PQG generation and verification testing

Stephan Mueller smueller at chronox.de
Tue May 22 19:40:24 CEST 2018

Am Dienstag, 22. Mai 2018, 18:29:50 CEST schrieb Stephan Mueller:


> Hi,
> I see the following code in libgcrypt 1.5.3 in function generate_fips186:

Please disregard this message. I just found out that the Fedora code base 
modified the following code path to make it testable:

>       else if (!domain->p || !domain->q)
>         ec = _gcry_generate_fips186_3_prime (nbits, qbits,
>                                           initial_seed.seed,
>                                           initial_seed.seedlen,
>                                           &prime_q, &prime_p,
>                                           r_counter,
>                                           r_seed, r_seedlen, NULL);

Though, would it make sense to equally change it upstream?


More information about the Gcrypt-devel mailing list