ecc: ECDSA adjustments for FIPS 186-4
authorVitezslav Cizek <vcizek@suse.com>
Tue, 27 Oct 2015 13:29:11 +0000 (14:29 +0100)
committerWerner Koch <wk@gnupg.org>
Fri, 18 Mar 2016 14:26:28 +0000 (15:26 +0100)
commita242e3d9185e6e2dc13902ea9331131755bbba01
tree11679a351ba6f54edf67fc395bf1d3d5ff80f7c5
parente40939b2141306238cc30a340b867b60fa4dc2a3
ecc: ECDSA adjustments for FIPS 186-4

* cipher/ecc-curves.c: Unmark curve P-192 for FIPS.
* cipher/ecc.c: Add ECDSA self test.
* cipher/pubkey-util.c (_gcry_pk_util_init_encoding_ctx): Use SHA-2
in FIPS mode.
* tests/fipsdrv.c: Add support for ECDSA signatures.
--

Enable ECC in FIPS mode.
According to NIST SP 800-131A, curve P-192 and SHA-1 are disallowed
for key pair generation and signature generation after 2013.

Thanks to Jan Matejek for the patch.
Signed-off-by: Vitezslav Cizek <vcizek@suse.com>
Minor source code re-formatting by -wk.
cipher/ecc-curves.c
cipher/ecc.c
cipher/pubkey-util.c
src/fips.c
tests/fipsdrv.c