Align RSA_generate_key_fips and EVP_PKEY_keygen indicator checks to be consistent generation constraints

skmcgrail · skmcgrail · commit dad17eb13ece · 2024-09-06T23:45:48.000Z
diff --git a/crypto/fipsmodule/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c
@@ -1257,7 +1257,7 @@ int RSA_generate_key_fips(RSA *rsa, int bits, BN_GENCB *cb) {
   // integer and greater than or equal to 2048 bits. Furthermore, this standard
   // specifies that p and q be of the same bit length – namely, half the bit
   // length of n
-  if (bits < 2048 || bits % 2 != 0) {
+  if (bits < 2048 || bits % 128 != 0) {
     OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);
     return 0;
   }
diff --git a/crypto/fipsmodule/service_indicator/service_indicator.c b/crypto/fipsmodule/service_indicator/service_indicator.c
@@ -298,9 +298,10 @@ void ECDH_verify_service_indicator(const EC_KEY *ec_key) {
 void EVP_PKEY_keygen_verify_service_indicator(const EVP_PKEY *pkey) {
   if (pkey->type == EVP_PKEY_RSA || pkey->type == EVP_PKEY_RSA_PSS) {
     // The approved RSA key sizes for signing are key sizes >= 2048 bits and
-    // bits % 2 == 0.
+    // bits % 2 == 0, though we check bits % 128 == 0 for consistency with
+    // our RSA key generation.
     size_t n_bits = RSA_bits(pkey->pkey.rsa);
-    if (n_bits >= 2048 && n_bits % 2 == 0) {
+    if (n_bits >= 2048 && n_bits % 128 == 0) {
       FIPS_service_indicator_update_state();
     }
   } else if (pkey->type == EVP_PKEY_EC) {

Original file line number	Diff line number	Diff line change
`@@ -1257,7 +1257,7 @@ int RSA_generate_key_fips(RSA rsa, int bits, BN_GENCB cb) {`
`1257`	`1257`	`// integer and greater than or equal to 2048 bits. Furthermore, this standard`
`1258`	`1258`	`// specifies that p and q be of the same bit length – namely, half the bit`
`1259`	`1259`	`// length of n`
`1260`		`- if (bits < 2048 \|\| bits % 2 != 0) {`
	`1260`	`+ if (bits < 2048 \|\| bits % 128 != 0) {`
`1261`	`1261`	`OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS);`
`1262`	`1262`	`return 0;`
`1263`	`1263`	`}`