kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Verify consistency of RSA keys after generation & parsing. 

Call |RSA_check_key| after parsing an RSA private key in order to
verify that the key is consistent. This is consistent with ECC key
parsing, which does a similar key check.

Call |RSA_check_key| after key generation mostly as a way of
double-checking the key generation was done correctly. A similar check
was not added to |EC_KEY_generate| because |EC_KEY_generate| is used
for generating ephemeral ECDH keys, and the check would be too
expensive for that use.

Change-Id: I5759d0d101c00711bbc30f81a3759f8bff01427c
Reviewed-on: https://boringssl-review.googlesource.com/7522
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
kris/onging/CECPQ3_patch15
Brian Smith 8 years ago
committed by CQ bot account: commit-bot@chromium.org
parent
a36255cd4d
commit
febf77190f
3 changed files with 26 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -0
      crypto/rsa/rsa_asn1.c
  2. +8
    -1
      crypto/rsa/rsa_impl.c
  3. +13
    -0
      crypto/rsa/rsa_test.cc

+ 5
- 0
crypto/rsa/rsa_asn1.c View File

@@ -280,6 +280,11 @@ RSA *RSA_parse_private_key(CBS *cbs) {
goto err;
}

if (!RSA_check_key(ret)) {
OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
goto err;
}

BN_CTX_free(ctx);
BN_free(product_of_primes_so_far);
return ret;


+ 8
- 1
crypto/rsa/rsa_impl.c View File

@@ -1079,10 +1079,17 @@ int rsa_default_multi_prime_keygen(RSA *rsa, int bits, int num_primes,
}
}

ok = 1;
rsa->additional_primes = additional_primes;
additional_primes = NULL;

/* The key generation process is complex and thus error-prone. It could be
* disastrous to generate and then use a bad key so double-check that the key
* makes sense. */
ok = RSA_check_key(rsa);
if (!ok) {
OPENSSL_PUT_ERROR(RSA, RSA_R_INTERNAL_ERROR);
}

err:
if (ok == -1) {
OPENSSL_PUT_ERROR(RSA, ERR_LIB_BN);


+ 13
- 0
crypto/rsa/rsa_test.cc View File

@@ -688,6 +688,19 @@ static bool TestBadKey() {
return false;
}

uint8_t *der;
size_t der_len;
if (!RSA_private_key_to_bytes(&der, &der_len, key.get())) {
fprintf(stderr, "RSA_private_key_to_bytes failed to serialize bad key\n.");
return false;
}
bssl::UniquePtr<uint8_t> delete_der(der);

key.reset(RSA_private_key_from_bytes(der, der_len));
if (key) {
fprintf(stderr, "RSA_private_key_from_bytes accepted bad key\n.");
}

ERR_clear_error();
return true;
}


Write Preview
Loading…
Cancel
Save