diff options
| author | tb <> | 2023-03-04 20:54:52 +0000 | 
|---|---|---|
| committer | tb <> | 2023-03-04 20:54:52 +0000 | 
| commit | 990d95a448bfa7728c50a299c62b3fcbfe57d9eb (patch) | |
| tree | 56d6ce1822f7f755194f5fbf467c6b748c4ec587 /src/lib/libcrypto/rsa/rsa_prn.c | |
| parent | 82dda41e0d08799a2a3e1c9de816ee1c4bea6851 (diff) | |
| download | openbsd-990d95a448bfa7728c50a299c62b3fcbfe57d9eb.tar.gz openbsd-990d95a448bfa7728c50a299c62b3fcbfe57d9eb.tar.bz2 openbsd-990d95a448bfa7728c50a299c62b3fcbfe57d9eb.zip | |
Provide dsa_check_key()
This is a cheap check that ensures basid parameter consistency per
FIPS 186-4: 1 < g < q, that q has the allowed bit sizes 160, 224, 256
and that p is neither too small nor too large. Unfortunately, enforcing
the three allowed sizes for p is not possible since the default dsa key
generation has not respected this limitation.
Instead of checking that p and q are prime, we only check that they
are odd. Check that public and private keys, if set, are in the proper
range. In particular, disallow zero values.
Various versions of these checks have been added to the dsa code
over time. This consolidates and extends them and in a subsequent
commit wewill replace the incomplete checks. BoringSSL has a similar
function of the same name, thanks to David Benjamin for pointing it
out.
ok beck jsing
Diffstat (limited to 'src/lib/libcrypto/rsa/rsa_prn.c')
0 files changed, 0 insertions, 0 deletions
