Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix tls.test_tls_cert.RSA512_SHA256 test #1479

Merged
merged 2 commits into from
Dec 15, 2020
Merged

Fix tls.test_tls_cert.RSA512_SHA256 test #1479

merged 2 commits into from
Dec 15, 2020

Conversation

krizhanovsky
Copy link
Contributor

@krizhanovsky krizhanovsky commented Dec 12, 2020
edited
Loading

Print warning and exit with error if a user tries to load an RSA certificate with a key smaller than 1024 bits.

Do not check ctx->padding since we check it before the function calls.

Small coding style cleanups.

Note that __rsa_setup_ctx() during the for_each_possible_cpu() loop uses current CPU stack for all the big integer allocations, including ttls_mpi_inv_mod() and ttls_mpi_exp_mod(), and that's OK since the function is called on configuration time only and the stack allocations are used for temporal data only.

@krizhanovsky
Print warning and exit with error if a user tries to load an RSA cert…
3190e27 
…ificate

with a key smaller than 1024 bits.

Do not check ctx->padding since we check it before the function calls.

Small coding style cleanups.
krizhanovsky added a commit to tempesta-tech/tempesta-test that referenced this pull request Dec 12, 2020
@krizhanovsky
Fix tls.test_tls_cert.RSA512_SHA256.
71de2e0 
See also tempesta-tech/tempesta#1479
@krizhanovsky
Cleanup mpool stack in ttls_mpi_inv_mod() to avoid out of free memory
916289b 
in the pool on large RSA keys.

Fix errors counting in __rsa_setup_ctx().

Simplify per cpu reading in the mpool code.
@krizhanovsky krizhanovsky mentioned this pull request Dec 13, 2020
Merged
vankoven
vankoven approved these changes Dec 14, 2020
View reviewed changes
Copy link
Contributor

@vankoven vankoven left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

tls/rsa.c Show resolved Hide resolved
tls/rsa.c Show resolved Hide resolved
i-rinat
i-rinat approved these changes Dec 15, 2020
View reviewed changes
Copy link
Contributor

@i-rinat i-rinat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@krizhanovsky krizhanovsky merged commit 95dddf4 into master Dec 15, 2020
@krizhanovsky krizhanovsky deleted the ak-fix-rsa-cert branch December 15, 2020 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@i-rinat i-rinat i-rinat approved these changes

@vankoven vankoven vankoven approved these changes

Assignees

@vankoven vankoven

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@krizhanovsky @i-rinat @vankoven