diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-02-06 22:44:37 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-02-12 10:48:33 +0100 |
| commit | 3e958602b907584f4c34af68820f1c2e37194dd8 (patch) | |
| tree | f92703d15a34e13319f27814abebad696ed8dd45 /lib/nettle/int | |
| parent | c42a65d716c898dec171ea82c87d9a761f946e97 (diff) | |
| download | gnutls-3e958602b907584f4c34af68820f1c2e37194dd8.tar.gz | |
provable prime generation: arbitrary seed lengths are accepted in non-FIPS mode
Diffstat (limited to 'lib/nettle/int')
| -rw-r--r-- | lib/nettle/int/dsa-keygen-fips186.c | 16 | ||||
| -rw-r--r-- | lib/nettle/int/rsa-keygen-fips186.c | 26 |
2 files changed, 26 insertions, 16 deletions
diff --git a/lib/nettle/int/dsa-keygen-fips186.c b/lib/nettle/int/dsa-keygen-fips186.c index 955de06d22..4ccdbd890e 100644 --- a/lib/nettle/int/dsa-keygen-fips186.c +++ b/lib/nettle/int/dsa-keygen-fips186.c @@ -83,6 +83,7 @@ _dsa_generate_dss_pq(struct dsa_params *params, } if (seed_length < q_bits / 8) { + _gnutls_debug_log("Seed length must be larger than %d bytes (it is %d)\n", q_bits/8, seed_length); return 0; } @@ -419,15 +420,20 @@ _dsa_generate_dss_pqg(struct dsa_params *params, if (ret == 0) return 0; - cert->seed_length = 2 * (q_bits / 8) + 1; + if (_gnutls_fips_mode_enabled() != 0) { + cert->seed_length = 2 * (q_bits / 8) + 1; + + if (cert->seed_length != seed_size) { + _gnutls_debug_log("Seed length must be %d bytes (it is %d)\n", cert->seed_length, seed_size); + return 0; + } + } else { + cert->seed_length = seed_size; + } if (cert->seed_length > sizeof(cert->seed)) return 0; - if (cert->seed_length != seed_size) { - _gnutls_debug_log("Seed length must be %d bytes (it is %d)\n", cert->seed_length, seed_size); - return 0; - } memcpy(cert->seed, seed, cert->seed_length); diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c index 7d5c879b58..fe6c3d704d 100644 --- a/lib/nettle/int/rsa-keygen-fips186.c +++ b/lib/nettle/int/rsa-keygen-fips186.c @@ -268,26 +268,30 @@ _rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, struct dss_params_validation_seeds cert; unsigned l = n_size / 2; - if (n_size == 2048) { - if (seed_length != 14 * 2) { - _gnutls_debug_log("Seed length must be 28 bytes (it is %d)\n", seed_length); - return 0; - } - } else if (n_size == 3072) { - if (seed_length != 16 * 2) { - _gnutls_debug_log("Seed length must be 32 bytes (it is %d)\n", seed_length); + if (_gnutls_fips_mode_enabled() != 0) { + if (n_size == 2048) { + if (seed_length != 14 * 2) { + _gnutls_debug_log("Seed length must be 28 bytes (it is %d)\n", seed_length); + return 0; + } + } else if (n_size == 3072) { + if (seed_length != 16 * 2) { + _gnutls_debug_log("Seed length must be 32 bytes (it is %d)\n", seed_length); + return 0; + } + } else { + _gnutls_debug_log("Unsupported size for modulus\n"); return 0; } - } else { - _gnutls_debug_log("Unsupported size for modulus\n"); - return 0; } if (!mpz_tstbit(pub->e, 0)) { + _gnutls_debug_log("Unacceptable e (it is even)\n"); return 0; } if (mpz_cmp_ui(pub->e, 65536) <= 0) { + _gnutls_debug_log("Unacceptable e\n"); return 0; } |