From 4b40af0fb3f9b09458502f61cb7dea3974bf386b Mon Sep 17 00:00:00 2001 From: Felipe Ventura Date: Thu, 11 Jan 2024 11:17:46 -0600 Subject: [PATCH] fix rsa size mismatch bug --- oqsprov/oqsprov_keys.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/oqsprov/oqsprov_keys.c b/oqsprov/oqsprov_keys.c index ad5e0f6f..4ed9666e 100644 --- a/oqsprov/oqsprov_keys.c +++ b/oqsprov/oqsprov_keys.c @@ -1123,10 +1123,6 @@ OQSX_KEY *oqsx_key_from_pkcs8(const PKCS8_PRIV_KEY_INFO *p8inf, plen = aux; } } - if (rsa_diff > 4) { // diff is too big, this means an decoding error - ASN1_OCTET_STRING_free(oct); - return NULL; - } oqsx = oqsx_key_op(palg, p, plen + rsa_diff, KEY_OP_PRIVATE, libctx, propq); ASN1_OCTET_STRING_free(oct); @@ -1550,10 +1546,11 @@ static EVP_PKEY *oqsx_key_gen_evp_key(OQSX_EVP_CTX *ctx, unsigned char *pubkey, ret2 = EVP_PKEY_keygen_init(kgctx); ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); if (ctx->evp_info->keytype == EVP_PKEY_RSA) { - if (ctx->evp_info->length_public_key > 270) + if (ctx->evp_info->length_public_key > 270) { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 3072); - else + } else { ret2 = EVP_PKEY_CTX_set_rsa_keygen_bits(kgctx, 2048); + } ON_ERR_SET_GOTO(ret2 <= 0, ret, -1, errhyb); }