cipher: Change the bounds for RSA key generation round.

* cipher/rsa.c (generate_fips): Use 10 for p, 20 for q. -- Applied the master commit of: cd30ed3c0d715aa0c58a32a29cfb1476163a5b94 Constants from FIPS 186-5-draft. GnuPG-bug-id: 5919 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
author: NIIBE Yutaka <gniibe@fsij.org> 2022-04-20 15:09:41 +0900
committer: NIIBE Yutaka <gniibe@fsij.org> 2022-05-06 09:21:52 +0900
commit: f6a67c2215310e9463267e15569697d3103b27f7 (patch)
tree: 2b6b58c9597e1ad6fa83f3a2d260504f096d8fd9
parent: 26df4b8d8c938fd837b99355de5163b9364d49a5 (diff)
download: libgcrypt-f6a67c2215310e9463267e15569697d3103b27f7.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 486a34f0..771413b3 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -476,7 +476,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
 
  retry:
   /* generate p and q */
-  for (i = 0; i < 5 * pbits; i++)
+  for (i = 0; i < 10 * pbits; i++)
     {
     ploop:
       if (!testparms)
@@ -506,10 +506,10 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
       else if (testparms)
         goto err;
     }
-  if (i >= 5 * pbits)
+  if (i >= 10 * pbits)
     goto err;
 
-  for (i = 0; i < 5 * pbits; i++)
+  for (i = 0; i < 20 * pbits; i++)
     {
     qloop:
       if (!testparms)
@@ -555,7 +555,7 @@ generate_fips (RSA_secret_key *sk, unsigned int nbits, unsigned long use_e,
       else if (testparms)
         goto err;
     }
-  if (i >= 5 * pbits)
+  if (i >= 20 * pbits)
     goto err;
 
   if (testparms)
author	NIIBE Yutaka <gniibe@fsij.org>	2022-04-20 15:09:41 +0900
committer	NIIBE Yutaka <gniibe@fsij.org>	2022-05-06 09:21:52 +0900
commit	f6a67c2215310e9463267e15569697d3103b27f7 (patch)
tree	2b6b58c9597e1ad6fa83f3a2d260504f096d8fd9
parent	26df4b8d8c938fd837b99355de5163b9364d49a5 (diff)
download	libgcrypt-f6a67c2215310e9463267e15569697d3103b27f7.tar.gz