Since OpenSSL 3.0 the OpenSSL RSA key generation taking place within libica may generate RSA keys where p < q (privileged form). While such a key is automatically corrected with the first call to libica's ica_rsa_crt(), such correction modifies the libica RSA key object and may cause concurrency problems when the same key object is used by multiple threads.
Check and correct such keys right after key generation or during import, so that it is ensured that p > q whenever the key is used afterwards, and thus no correction is applied by ica_rsa_crt() later on.
Since OpenSSL 3.0 the OpenSSL RSA key generation taking place within libica may generate RSA keys where p < q (privileged form). While such a key is automatically corrected with the first call to libica's ica_rsa_crt(), such correction modifies the libica RSA key object and may cause concurrency problems when the same key object is used by multiple threads.
Check and correct such keys right after key generation or during import, so that it is ensured that p > q whenever the key is used afterwards, and thus no correction is applied by ica_rsa_crt() later on.