New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure RSA keys have p > q #20833
Ensure RSA keys have p > q #20833
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm okay calling this trivial.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In my opinion, this is outside of what is acceptable with CLA: trivial.
crypto/rsa/rsa_sp800_56b_gen.c
Outdated
@@ -395,7 +395,7 @@ int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, | |||
goto err; | |||
|
|||
/* p>q check and skipping in case of acvp test */ | |||
if (!info && (BN_cmp(rsa->p, rsa->q) < 0)) { | |||
if ((info == NULL) && (BN_cmp(rsa->p, rsa->q) < 0)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please drop the extra parentheses
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@t8m Did you want both pairs of redundant parentheses removed, or just the first pair? IIRC the precedence of <
is > that of ==
, so if we remove the brackets for the first term we should remove it for the second, too
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, both
Signed ICLA and sent it to legal. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
It seems that this is no longer |
@tom-cosgrove-arm, the merge will fail without the CLA. Closing and reopening the PR will kick the CLA bot into action. @t8m, I really don't see a different way to write this which is why I was okay with trivial. I guess the comment or variable name could vary??? |
You can also declare the variable within the for loop or even within the if. So yeah there can be variations. |
@t8m Should I close and reopen PR to remove CLA required tag as I am in db? |
Shouldn't be necessary to do anything now. |
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
Hmm, weird, macOS builds were cancelled by a newer commit, but don't seem to have run on whichever the newer commit was |
(a quick look and I don't see an obvious execution date in the logs) |
for this build |
Unfortunately the e-mail address associated with the commit is the github anonymized one which is different from what was submitted on the ICLA. Could you please squash the commits and amend the author e-mail? |
d2d5d64
to
1285e7c
Compare
Done |
Merged to master, 3.1, and 3.0 branches. Thank you for your contribution. |
Fixes #20823
Adding p>q check in
ossl_rsa_sp800_56b_generate_key()
function as mentioned in #20823 (comment).CLA: trivial