Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP6:Update
gnutls.36178
gnutls-FIPS-rsa-min-2048.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gnutls-FIPS-rsa-min-2048.patch of Package gnutls.36178
Index: gnutls-3.8.3/lib/nettle/pk.c =================================================================== --- gnutls-3.8.3.orig/lib/nettle/pk.c +++ gnutls-3.8.3/lib/nettle/pk.c @@ -1720,8 +1720,7 @@ static int _wrap_nettle_pk_verify(gnutls * for SigVer; it is checked in _pkcs1_rsa_verify_sig in * lib/pubkey.c. */ - if (unlikely(bits < 2048 && bits != 1024 && bits != 1280 && - bits != 1536 && bits != 1792)) { + if (unlikely(bits < 2048)) { not_approved = true; } Index: gnutls-3.8.3/tests/fips-rsa-sizes.c =================================================================== --- gnutls-3.8.3.orig/tests/fips-rsa-sizes.c +++ gnutls-3.8.3/tests/fips-rsa-sizes.c @@ -250,35 +250,24 @@ void doit(void) assert(gnutls_fips140_context_init(&fips_context) == 0); - /* 512-bit RSA: no generate, no sign, no verify */ generate_unsuccessfully(&privkey, &pubkey, 512); sign_verify_unsuccessfully(privkey, pubkey); - /* 512-bit RSA again (to be safer about going in and out of FIPS) */ generate_unsuccessfully(&privkey, &pubkey, 512); sign_verify_unsuccessfully(privkey, pubkey); - /* 600-bit RSA: no generate, no sign, no verify */ generate_unsuccessfully(&privkey, &pubkey, 600); sign_verify_unsuccessfully(privkey, pubkey); - - /* 768-bit RSA not-an-exception: nogenerate, nosign, verify */ generate_unsuccessfully(&privkey, &pubkey, 768); sign_verify_unsuccessfully(privkey, pubkey); - /* 1024-bit RSA exception: nogenerate, nosign, verify */ generate_unsuccessfully(&privkey, &pubkey, 1024); - nosign_verify(privkey, pubkey); - /* 1280-bit RSA exception: nogenerate, nosign, verify */ + sign_verify_unsuccessfully(privkey, pubkey); generate_unsuccessfully(&privkey, &pubkey, 1280); - nosign_verify(privkey, pubkey); - /* 1500-bit RSA not-an-exception: nogenerate, nosign, noverify */ + sign_verify_unsuccessfully(privkey, pubkey); generate_unsuccessfully(&privkey, &pubkey, 1500); sign_verify_unsuccessfully(privkey, pubkey); - /* 1536-bit RSA exception: nogenerate, nosign, verify */ generate_unsuccessfully(&privkey, &pubkey, 1536); - nosign_verify(privkey, pubkey); - /* 1792-bit RSA exception: nogenerate, nosign, verify */ + sign_verify_unsuccessfully(privkey, pubkey); generate_unsuccessfully(&privkey, &pubkey, 1792); - nosign_verify(privkey, pubkey); - /* 2000-bit RSA not-an-exception: nogenerate, nosign, noverify */ + sign_verify_unsuccessfully(privkey, pubkey); generate_unsuccessfully(&privkey, &pubkey, 2000); sign_verify_unsuccessfully(privkey, pubkey);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor