From 0aacffd6a2630f683de1e807cf236dd043013b77 Mon Sep 17 00:00:00 2001 From: jordan Date: Wed, 9 Jul 2025 20:55:50 -0500 Subject: [PATCH] linuxkm rsa: retry wc_MakeRsaKey if not prime. --- linuxkm/lkcapi_rsa_glue.c | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/linuxkm/lkcapi_rsa_glue.c b/linuxkm/lkcapi_rsa_glue.c index 6f8bd5770..8b95ab512 100644 --- a/linuxkm/lkcapi_rsa_glue.c +++ b/linuxkm/lkcapi_rsa_glue.c @@ -2075,7 +2075,17 @@ static int linuxkm_test_rsa_driver(const char * driver, int nbits) } #endif /* WC_RSA_BLINDING */ - ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + for (;;) { + /* Retry if not prime. */ + ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + #ifdef HAVE_FIPS + if (ret == WC_NO_ERR_TRACE(PRIME_GEN_E)) { + continue; + } + #endif + break; + } + if (ret) { pr_err("error: make rsa key returned: %d\n", ret); goto test_rsa_end; @@ -2431,7 +2441,17 @@ static int linuxkm_test_pkcs1pad_driver(const char * driver, int nbits, } #endif /* WC_RSA_BLINDING */ - ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + for (;;) { + /* Retry if not prime. */ + ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + #ifdef HAVE_FIPS + if (ret == WC_NO_ERR_TRACE(PRIME_GEN_E)) { + continue; + } + #endif + break; + } + if (ret) { pr_err("error: make rsa key returned: %d\n", ret); test_rc = ret; @@ -2929,7 +2949,17 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits, } #endif /* WC_RSA_BLINDING */ - ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + for (;;) { + /* Retry if not prime. */ + ret = wc_MakeRsaKey(key, nbits, WC_RSA_EXPONENT, &rng); + #ifdef HAVE_FIPS + if (ret == WC_NO_ERR_TRACE(PRIME_GEN_E)) { + continue; + } + #endif + break; + } + if (ret) { pr_err("error: make rsa key returned: %d\n", ret); test_rc = ret;