kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
a54ebffa76
boringssl/crypto/rsa
History
Adam Langley a54ebffa76 Fix lower bound in e in FIPS RSA checking. 
SP 800-89 5.3.3 references FIPS 186 for the bounds on e. I /think/
that's section B.3.1 which says:

  (b) The exponent e shall be an odd positive integer such that 2¹⁶ < e < 2²⁵⁶.

But that means that e has to be at least 17 bits. The check for
BN_is_odd ensures that 2¹⁶ itself is rejected.

Change-Id: Ib39f9d43032cbfe33317651c7b6eceb41b123291
Reviewed-on: https://boringssl-review.googlesource.com/15324
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-04-20 20:43:52 +00:00
..
blinding.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
CMakeLists.txt Convert rsa_test to GTest. 2017-02-16 22:23:16 +00:00
internal.h Unwind multiprime RSA support. 2017-04-12 23:14:57 +00:00
padding.c Remove redundant check in RSA_sign. 2017-04-12 22:06:11 +00:00
rsa_asn1.c Unwind multiprime RSA support. 2017-04-12 23:14:57 +00:00
rsa_impl.c Unwind multiprime RSA support. 2017-04-12 23:14:57 +00:00
rsa_test.cc Fix check_fips for public keys and synchronize the EC and RSA versions. 2017-04-13 17:33:40 +00:00
rsa.c Fix lower bound in e in FIPS RSA checking. 2017-04-20 20:43:52 +00:00