The old value of 10 for OSSL_PARAM_BLD_MAX is insufficient for multi-prime
RSA. That code has this assert:
if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
+ numprimes + numexps + numcoeffs
<= OSSL_PARAM_BLD_MAX))
goto err;
So we increase OSSL_PARAM_BLD_MAX which would be enough for 7 primes
(more than you would ever reasonably want).
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10152)
if (numprimes < 2 || numexps < 2 || numcoeffs < 1)
goto err;
- /*
- * assert that an OSSL_PARAM_BLD has enough space.
- * (the current 10 places doesn't have space for multi-primes)
- */
+ /* assert that an OSSL_PARAM_BLD has enough space. */
if (!ossl_assert(/* n, e */ 2 + /* d */ 1 + /* numprimes */ 1
+ numprimes + numexps + numcoeffs
<= OSSL_PARAM_BLD_MAX))
#include <openssl/params.h>
#include <openssl/types.h>
-#define OSSL_PARAM_BLD_MAX 10
+#define OSSL_PARAM_BLD_MAX 25
typedef struct {
const char *key;