diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-25 12:30:55 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-06-26 08:24:44 +0000 |
commit | 0ad5fd7e61837020b17f3e46d052a27fcff0603d (patch) | |
tree | cb288e85b15b2c29b07a53b424b6435f1d22b27b | |
parent | 81efbb42755292748ccbccad9064f69db1136346 (diff) | |
download | gnutls-0ad5fd7e61837020b17f3e46d052a27fcff0603d.tar.gz |
wrap_nettle_pk_generate_keys: retry on provable key generationtmp-fix-fips-generation
This resolves issue with occasional failures under RSA key generation
in FIPS140-2 mode.
Resolves #283
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | lib/nettle/pk.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index a54044dc4d..bfcafa926c 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -1944,12 +1944,21 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, params->seed_size, params->seed, NULL, NULL, level); } else { - params->seed_size = sizeof(params->seed); - ret = - rsa_generate_fips186_4_keypair(&pub, &priv, NULL, + unsigned retries = 0; + /* The provable RSA key generation process is deterministic + * but has an internal maximum iteration counter and when + * exceed will fail for certain random seeds. This is a very + * rare condition, but it nevertheless happens and even CI builds fail + * occasionally. When we generate the random seed internally, remediate + * by retrying a different seed on failure. */ + do { + params->seed_size = sizeof(params->seed); + ret = + rsa_generate_fips186_4_keypair(&pub, &priv, NULL, rnd_func, NULL, NULL, ¶ms->seed_size, params->seed, level); + } while (ret != 1 && ++retries < 3); } } else { ret = |