PQG generation and verification testing
Stephan Mueller
smueller at chronox.de
Tue May 22 18:29:50 CEST 2018
Hi,
I see the following code in libgcrypt 1.5.3 in function generate_fips186:
if (deriveparms)
{
initial_seed.sexp = gcry_sexp_find_token (deriveparms, "seed", 0);
if (initial_seed.sexp)
initial_seed.seed = gcry_sexp_nth_data (initial_seed.sexp, 1,
&initial_seed.seedlen);
}
if (use_fips186_2)
ec = _gcry_generate_fips186_2_prime (nbits, qbits,
initial_seed.seed,
initial_seed.seedlen,
&prime_q, &prime_p,
r_counter,
r_seed, r_seedlen);
else if (!domain->p || !domain->q)
ec = _gcry_generate_fips186_3_prime (nbits, qbits,
initial_seed.seed,
initial_seed.seedlen,
&prime_q, &prime_p,
r_counter,
r_seed, r_seedlen, NULL);
In the current upstream code, it is implemented differently:
if (deriveparms)
{
initial_seed.sexp = sexp_find_token (deriveparms, "seed", 0);
if (initial_seed.sexp)
initial_seed.seed = sexp_nth_data (initial_seed.sexp, 1,
&initial_seed.seedlen);
}
if (use_fips186_2)
ec = _gcry_generate_fips186_2_prime (nbits, qbits,
initial_seed.seed,
initial_seed.seedlen,
&prime_q, &prime_p,
r_counter,
r_seed, r_seedlen);
else
ec = _gcry_generate_fips186_3_prime (nbits, qbits, NULL, 0,
&prime_q, &prime_p,
r_counter,
r_seed, r_seedlen, NULL);
See 3rd and 4th parameter for _gcry_generate_fips186_3_prime which is now NULL
instead of initial_seed. With that, there is no way to set a pre-defined seed
to verify that the P/Q generation function works correctly.
Is there any other way how to test the P/Q generation by supplying the seed?
If not, could the current upstream code be changed back to the old
implementation?
Thanks.
Ciao
Stephan
More information about the Gcrypt-devel
mailing list