rsapub_17k.pem - OpenGrok history log for /openssl/test/recipes/91-test_pkey_check_data/rsapub

Revision		Date	Author	Comments
# e09fc1d7		22-Dec-2023	Tomas Mraz	Limit the execution time of RSA public key check Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take v Limit the execution time of RSA public key check Fixes CVE-2023-6237 If a large and incorrect RSA public key is checked with EVP_PKEY_public_check() the computation could take very long time due to no limit being applied to the RSA public key size and unnecessarily high number of Miller-Rabin algorithm rounds used for non-primality check of the modulus. Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS) will fail the check with RSA_R_MODULUS_TOO_LARGE error reason. Also the number of Miller-Rabin rounds was set to 5. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243) show more ...

Revision

Date

Author

Comments

# e09fc1d7

22-Dec-2023

Tomas Mraz

Limit the execution time of RSA public key check

Fixes CVE-2023-6237

If a large and incorrect RSA public key is checked with
EVP_PKEY_public_check() the computation could take v

Limit the execution time of RSA public key check

Fixes CVE-2023-6237

If a large and incorrect RSA public key is checked with
EVP_PKEY_public_check() the computation could take very long time
due to no limit being applied to the RSA public key size and
unnecessarily high number of Miller-Rabin algorithm rounds
used for non-primality check of the modulus.

Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS)
will fail the check with RSA_R_MODULUS_TOO_LARGE error reason.
Also the number of Miller-Rabin rounds was set to 5.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23243)