From f90852093f149ae942a77c2c27d2a61888cff8e9 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Mon, 11 Dec 2017 16:10:36 +0100
Subject: [PATCH] Minor cleanup of the rsa mp limits code

Reduce RSA_MAX_PRIME_NUM to 5.
Remove no longer used RSA_MIN_PRIME_SIZE.
Make rsa_multip_cap honor RSA_MAX_PRIME_NUM.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4905)
---
 crypto/rsa/rsa_locl.h | 5 ++---
 crypto/rsa/rsa_mp.c   | 3 +++
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h
index 9bd53bec5a..2b94462a94 100644
--- a/crypto/rsa/rsa_locl.h
+++ b/crypto/rsa/rsa_locl.h
@@ -10,9 +10,8 @@
 #include <openssl/rsa.h>
 #include "internal/refcount.h"
 
-#define RSA_MAX_PRIME_NUM 16
-#define RSA_MIN_PRIME_SIZE 64
-#define RSA_MIN_MODULUS_BITS	512
+#define RSA_MAX_PRIME_NUM       5
+#define RSA_MIN_MODULUS_BITS    512
 
 typedef struct rsa_prime_info_st {
     BIGNUM *r;
diff --git a/crypto/rsa/rsa_mp.c b/crypto/rsa/rsa_mp.c
index 8ff4b63625..97a09f1387 100644
--- a/crypto/rsa/rsa_mp.c
+++ b/crypto/rsa/rsa_mp.c
@@ -105,5 +105,8 @@ int rsa_multip_cap(int bits)
     else if (bits < 8192)
         cap = 4;
 
+    if (cap > RSA_MAX_PRIME_NUM)
+        cap = RSA_MAX_PRIME_NUM;
+
     return cap;
 }
-- 
2.34.1