/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4. * * The hash function used is SHA384. * The exponent e used is the value in pub->e. */ int rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, struct rsa_private_key *key, void *random_ctx, nettle_random_func * random, void *progress_ctx, nettle_progress_func * progress, unsigned *rseed_size, void *rseed, /* Desired size of modulo, in bits */ unsigned n_size) { uint8_t seed[128]; unsigned seed_length; int ret; if (_gnutls_fips_mode_enabled() != 0) { if (n_size != 2048 && n_size != 3072) { _gnutls_debug_log("The size of a prime can only be 2048 or 3072\n"); return 0; } } seed_length = SEED_LENGTH(n_size); if (seed_length > sizeof(seed)) return 0; random(random_ctx, seed_length, seed); if (rseed && rseed_size) { if (*rseed_size < seed_length) { return 0; } memcpy(rseed, seed, seed_length); *rseed_size = seed_length; } ret = _rsa_generate_fips186_4_keypair(pub, key, seed_length, seed, progress_ctx, progress, n_size); gnutls_memset(seed, 0, seed_length); return ret; }
/* This generates p,q params using the B.3.2.2 algorithm in FIPS 186-4. * * The hash function used is SHA384. * The exponent e used is the value in pub->e. */ int rsa_generate_fips186_4_keypair(struct rsa_public_key *pub, struct rsa_private_key *key, void *random_ctx, nettle_random_func * random, void *progress_ctx, nettle_progress_func * progress, unsigned *rseed_size, void *rseed, /* Desired size of modulo, in bits */ unsigned n_size) { uint8_t seed[128]; unsigned seed_length; int ret; FIPS_RULE(n_size != 2048 && n_size != 3072, 0, "size of prime of other than 2048 or 3072\n"); seed_length = SEED_LENGTH(n_size); if (seed_length > sizeof(seed)) return 0; random(random_ctx, seed_length, seed); if (rseed && rseed_size) { if (*rseed_size < seed_length) { return 0; } memcpy(rseed, seed, seed_length); *rseed_size = seed_length; } ret = _rsa_generate_fips186_4_keypair(pub, key, seed_length, seed, progress_ctx, progress, n_size); gnutls_memset(seed, 0, seed_length); return ret; }