From f098d438361a13d0852404f0d8bb32359469e033 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Thu, 31 Oct 2019 13:10:40 +0000 Subject: Move RSA min modulus to a define and increase from 256 to 512 bits. From OpenSSL 1.1.1d. ok inoguchi@ --- src/lib/libcrypto/rsa/rsa_pmeth.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/lib/libcrypto/rsa/rsa_pmeth.c') diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index 1d51e52fe2..1b6d1de35d 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pmeth.c,v 1.29 2019/10/31 13:06:30 jsing Exp $ */ +/* $OpenBSD: rsa_pmeth.c,v 1.30 2019/10/31 13:10:40 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -454,8 +454,8 @@ pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 1; case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: - if (p1 < 256) { - RSAerror(RSA_R_INVALID_KEYBITS); + if (p1 < RSA_MIN_MODULUS_BITS) { + RSAerror(RSA_R_KEY_SIZE_TOO_SMALL); return -2; } rctx->nbits = p1; -- cgit v1.2.3-55-g6feb