closing and reopening the PR will kick the CLA bot into action.

@t8m, I really don't see a different way to write this which is why I was okay with trivial. I guess the comment or variable name could vary???

You can also declare the variable within the for loop or even within the if. So yeah there can be variations.

@rkarmaka98
Copy link
Contributor Author

@t8m Should I close and reopen PR to remove CLA required tag as I am in db?

@paulidale paulidale closed this Apr 27, 2023
@paulidale paulidale reopened this Apr 27, 2023
@paulidale paulidale removed the cla: trivial One of the commits is marked as 'CLA: trivial' label Apr 27, 2023
@paulidale
Copy link
Contributor

Shouldn't be necessary to do anything now.

@openssl-machine
Copy link
Collaborator

24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually.

@tom-cosgrove-arm
Copy link
Contributor

Hmm, weird, macOS builds were cancelled by a newer commit, but don't seem to have run on whichever the newer commit was

@tom-cosgrove-arm
Copy link
Contributor

(a quick look and I don't see an obvious execution date in the logs)

@tom-cosgrove-arm tom-cosgrove-arm added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Apr 28, 2023
@rkarmaka98
Copy link
Contributor Author

Hmm, weird, macOS builds were cancelled by a newer commit, but don't seem to have run on whichever the newer commit was

for this build buildbot/master:unix-macos11-m1 showing Master shutdown in cancelled log.

@t8m t8m removed the approval: ready to merge The 24 hour grace period has passed, ready to merge label Apr 28, 2023
@t8m
Copy link
Member

t8m commented Apr 28, 2023

Unfortunately the e-mail address associated with the commit is the github anonymized one which is different from what was submitted on the ICLA. Could you please squash the commits and amend the author e-mail?

@rkarmaka98
Copy link
Contributor Author

Unfortunately the e-mail address associated with the commit is the github anonymized one which is different from what was submitted on the ICLA. Could you please squash the commits and amend the author e-mail?

Done

@t8m
Copy link
Member

t8m commented Apr 28, 2023

Merged to master, 3.1, and 3.0 branches. Thank you for your contribution.

@t8m t8m closed this Apr 28, 2023
openssl-machine pushed a commit that referenced this pull request Apr 28, 2023
@rkarmaka98 @t8m
Avoid generating RSA keys with p < q
dc231eb 
We swap p and q in that case except when ACVP tests are being run.

Fixes #20823

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #20833)
openssl-machine pushed a commit that referenced this pull request Apr 28, 2023
@rkarmaka98 @t8m
Avoid generating RSA keys with p < q
9250589 
We swap p and q in that case except when ACVP tests are being run.

Fixes #20823

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #20833)

(cherry picked from commit dc231eb)
openssl-machine pushed a commit that referenced this pull request Apr 28, 2023
@rkarmaka98 @t8m
Avoid generating RSA keys with p < q
87abde5 
We swap p and q in that case except when ACVP tests are being run.

Fixes #20823

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #20833)

(cherry picked from commit dc231eb)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hlandau hlandau hlandau approved these changes

@zzl360 zzl360 zzl360 left review comments

@t8m t8m t8m approved these changes

@paulidale paulidale paulidale approved these changes

@tom-cosgrove-arm tom-cosgrove-arm tom-cosgrove-arm approved these changes

Assignees
No one assigned
Labels
branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 severity: fips change The pull request changes FIPS provider sources triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OpenSSL 3.0 may generate RSA keys with p < q
7 participants
@rkarmaka98 @tom-cosgrove-arm @paulidale @t8m @openssl-machine @hlandau @zzl360