Open
Bug 636807
Opened 13 years ago
Updated 5 months ago
libssl and SECKEY_PublicKeyStrengthInBits do not report correct key sizes for RSA and DH keys
Categories
(NSS :: Libraries, defect, P5)
NSS
Libraries
Tracking
(Not tracked)
NEW
People
(Reporter: briansmith, Unassigned)
Details
SECKEY_PublicKeyStrengthInBits calculates the bitlength of integers as 8*bytelength or 8*(bytelength-1) depending on whether there's a leading zero byte. The correct calculation is the one done in sftk_GetLengthInBits. The difference is minor (over-estimating the bitlength by up to seven bits) except for the case where there is more than one leading zero. The result of SECKEY_PublicKeyStrengthInBits is used to make security decisions within libssl and it is relayed to applications.
Reporter | ||
Updated•13 years ago
|
Summary: libssl and SECKEY_PublicKeyStrengthInBits does not report correct bitlengths for RSA or → libssl and SECKEY_PublicKeyStrengthInBits do not report correct key sizes for RSA and DH keys
Updated•2 years ago
|
Severity: normal → S3
Updated•5 months ago
|
Severity: S3 → S4
Priority: -- → P5
You need to log in
before you can comment on or make changes to this bug.
Description
•