New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rsa: Add SP800-56Br2 6.4.1.2.1 (3.c) check #22403
Conversation
Should we also backport it to 3.0/3.1? Do we need tests for it? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
ba05e16
to
66f89aa
Compare
I added a test. |
The code did not yet check that the length of the RSA key is positive and even. Signed-off-by: Clemens Lang <cllang@redhat.com>
66f89aa
to
0d873f9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This pull request is ready to merge |
Needs a reconfirmation from @beldmit or a second approval from someone else. |
Reconfirm |
This pull request is ready to merge |
Looks like this was added in SP800-56B r2 (It was not part of SP800-56Br1).. |
This very much looks like a breaking change of behaviour. I suspect the fix is to condition this on FIPS or add a FIPS setting to enable/disable it. Yes, this is new in r2. |
It was discussed above that this function is never run outside of FIPS module. Apart from the unit test. |
Which would mean a settable flag to alter the behaviour. |
IMO there are no such keys generated by any FIPS approved methods ever since they were added in the FIPS 186-x standards. So the only potential breakage is to use a key generated by other means with the FIPS provider. |
Pushed. Thanks. |
The code did not yet check that the length of the RSA key is positive and even. Signed-off-by: Clemens Lang <cllang@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from #22403)
The code did not yet check that the length of the RSA key is positive and even. Signed-off-by: Clemens Lang <cllang@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from openssl/openssl#22403) Signed-off-by: fly2x <fly2x@hitls.org>
The code did not yet check that the length of the RSA key is positive and even.