2021-02-03 13:44:42 +01:00
|
|
|
Index: libgcrypt-1.9.1/cipher/dsa.c
|
2020-01-24 13:13:28 +01:00
|
|
|
===================================================================
|
2021-02-03 13:44:42 +01:00
|
|
|
--- libgcrypt-1.9.1.orig/cipher/dsa.c
|
|
|
|
|
+++ libgcrypt-1.9.1/cipher/dsa.c
|
|
|
|
|
@@ -457,13 +457,22 @@ generate_fips186 (DSA_secret_key *sk, un
|
2020-01-24 13:13:28 +01:00
|
|
|
&prime_q, &prime_p,
|
|
|
|
|
r_counter,
|
|
|
|
|
r_seed, r_seedlen);
|
|
|
|
|
- else
|
|
|
|
|
+ else if (!domain->p || !domain->q)
|
2021-02-03 13:44:42 +01:00
|
|
|
ec = _gcry_generate_fips186_3_prime (nbits, qbits,
|
|
|
|
|
initial_seed.seed,
|
|
|
|
|
initial_seed.seedlen,
|
2020-01-24 13:13:28 +01:00
|
|
|
&prime_q, &prime_p,
|
|
|
|
|
r_counter,
|
|
|
|
|
r_seed, r_seedlen, NULL);
|
|
|
|
|
+ else
|
2021-02-03 13:44:42 +01:00
|
|
|
+ {
|
|
|
|
|
+ /* Domain parameters p and q are given; use them. */
|
|
|
|
|
+ prime_p = mpi_copy (domain->p);
|
|
|
|
|
+ prime_q = mpi_copy (domain->q);
|
|
|
|
|
+ gcry_assert (mpi_get_nbits (prime_p) == nbits);
|
|
|
|
|
+ gcry_assert (mpi_get_nbits (prime_q) == qbits);
|
|
|
|
|
+ ec = 0;
|
|
|
|
|
+ }
|
2020-01-24 13:13:28 +01:00
|
|
|
sexp_release (initial_seed.sexp);
|
|
|
|
|
if (ec)
|
|
|
|
|
goto leave;
|
2021-02-03 13:44:42 +01:00
|
|
|
@@ -859,13 +868,12 @@ dsa_generate (const gcry_sexp_t genparms
|
2020-01-24 13:13:28 +01:00
|
|
|
sexp_release (l1);
|
|
|
|
|
sexp_release (domainsexp);
|
|
|
|
|
|
|
|
|
|
- /* Check that all domain parameters are available. */
|
|
|
|
|
- if (!domain.p || !domain.q || !domain.g)
|
|
|
|
|
+ /* Check that p and q domain parameters are available. */
|
|
|
|
|
+ if (!domain.p || !domain.q || (!domain.g && !(flags & PUBKEY_FLAG_USE_FIPS186)))
|
|
|
|
|
{
|
|
|
|
|
_gcry_mpi_release (domain.p);
|
|
|
|
|
_gcry_mpi_release (domain.q);
|
|
|
|
|
_gcry_mpi_release (domain.g);
|
|
|
|
|
- sexp_release (deriveparms);
|
|
|
|
|
return GPG_ERR_MISSING_VALUE;
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-03 13:44:42 +01:00
|
|
|
Index: libgcrypt-1.9.1/cipher/rsa.c
|
2020-01-24 13:13:28 +01:00
|
|
|
===================================================================
|
2021-02-03 13:44:42 +01:00
|
|
|
--- libgcrypt-1.9.1.orig/cipher/rsa.c
|
|
|
|
|
+++ libgcrypt-1.9.1/cipher/rsa.c
|
2020-01-24 13:13:28 +01:00
|
|
|
@@ -389,7 +389,7 @@ generate_fips (RSA_secret_key *sk, unsig
|
|
|
|
|
|
|
|
|
|
if (nbits < 1024 || (nbits & 0x1FF))
|
|
|
|
|
return GPG_ERR_INV_VALUE;
|
2021-02-03 13:44:42 +01:00
|
|
|
- if (_gcry_enforced_fips_mode() && nbits != 2048 && nbits != 3072)
|
2020-01-24 13:13:28 +01:00
|
|
|
+ if (fips_mode() && nbits < 2048)
|
|
|
|
|
return GPG_ERR_INV_VALUE;
|
|
|
|
|
|
|
|
|
|
/* The random quality depends on the transient_key flag. */
|
|
|
|
|
@@ -696,7 +696,7 @@ generate_x931 (RSA_secret_key *sk, unsig
|
|
|
|
|
|
|
|
|
|
*swapped = 0;
|
|
|
|
|
|
|
|
|
|
- if (e_value == 1) /* Alias for a secure value. */
|
|
|
|
|
+ if (e_value == 1 || e_value == 0) /* Alias for a secure value. */
|
|
|
|
|
e_value = 65537;
|
|
|
|
|
|
|
|
|
|
/* Point 1 of section 4.1: k = 1024 + 256s with S >= 0 */
|
