On Sun, Jan 21, 2024 at 01:49:00PM -0600, Joachim Vandersmissen wrote: > > static int _rsa_enc(const struct rsa_mpi_key *key, MPI c, MPI m) > { > + /* For FIPS, SP 800-56Br2, Section 7.1.1 requires 1 < m < n - 1 */ > + if (fips_enabled && rsa_check_payload_fips(m, key->n)) > + return -EINVAL; > + > /* (1) Validate 0 <= m < n */ > if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0) > return -EINVAL; I think this check makes sense in general, so why not simply replace the second check above with the new check? Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt