linux.git - Linux kernel mainline tree

diff options

author	Mahmoud Adam <mngyadam@amazon.com>	2023-06-13 16:17:31 +0000
committer	Herbert Xu <herbert@gondor.apana.org.au>	2023-06-23 16:15:36 +0800
commit	6637e11e4ad22ff03183da0dbd36d65c98b81cf7 (patch)
tree	90bdebeb49e1658dfdacc3069fdc36c7fc99d931 /crypto/api.c
parent	ba51738fa78972fb446b49b6b9ddda4058a272e0 (diff)
download	linux-6637e11e4ad22ff03183da0dbd36d65c98b81cf7.tar.gz linux-6637e11e4ad22ff03183da0dbd36d65c98b81cf7.tar.bz2 linux-6637e11e4ad22ff03183da0dbd36d65c98b81cf7.zip

crypto: rsa - allow only odd e and restrict value in FIPS mode

check if rsa public exponent is odd and check its value is between 2^16 < e < 2^256. FIPS 186-5 DSS (page 35)[1] specify that: 1. The public exponent e shall be selected with the following constraints: (a) The public verification exponent e shall be selected prior to generating the primes, p and q, and the private signature exponent d. (b) The exponent e shall be an odd positive integer such that: 2^16 < e < 2^256. [1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf Signed-off-by: Mahmoud Adam <mngyadam@amazon.com> Reviewed-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Diffstat (limited to 'crypto/api.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: