Diffusion libgcrypt 06ea5b5332ff

fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.
06ea5b5332ff
Actions

Tags

None

Subscribers

None

Description

fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.

* cipher/rsa.c (rsa_generate): Do not accept use-x931 or derive-parms
in FIPS mode.
* tests/pubkey.c (get_keys_x931_new): Expect failure in FIPS mode.
(check_run): Skip checking X9.31 keys in FIPS mode.
* doc/gcrypt.texi: Document "test-parms" and clarify some cases around
the X9.31 keygen.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>

Details

Provenance

Jakuje	Authored on Dec 6 2022, 2:03 AM
• gniibe	Committed on Dec 6 2022, 2:03 AM

Parents

rCbf1e62e59200: rsa: Prevent usage of long salt in FIPS mode

Branches

Unknown

Tags

Unknown

Event Timeline

• gniibe committed rC06ea5b5332ff: fips,rsa: Prevent usage of X9.31 keygen in FIPS mode. (authored by Jakuje).Dec 6 2022, 2:03 AM

Changes (3)

Path

Size

cipher/

doc/

tests/

rC06ea5b5332ff

cipher/rsa.c

Loading...

doc/gcrypt.texi

Loading...

tests/pubkey.c

Loading...