Check that the RSA exponent is neither even nor 1 in RSA_check_key()

Part of OpenSSL commit 464d59a5 ok inoguchi jsing
author: tb <> 2022-01-10 00:03:02 +0000
committer: tb <> 2022-01-10 00:03:02 +0000
commit: 527922248e66627df0b9ecef2c588946239b180e (patch)
tree: 1c6cfc1fe3b6c3bd18ba1e97aee7d9c1277e26fe /src
parent: 491113ed39660975d5cf2c9ba2b26f8b3a4d8d4a (diff)
download: openbsd-527922248e66627df0b9ecef2c588946239b180e.tar.gz
openbsd-527922248e66627df0b9ecef2c588946239b180e.tar.bz2
openbsd-527922248e66627df0b9ecef2c588946239b180e.zip
1 files changed, 10 insertions, 1 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c
index 337728d61e..807eae084e 100644
--- a/src/lib/libcrypto/rsa/rsa_chk.c
+++ b/src/lib/libcrypto/rsa/rsa_chk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_chk.c,v 1.14 2022/01/07 09:55:32 tb Exp $ */
+/* $OpenBSD: rsa_chk.c,v 1.15 2022/01/10 00:03:02 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
 *
@@ -81,6 +81,15 @@ RSA_check_key(const RSA *key)
                goto err;
        }
+        if (BN_is_one(key->e)) {
+                ret = 0;
+                RSAerror(RSA_R_BAD_E_VALUE);
+        }
+        if (!BN_is_odd(key->e)) {
+                ret = 0;
+                RSAerror(RSA_R_BAD_E_VALUE);
+        }
        /* p prime? */
        r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
        if (r != 1) {
author	tb <>	2022-01-10 00:03:02 +0000
committer	tb <>	2022-01-10 00:03:02 +0000
commit	527922248e66627df0b9ecef2c588946239b180e (patch)
tree	1c6cfc1fe3b6c3bd18ba1e97aee7d9c1277e26fe /src
parent	491113ed39660975d5cf2c9ba2b26f8b3a4d8d4a (diff)
download	openbsd-527922248e66627df0b9ecef2c588946239b180e.tar.gz openbsd-527922248e66627df0b9ecef2c588946239b180e.tar.bz2 openbsd-527922248e66627df0b9ecef2c588946239b180e.zip