diff options
| author | Tomáš Mráz <tmraz@redhat.com> | 2016-03-22 17:12:55 +0100 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-03-22 17:12:55 +0100 |
| commit | 5f9b3c2e220ca6d0eaff32324a973ef67933a844 (patch) | |
| tree | 3e90cb60586313c06d6a68030c74a5cd828896e3 /tests | |
| parent | 583919d70763671ed9feeaa14e1f66379aff88cc (diff) | |
| download | libgcrypt-5f9b3c2e220ca6d0eaff32324a973ef67933a844.tar.gz | |
rsa: Add FIPS 186-4 compliant RSA probable prime key generator.
* cipher/primegen.c (_gcry_fips186_4_prime_check): New.
* cipher/rsa.c (generate_fips): New.
(rsa_generate): Use new function in fips mode or with test-parms.
* tests/keygen.c (check_rsa_keys): Add test using e=65539.
--
Signed-off-by: Tomáš Mráz <tmraz@redhat.com>
Tomáš's patch war originally for libgcrypt 1.6.3 and has been ported
to master (1.7) by wk. Further changes:
- ChangeLog entries.
- Some re-indentation
- Use an extra test case instead of changing an existing one.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/keygen.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/tests/keygen.c b/tests/keygen.c index dcb59e48..4bcea20d 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -236,6 +236,28 @@ check_rsa_keys (void) if (verbose) + show ("creating 1024 bit RSA key with e=65539\n"); + rc = gcry_sexp_new (&keyparm, + "(genkey\n" + " (rsa\n" + " (nbits 4:1024)\n" + " (rsa-use-e 5:65539)\n" + " ))", 0, 1); + if (rc) + die ("error creating S-expression: %s\n", gpg_strerror (rc)); + rc = gcry_pk_genkey (&key, keyparm); + gcry_sexp_release (keyparm); + if (rc && !in_fips_mode) + fail ("error generating RSA key: %s\n", gpg_strerror (rc)); + else if (!rc && in_fips_mode) + fail ("generating RSA key must not work!"); + + if (!rc) + check_generated_rsa_key (key, 65539); + gcry_sexp_release (key); + + + if (verbose) show ("creating 512 bit RSA key with e=257\n"); rc = gcry_sexp_new (&keyparm, "(genkey\n" |