| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gcrypt.texi (Disabling FIPS mode): Add.
* src/gcrypt.h.in (GCRYCTL_NO_FIPS_MODE): New.
* src/global.c (_gcry_vcontrol): Support GCRYCTL_NO_FIPS_MODE.
* tests/t-ed25519.c: Add --no-fips option to test non-FIPS mode.
--
GnuPG-bug-id: 5747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/pubkey.c (check_run): Fix use of pkey and skey.
* tests/*.c (in_fips_mode): No initialize by 0.
--
There are no cases where *_key_new allocates pkey and skey when
IN_FIPS_MODE!=0. Nevertheless, from viewpoint of resource management,
calling gcry_sexp_release always is easier for maintenance.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/t-cv25519.c (test_cv_hl): Expect the operation to fail in FIPS
mode.
(test_cv_x25519, test_it): Ditto.
(main) Detect FIPS mode.
* tests/t-ed25519.c (one_test): Expect the operation to fail in FIPS
mode.
(main) Detect FIPS mode.
* tests/t-ed448.c (one_test): Expect the operation to fail in FIPS
mode.
(main) Detect FIPS mode.
* tests/t-x448.c (test_cv_hl): Expect the operation to fail in FIPS
mode.
(test_cv_x448, test_cv): Ditto.
(main) Detect FIPS mode.
--
The ed25519, ed448, cv25519 and cv448 curves are not available in FIPS
mode. Some of the tests already skipped these, but it is always better
to make sure thy are failing, rather than just skipping these.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/t-common.h (xgcry_control): Use doubly nested parenthesis for
passing arguments for gcry_control instead of GCC specific variadic
macro extension.
* tests/aeswrap.c: Change xgcry_control to use doubly nested
parenthesis.
* tests/basic.c: Ditto.
* tests/bench-slope.c: Ditto.
* tests/benchmark.c: Ditto.
* tests/curves.c: Ditto.
* tests/dsa-rfc6979.c: Ditto.
* tests/fips186-dsa: Ditto.
* tests/fipsdrv.c: Ditto.
* tests/fipsrngdrv.c: Ditto.
* tests/gchash.c: Ditto.
* tests/hashtest.c: Ditto.
* tests/hmac.c: Ditto.
* tests/keygen.c: Ditto.
* tests/keygrip.c: Ditto.
* tests/mpitests.c: Ditto.
* tests/pkbench.c: Ditto.
* tests/pkcs1v2.c: Ditto.
* tests/prime.c: Ditto.
* tests/pubkey.c: Ditto.
* tests/random.c: Ditto.
* tests/rsacvt.c: Ditto.
* tests/t-convert.c: Ditto.
* tests/t-cv25519.c: Ditto.
* tests/t-ed25519.c: Ditto.
* tests/t-kdf.c: Ditto.
* tests/t-lock.c: Ditto.
* tests/t-mpi-bit.c: Ditto.
* tests/t-mpi-point.c: Ditto.
* tests/t-secmem.c: Ditto.
* tests/t-sexp.c: Ditto.
* tests/version.c: Ditto.
--
GnuPG-bug-id: 4499
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
|
| |
|
|
|
|
|
|
| |
* tests/t-convert.c (check_formats): Fix print format glitch on
Windows.
* tests/t-ed25519.c: Typo fix.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
| |
--
Also fix minor fallout from the format string warnings.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/benchmark.c (ecc_bench): Avoid not approved curves in FIPS.
* tests/curves.c (check_get_params): Skip Brainpool curves in FIPS.
* tests/keygen.c (check_dsa_keys): Generate 2048 and 3072 bits keys.
(check_ecc_keys): Skip Ed25519 in FIPS mode.
* tests/random.c (main): Don't switch DRBG in FIPS mode.
* tests/t-ed25519.c (main): Ed25519 isn't supported in FIPS mode.
* tests/t-kdf.c (check_openpgp): Skip vectors using md5 in FIPS.
* tests/t-mpi-point.c (context_param): Skip P-192 and Ed25519 in FIPS.
(main): Skip math tests that use P-192 and Ed25519 in FIPS.
--
Fix the testsuite to make it pass after the FIPS adjustmens.
This consists mostly of disabling the tests that use not approved
curves and algorithms as well as increasing the keysizes.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Additional changes by wk:
- Removed changes already done with commit e40939b. The original
patch had these chnages:
* tests/fips186-dsa.c (main): Merely suggest a future improvement.
* tests/pubkey.c (get_dsa_key_*new): Increase keysizes.
(check_run): Skip tests with small domain in FIPS.
(main): Skip Ed25519 sample key test in FIPS.
Noet that get_dsa_key_fips186_with_seed_new was not changed from
1024 to 3072 but to 2048 bit.
- Return with 77 (skip) from t-ed25519.c in FIPS mode.
- Some code style changes.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
| |
* tests/stopwatch.h (elapsed_time): Add arg divisor.
|
| |
|
|
|
|
|
|
|
|
| |
* cipher/ecc.c (ecc_generate): Check the "comp" flag for EdDSA.
* cipher/ecc-eddsa.c (eddsa_encode_x_y): Add arg WITH_PREFIX.
(_gcry_ecc_eddsa_encodepoint): Ditto.
(_gcry_ecc_eddsa_ensure_compact): Handle the 0x40 compression prefix.
(_gcry_ecc_eddsa_decodepoint): Ditto.
* tests/keygrip.c: Check an compresssed with prefix Ed25519 key.
* tests/t-ed25519.inp: Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/cipher.h (PUBKEY_FLAG_ECDSA): Remove.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Remove "ecdsa".
* cipher/ecc.c (ecc_generate, ecc_sign, ecc_verify): Require "eddsa" flag.
* cipher/ecc-misc.c (_gcry_ecc_compute_public): Depend "eddsa" flag.
* tests/benchmark.c, tests/keygen.c, tests/pubkey.c
* tests/t-ed25519.c, tests/t-mpi-point.c: Adjust for changed flags.
--
This changes make using ECDSA signatures the default for all curves.
If another signing algorithm is to be used, the corresponding flag
needs to be given. In particular the flags "eddsa" is now always
required with curve Ed25519 to comply with the specs. This change
makes the code better readable by not assuming a certain signature
algorithm depending on the curve.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
| |
* cipher/ecc-eddsa.c (scanval): Add as temporary hack.
(_gcry_ecc_eddsa_recover_x): Use the algorithm from page 15 of the
paper. Return an error code.
(_gcry_ecc_eddsa_decodepoint): Take care of the error code.
* mpi/mpi-mul.c (gcry_mpi_mulm): Use truncated division.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
| |
* cipher/ecc.c (eddsa_encodepoint): Factor most code out to ...
(eddsa_encode_x_y): new fucntion.
(eddsa_decodepoint): Allow use of an uncompressed public key.
* tests/t-ed25519.c (N_TESTS): Adjust.
* tests/t-ed25519.inp: Add test 1025.
|
| |
|
|
|
|
|
|
|
|
|
| |
* tests/benchmark.c (ecc_bench): Print the key sexp in very verbose
mode.
(main): Add option --pk-count.
* tests/keygen.c: Add Elgamal generation and improved diagnostics.
* tests/t-ed25519.c (check_ed25519): Print running number of tests
done.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* cipher/pubkey.c (pubkey_encrypt): Fold into gcry_pk_encrypt.
(pubkey_decrypt): Fold into gcry_pk_decrypt.
(pubkey_sign): Fold into gcry_pk_sign.
(pubkey_verify): Fold into gcry_pk_verify.
(octet_string_from_mpi): Make it a wrapper and factor code out to ...
* mpi/mpicoder.c (_gcry_mpi_to_octet_string): New function.
* src/cipher.h (PUBKEY_FLAG_FIXEDLEN): New.
* cipher/pubkey.c (sexp_data_to_mpi): Set flag for some encodings.
(gcry_pk_encrypt): Simply by moving the s-expr generation to the modules.
(gcry_pk_sign): Ditto.
* cipher/dsa.c (dsa_sign): Create s-expr.
* cipher/elgamal.c (elg_encrypt, elg_sign): Ditto.
* cipher/rsa.c (rsa_encrypt, rsa_sign): Ditto.
* cipher/ecc.c (ecc_sign, ecc_encrypt_raw): Ditto.
(ecdsa_names): Add "eddsa".
* tests/t-ed25519.c (one_test): Expect "eddsa" token.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
|
|
* cipher/ecc-curves.c (domain_parms): Add curve "Ed25519".
* cipher/ecc.c (reverse_buffer): New.
(eddsa_encodempi): New.
(eddsa_encodepoint): New.
(eddsa_decodepoint): New.
(sign_eddsa): Implement.
(verify_eddsa): Implement.
(ecc_sign): Init unused Q. Pass public key to sign_eddsa.
(ecc_verify): Init pk.Q if not used. Pass public key verbatim to
verify_eddsa.
* cipher/pubkey.c (sexp_elements_extract): Add arg OPAQUE. Change all
callers to pass 0.
(sexp_to_sig): Add arg OPAQUE and pass it to sexp_elements_extract.
(sexp_data_to_mpi): Allow for a zero length "value".
(gcry_pk_verify): Reorder parameter processing. Pass OPAQUE flag as
required.
* mpi/ec.c (ec_invm): Print a warning if the inverse does not exist.
(_gcry_mpi_ec_get_affine): Implement for our Twisted Edwards curve
model.
(dup_point_twistededwards): Implement.
(add_points_twistededwards): Implement.
(_gcry_mpi_ec_mul_point): Support Twisted Edwards.
* mpi/mpicoder.c (do_get_buffer): Add arg FILL_LE.
(_gcry_mpi_get_buffer): Ditto. Change all callers.
(_gcry_mpi_get_secure_buffer): Ditto.
* src/sexp.c (_gcry_sexp_nth_opaque_mpi): New.
* tests/t-ed25519.c: New.
* tests/t-ed25519.inp: New.
* tests/t-mpi-point.c (basic_ec_math_simplified): Print some output
only in debug mode.
(twistededwards_math): New test.
(main): Call new test.
--
This is a non optimized version which takes far too long. On my X220
Thinkpad the 1024 test cases take 14 seconds (12 with --sign-with-pk).
There should be a lot of room for improvements.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
