Open Bug 636807 Opened 13 years ago Updated 5 months ago

libssl and SECKEY_PublicKeyStrengthInBits do not report correct key sizes for RSA and DH keys

Categories

(NSS :: Libraries, defect, P5)

Tracking

(Not tracked)

People

(Reporter: briansmith, Unassigned)

Details

SECKEY_PublicKeyStrengthInBits calculates the bitlength of integers as 8*bytelength or 8*(bytelength-1) depending on whether there's a leading zero byte. The correct calculation is the one done in sftk_GetLengthInBits. The difference is minor (over-estimating the bitlength by up to seven bits) except for the case where there is more than one leading zero.

The result of SECKEY_PublicKeyStrengthInBits is used to make security decisions within libssl and it is relayed to applications.
Summary: libssl and SECKEY_PublicKeyStrengthInBits does not report correct bitlengths for RSA or → libssl and SECKEY_PublicKeyStrengthInBits do not report correct key sizes for RSA and DH keys
Severity: normal → S3
Severity: S3 → S4
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.