PQG generation and verification testing
NIIBE Yutaka
gniibe at fsij.org
Tue Feb 2 01:53:25 CET 2021
Stephan Mueller <smueller at chronox.de> wrote:
> In the current upstream code, it is implemented differently:
[...]
> ec = _gcry_generate_fips186_3_prime (nbits, qbits, NULL, 0,
> &prime_q, &prime_p,
> r_counter,
> r_seed, r_seedlen, NULL);
>
> See 3rd and 4th parameter for _gcry_generate_fips186_3_prime which is now NULL
> instead of initial_seed. With that, there is no way to set a pre-defined seed
> to verify that the P/Q generation function works correctly.
FYI, it was fixed in master and 1.9.1, when I merged a patch from Red Hat.
I'm merging their patches.
commit 30ed9593f632c728d918598037358deaeccd1968
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Tue Jan 19 15:50:31 2021 +0900
Fix DSA for FIPS 186-3.
* cipher/dsa.c (generate_fips186): Supply INITIAL_SEED to
_gcry_generate_fips186_3_prime.
...
diff --git a/cipher/dsa.c b/cipher/dsa.c
index b93e385e..d793b9aa 100644
--- a/cipher/dsa.c
+++ b/cipher/dsa.c
@@ -458,7 +458,9 @@ generate_fips186 (DSA_secret_key *sk, unsigned int nbits, unsigned int qbits,
r_counter,
r_seed, r_seedlen);
else
- ec = _gcry_generate_fips186_3_prime (nbits, qbits, NULL, 0,
+ ec = _gcry_generate_fips186_3_prime (nbits, qbits,
+ initial_seed.seed,
+ initial_seed.seedlen,
&prime_q, &prime_p,
r_counter,
r_seed, r_seedlen, NULL);
--
More information about the Gcrypt-devel
mailing list