Move RSA min modulus to a define and increase from 256 to 512 bits.

From OpenSSL 1.1.1d. ok inoguchi@
author: jsing <jsing@openbsd.org> 2019-10-31 13:10:40 +0000
committer: jsing <jsing@openbsd.org> 2019-10-31 13:10:40 +0000
commit: a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142 (patch)
tree: e2aa02b9b428e60f370d765d9460a94593743e48 /lib/libcrypto/rsa/rsa_pmeth.c
parent: Fix indent and indent before labels. (diff)
download: wireguard-openbsd-a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142.tar.xz
wireguard-openbsd-a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libcrypto/rsa/rsa_pmeth.c b/lib/libcrypto/rsa/rsa_pmeth.c
index 1d51e52fe26..1b6d1de35de 100644
--- a/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.29 2019/10/31 13:06:30 jsing Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.30 2019/10/31 13:10:40 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -454,8 +454,8 @@ pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 		return 1;
 
 	case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
-		if (p1 < 256) {
-			RSAerror(RSA_R_INVALID_KEYBITS);
+		if (p1 < RSA_MIN_MODULUS_BITS) {
+			RSAerror(RSA_R_KEY_SIZE_TOO_SMALL);
 			return -2;
 		}
 		rctx->nbits = p1;
author	jsing <jsing@openbsd.org>	2019-10-31 13:10:40 +0000
committer	jsing <jsing@openbsd.org>	2019-10-31 13:10:40 +0000
commit	a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142 (patch)
tree	e2aa02b9b428e60f370d765d9460a94593743e48 /lib/libcrypto/rsa/rsa_pmeth.c
parent	Fix indent and indent before labels. (diff)
download	wireguard-openbsd-a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142.tar.xz wireguard-openbsd-a307e4ca5e504c2f6a3e3ffef5e146ddb3b82142.zip