rsa/rsa_gen.c: ensure backward compatibility with external rsa->meth.

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4770)
2017-11-21 22:34:50 +01:00 · 2017-11-21 22:34:50 +01:00 · e44480cc26
commit e44480cc26
parent 88ac224cda
1 changed files with 14 additions and 1 deletions
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@ -42,9 +42,22 @@ int RSA_generate_multi_prime_key(RSA *rsa, int bits, int primes,
                                 BIGNUM *e_value, BN_GENCB *cb)
 {
    /* multi-prime is only supported with the builtin key generation */
-    if (rsa->meth->rsa_multi_prime_keygen != NULL)
+    if (rsa->meth->rsa_multi_prime_keygen != NULL) {
        return rsa->meth->rsa_multi_prime_keygen(rsa, bits, primes,
                                                 e_value, cb);
+    } else if (rsa->meth->rsa_keygen != NULL) {
+        /*
+         * However, if rsa->meth implements only rsa_keygen, then we
+         * have to honour it in 2-prime case and assume that it wouldn't
+         * know what to do with multi-prime key generated by builtin
+         * subroutine...
+         */
+        if (primes == 2)
+            return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
+        else
+            return 0;
+    }
+
    return rsa_builtin_keygen(rsa, bits, primes, e_value, cb);
 }