Page MenuHome GnuPG

514_0001-Make-dsa-FIPS-186-4-compliant.patch
AbandonedPublic

Authored by civ on Oct 8 2014, 2:16 PM.

Details

Reviewers
None
Summary

From 76f1b6809b91529df06b2cdebcdfc30c54b9849d Mon Sep 17 00:00:00 2001
From: Vitezslav Cizek <vcizek@suse.cz>
Date: Tue, 7 Oct 2014 18:13:26 +0200
Subject: [PATCH 1/4] Make dsa FIPS 186-4 compliant.

Add missing steps 4-6 for keypair generation by testing candidates (B.1.2).
Increase minimum mod size to 2048.
Use SHA2 instead of SHA1
Use 2048 bit keys for selftest.

Check against known signature in selftest.

cipher/dsa.c | 132 +++++++++++++++++++++++++++++++++++++++++++-----------
cipher/primegen.c | 4 +-
2 files changed, 107 insertions(+), 29 deletions(-)

2.1.0

Test Plan

Diff Detail

Lint
Lint Skipped
Unit
Unit Tests Skipped