provable RSA key generation: allow non-2048 and non-3072 keys

That is enforce the 2048 and 3072-bit limit to FIPS when in FIPS140-2 mode.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-02-14 18:18:38 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-02-14 18:18:40 +0100
commit: 713544ee0966dbf14bab516a09f6991e6df52759 (patch)
tree: 945811a48e1ff99c600b699a6fa6a5d5563cf79e /lib/nettle/int
parent: ab885ac360811de4a899115970005bdb93f69f03 (diff)
download: gnutls-713544ee0966dbf14bab516a09f6991e6df52759.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/nettle/int/rsa-keygen-fips186.c b/lib/nettle/int/rsa-keygen-fips186.c
index fe6c3d704d..e5fbb12e40 100644
--- a/lib/nettle/int/rsa-keygen-fips186.c
+++ b/lib/nettle/int/rsa-keygen-fips186.c
@@ -402,8 +402,11 @@ rsa_generate_fips186_4_keypair(struct rsa_public_key *pub,
 	unsigned seed_length;
 	int ret;
 
-	if (n_size != 2048 && n_size != 3072) {
-		return 0;
+	if (_gnutls_fips_mode_enabled() != 0) {
+		if (n_size != 2048 && n_size != 3072) {
+			_gnutls_debug_log("The size of a prime can only be 2048 or 3072\n");
+			return 0;
+		}
 	}
 
 	if (n_size == 2048)
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-02-14 18:18:38 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-02-14 18:18:40 +0100
commit	713544ee0966dbf14bab516a09f6991e6df52759 (patch)
tree	945811a48e1ff99c600b699a6fa6a5d5563cf79e /lib/nettle/int
parent	ab885ac360811de4a899115970005bdb93f69f03 (diff)
download	gnutls-713544ee0966dbf14bab516a09f6991e6df52759.tar.gz