From 5f9b3c2e220ca6d0eaff32324a973ef67933a844 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Tue, 22 Mar 2016 17:12:55 +0100 Subject: rsa: Add FIPS 186-4 compliant RSA probable prime key generator. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * cipher/primegen.c (_gcry_fips186_4_prime_check): New. * cipher/rsa.c (generate_fips): New. (rsa_generate): Use new function in fips mode or with test-parms. * tests/keygen.c (check_rsa_keys): Add test using e=65539. -- Signed-off-by: Tomáš Mráz Tomáš's patch war originally for libgcrypt 1.6.3 and has been ported to master (1.7) by wk. Further changes: - ChangeLog entries. - Some re-indentation - Use an extra test case instead of changing an existing one. Signed-off-by: Werner Koch --- tests/keygen.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'tests/keygen.c') diff --git a/tests/keygen.c b/tests/keygen.c index dcb59e48..4bcea20d 100644 --- a/tests/keygen.c +++ b/tests/keygen.c @@ -235,6 +235,28 @@ check_rsa_keys (void) gcry_sexp_release (key); + if (verbose) + show ("creating 1024 bit RSA key with e=65539\n"); + rc = gcry_sexp_new (&keyparm, + "(genkey\n" + " (rsa\n" + " (nbits 4:1024)\n" + " (rsa-use-e 5:65539)\n" + " ))", 0, 1); + if (rc) + die ("error creating S-expression: %s\n", gpg_strerror (rc)); + rc = gcry_pk_genkey (&key, keyparm); + gcry_sexp_release (keyparm); + if (rc && !in_fips_mode) + fail ("error generating RSA key: %s\n", gpg_strerror (rc)); + else if (!rc && in_fips_mode) + fail ("generating RSA key must not work!"); + + if (!rc) + check_generated_rsa_key (key, 65539); + gcry_sexp_release (key); + + if (verbose) show ("creating 512 bit RSA key with e=257\n"); rc = gcry_sexp_new (&keyparm, -- cgit v1.2.1