Blame openssl-1.0.2a-cc-reqs.patch
|
|
a1fb602 |
diff -up openssl-1.0.2a/crypto/rsa/rsa_gen.c.cc-reqs openssl-1.0.2a/crypto/rsa/rsa_gen.c
|
|
|
a1fb602 |
--- openssl-1.0.2a/crypto/rsa/rsa_gen.c.cc-reqs 2015-04-09 18:22:58.638448432 +0200
|
|
|
a1fb602 |
+++ openssl-1.0.2a/crypto/rsa/rsa_gen.c 2015-04-09 18:22:57.264416692 +0200
|
|
|
a1fb602 |
@@ -474,6 +474,12 @@ static int rsa_builtin_keygen(RSA *rsa,
|
|
|
a1fb602 |
if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
|
|
|
a1fb602 |
goto err;
|
|
|
a1fb602 |
|
|
|
a1fb602 |
+ /* prepare minimum p and q difference */
|
|
|
a1fb602 |
+ if (!BN_one(r3))
|
|
|
a1fb602 |
+ goto err;
|
|
|
a1fb602 |
+ if (bitsp > 100 && !BN_lshift(r3, r3, bitsp - 100))
|
|
|
a1fb602 |
+ goto err;
|
|
|
a1fb602 |
+
|
|
|
a1fb602 |
BN_copy(rsa->e, e_value);
|
|
|
a1fb602 |
|
|
|
a1fb602 |
/* generate p and q */
|
|
|
a1fb602 |
@@ -501,7 +507,9 @@ static int rsa_builtin_keygen(RSA *rsa,
|
|
|
a1fb602 |
do {
|
|
|
a1fb602 |
if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
|
|
|
a1fb602 |
goto err;
|
|
|
a1fb602 |
- } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
|
|
|
a1fb602 |
+ if (!BN_sub(r2, rsa->q, rsa->p))
|
|
|
a1fb602 |
+ goto err;
|
|
|
a1fb602 |
+ } while ((BN_ucmp(r2, r3) <= 0) && (++degenerate < 3));
|
|
|
a1fb602 |
if (degenerate == 3) {
|
|
|
a1fb602 |
ok = 0; /* we set our own err */
|
|
|
a1fb602 |
RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
|