provider: rsa: Check RSA keys with p < q at key generation and import

Since OpenSSL 3.0 the OpenSSL RSA key generation taking place within libica
may generate RSA keys where p < q (privileged form). While such a key is
automatically corrected with the first call to libica's ica_rsa_crt(), such
correction modifies the libica RSA key object and may cause concurrency
problems when the same key object is used by multiple threads.

Check and correct such keys right after key generation or during import,
so that it is ensured that p > q whenever the key is used afterwards, and
thus no correction is applied by ica_rsa_crt() later on.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Author: ifranzki

src/provider/rsa_keymgmt.c

@@ -1203,6 +1203,15 @@ static void *ibmca_keymgmt_rsa_gen(void *vgenctx, OSSL_CALLBACK *osslcb,
         }
     }
 
+    /* If p < q, swap and recalculate now */
+    rc = ica_rsa_crt_key_check(&key->rsa.private);
+    if (rc > 1) {
+        put_error_op_ctx(genctx, IBMCA_ERR_INTERNAL_ERROR,
+                         "ica_rsa_crt_key_check failed");
+        ibmca_keymgmt_free(key);
+        return NULL;
+    }
+
     p = 3;
     n = 0;
     if (osslcb != NULL && osslcb(cb_params, cbarg) == 0) {
@@ -1823,6 +1832,15 @@ int ibmca_keymgmt_rsa_import(void *vkey, int selection,
                           "BN_bn2binpad failed for private qinv");
             goto out;
         }
+
+        /* If p < q, swap and recalculate now */
+        rc = ica_rsa_crt_key_check(&key->rsa.private);
+        if (rc > 1) {
+            rc = 0;
+            put_error_key(key, IBMCA_ERR_INTERNAL_ERROR,
+                          "ica_rsa_crt_key_check failed");
+            goto out;
+        }
     }
 
     if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0 &&