Home GnuPG

fips: Skip PCT if RSA keygen test-parms specified
4963c127ae69Unpublished

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

fips: Skip PCT if RSA keygen test-parms specified

* cipher/rsa.c (rsa_generate): Skip PCT is test-parms were specified.
* tests/t-rsa-testparm.c: Add test for this functionality
* tests/Makefile.am: Add test to build system

Cherry-pick master commit of:
c20022ffd4ad2cea51928a109dfa102d711d30ac

ACVP testing uses the test-parms option to specify p and q to be checked
for primality. When test-parms is specified, generate_fips() always
returns keys with p=q=0. These keys then fail the pairwise consistency
test, because they cannot be used to successfully sign a message and
verify the signature.

Skip the PCT when test-parms is specified.

Add a regression test to check that this functionality continues to work
in the future.

  • Signed-off-by: Clemens Lang <cllang@redhat.com>

Details

Provenance
neverpanicAuthored on Sep 21 2022, 1:12 PM
gniibeCommitted on Sep 22 2022, 6:29 AM
Parents
rC1524b60a7ccc: build: Skip PK-specific tests if algo is disabled
Branches
Unknown
Tags
Unknown