diff options
Diffstat (limited to 'lib/crypto-selftests-pk.c')
-rw-r--r-- | lib/crypto-selftests-pk.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c index 6f66cd84dd..70b0f618ff 100644 --- a/lib/crypto-selftests-pk.c +++ b/lib/crypto-selftests-pk.c @@ -321,6 +321,10 @@ static int test_sig(gnutls_pk_algorithm_t pk, gnutls_datum_t sig = { NULL, 0 }; gnutls_pubkey_t pub = NULL; char param_name[32]; + unsigned vflags = 0; + + if (sigalgo == GNUTLS_SIGN_GOST_94) + vflags |= GNUTLS_VERIFY_ALLOW_BROKEN; ret = gnutls_privkey_init(&key); if (ret < 0) @@ -427,7 +431,7 @@ static int test_sig(gnutls_pk_algorithm_t pk, } ret = - gnutls_pubkey_verify_data2(pub, sigalgo, 0, + gnutls_pubkey_verify_data2(pub, sigalgo, vflags, &signed_data, &sig); if (ret < 0) { ret = GNUTLS_E_SELF_TEST_ERROR; @@ -436,7 +440,7 @@ static int test_sig(gnutls_pk_algorithm_t pk, } ret = - gnutls_pubkey_verify_data2(pub, sigalgo, 0, + gnutls_pubkey_verify_data2(pub, sigalgo, vflags, &bad_data, &sig); if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) { @@ -475,6 +479,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, gnutls_pubkey_t pub = NULL; gnutls_privkey_t key; char param_name[32]; + unsigned vflags = 0; if (pk == GNUTLS_PK_EC || pk == GNUTLS_PK_GOST_01 || @@ -484,6 +489,8 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, snprintf(param_name, sizeof(param_name), "%s", gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE (bits))); + if (dig == GNUTLS_DIG_GOSTR_94) + vflags |= GNUTLS_VERIFY_ALLOW_BROKEN; } else { snprintf(param_name, sizeof(param_name), "%u", bits); } @@ -553,7 +560,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits, } ret = - gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0, + gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), vflags, &signed_data, &sig); if (ret < 0) { ret = GNUTLS_E_SELF_TEST_ERROR; |