163057e
From afab56d09edb525dd794fcb2ae2295ab7f39400a Mon Sep 17 00:00:00 2001
163057e
From: Dmitry Belyavskiy <dbelyavs@redhat.com>
163057e
Date: Mon, 21 Aug 2023 16:01:48 +0200
163057e
Subject: [PATCH 42/48] 0091-FIPS-RSA-encapsulate.patch
163057e
163057e
Patch-name: 0091-FIPS-RSA-encapsulate.patch
163057e
Patch-id: 91
163057e
---
163057e
 providers/implementations/kem/rsa_kem.c | 15 +++++++++++++++
163057e
 1 file changed, 15 insertions(+)
163057e
163057e
diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c
163057e
index 365ae3d7d6..8a6f585d0b 100644
163057e
--- a/providers/implementations/kem/rsa_kem.c
163057e
+++ b/providers/implementations/kem/rsa_kem.c
163057e
@@ -265,6 +265,14 @@ static int rsasve_generate(PROV_RSA_CTX *prsactx,
163057e
             *secretlen = nlen;
163057e
         return 1;
163057e
     }
163057e
+
163057e
+#ifdef FIPS_MODULE
163057e
+    if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
163057e
+        ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
163057e
+        return 0;
163057e
+    }
163057e
+#endif
163057e
+
163057e
     /*
163057e
      * Step (2): Generate a random byte string z of nlen bytes where
163057e
      *            1 < z < n - 1
163057e
@@ -308,6 +316,13 @@ static int rsasve_recover(PROV_RSA_CTX *prsactx,
163057e
         return 1;
163057e
     }
163057e
 
163057e
+#ifdef FIPS_MODULE
163057e
+    if (nlen < OPENSSL_RSA_FIPS_MIN_MODULUS_BITS/8) {
163057e
+        ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL);
163057e
+        return 0;
163057e
+    }
163057e
+#endif
163057e
+
163057e
     /* Step (2): check the input ciphertext 'inlen' matches the nlen */
163057e
     if (inlen != nlen) {
163057e
         ERR_raise(ERR_LIB_PROV, PROV_R_BAD_LENGTH);
163057e
-- 
163057e
2.41.0
163057e