Google Git
Sign in
boringssl / boringssl / 4972fd602f89abdf9e7633a52a088bed40b39375^! / .
commit4972fd602f89abdf9e7633a52a088bed40b39375[log] [tgz]
authorDavid Benjamin <davidben@google.com>Fri Jan 10 15:01:54 2025 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Jan 13 10:06:36 2025 -0800
tree69df92c0b7c8f717ae2bd890f2f12ef959139f26
parent574fd72ebc0a15c4e54066e368c7834e6f86205d [diff]
Remove some RSA_is_opaque and EC_KEY_is_opaque special cases

We can still check the public parts, which we now expect callers to
provide. (Without rsa->n, PSS does not work, and a group-less EC_KEY
tends to break horribly.) Though it's also pretty unlikely anyone is
calling these functions on such keys.

Update-Note: The filled in parts of keys backed by RSA_METHOD and
ECDSA_METHOD will now participate in RSA_check_key and EC_KEY_check_key.

Bug: 42290186
Change-Id: I3ebc952f6adb36e9ff6a6ae8413ef0ecd72ae6b6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/75147
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>

diff --git a/crypto/fipsmodule/ec/ec_key.cc.inc b/crypto/fipsmodule/ec/ec_key.cc.inc
index 6de67e6..fa001b3 100644
--- a/crypto/fipsmodule/ec/ec_key.cc.inc
+++ b/crypto/fipsmodule/ec/ec_key.cc.inc

@@ -277,12 +277,6 @@
   int ret = 0;
   FIPS_service_indicator_lock_state();
 
-  if (EC_KEY_is_opaque(key)) {
-    // Opaque keys can't be checked.
-    OPENSSL_PUT_ERROR(EC, EC_R_PUBLIC_KEY_VALIDATION_FAILED);
-    goto end;
-  }
-
   if (!EC_KEY_check_key(key)) {
     goto end;
   }

diff --git a/crypto/fipsmodule/rsa/rsa.cc.inc b/crypto/fipsmodule/rsa/rsa.cc.inc
index 5e26e43..6c857ad 100644
--- a/crypto/fipsmodule/rsa/rsa.cc.inc
+++ b/crypto/fipsmodule/rsa/rsa.cc.inc

@@ -738,11 +738,6 @@
   // https://crbug.com/boringssl/316. As a result, we inconsistently check RSA
   // invariants. We should fix this and integrate that logic.
 
-  if (RSA_is_opaque(key)) {
-    // Opaque keys can't be checked.
-    return 1;
-  }
-
   if (!rsa_check_public_key(key)) {
     return 0;
   }
@@ -893,12 +888,6 @@
 }
 
 int RSA_check_fips(RSA *key) {
-  if (RSA_is_opaque(key)) {
-    // Opaque keys can't be checked.
-    OPENSSL_PUT_ERROR(RSA, RSA_R_PUBLIC_KEY_VALIDATION_FAILED);
-    return 0;
-  }
-
   if (!RSA_check_key(key)) {
     return 0;
   }
@@ -919,8 +908,11 @@
   // match. This is only a plausibility test and we expect the value to be
   // composite, so too few iterations will cause us to reject the key, not use
   // an implausible one.
+  //
+  // |key->e| may be nullptr if created with |RSA_new_private_key_no_e|.
   enum bn_primality_result_t primality_result;
-  if (BN_num_bits(key->e) <= 16 ||  //
+  if (key->e == nullptr ||          //
+      BN_num_bits(key->e) <= 16 ||  //
       BN_num_bits(key->e) > 256 ||  //
       !BN_is_odd(key->n) ||         //
       !BN_is_odd(key->e) ||