Skip to content

Commit

Permalink
crypto: fix rsa key gen with non-default exponent
Browse files Browse the repository at this point in the history
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent
on success, so do not free it.

Fixes: #27087
Fixes: #29433

PR-URL: #27092
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
sam-github authored and BethGriggs committed Oct 18, 2019
1 parent 90fb146 commit 4f0f12c
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
2 changes: 2 additions & 0 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -4864,8 +4864,10 @@ class RSAKeyPairGenerationConfig : public KeyPairGenerationConfig {
BignumPointer bn(BN_new());
CHECK_NOT_NULL(bn.get());
CHECK(BN_set_word(bn.get(), exponent_));
// EVP_CTX acceps ownership of bn on success.
if (EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx.get(), bn.get()) <= 0)
return false;
bn.release();
}

return true;
Expand Down
4 changes: 2 additions & 2 deletions test/parallel/test-crypto-keygen.js
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ function convertDERToPEM(label, der) {
// To make the test faster, we will only test sync key generation once and
// with a relatively small key.
const ret = generateKeyPairSync('rsa', {
publicExponent: 0x10001,
publicExponent: 3,
modulusLength: 512,
publicKeyEncoding: {
type: 'pkcs1',
Expand Down Expand Up @@ -144,7 +144,7 @@ function convertDERToPEM(label, der) {

// Now do the same with an encrypted private key.
generateKeyPair('rsa', {
publicExponent: 0x10001,
publicExponent: 0x1001,
modulusLength: 512,
publicKeyEncoding: {
type: 'pkcs1',
Expand Down

0 comments on commit 4f0f12c

Please sign in to comment.