ecc: fix curve sizes for TC26-256 gost curves

author Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Sun, 27 Oct 2019 00:08:33 +0000 (03:08 +0300)

committer Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Sun, 27 Oct 2019 00:09:47 +0000 (03:09 +0300)
author Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Sun, 27 Oct 2019 00:08:33 +0000 (03:08 +0300)
committer Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Sun, 27 Oct 2019 00:09:47 +0000 (03:09 +0300)
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c

index f07de60f7283b4a004693835cbf8bd5fd806b18e..4308e911ad5a61e99f0a2e4bdfec5efbf8d73739 100644 (file)
--- a/lib/algorithms/ecc.c
+++ b/lib/algorithms/ecc.c
@@ -164,7 +164,7 @@ gnutls_ecc_curve_entry_st ecc_curves[] = {
          .oid = "1.2.643.7.1.2.1.1.1",
          .id = GNUTLS_ECC_CURVE_GOST256A,
          .pk = GNUTLS_PK_GOST_12_256,
-        .size = 64,
+        .size = 32,
          .gost_curve = 1,
          .supported = 1,
         },
@@ -173,7 +173,7 @@ gnutls_ecc_curve_entry_st ecc_curves[] = {
          .oid = "1.2.643.7.1.2.1.1.2",
          .id = GNUTLS_ECC_CURVE_GOST256B,
          .pk = GNUTLS_PK_GOST_12_256,
-        .size = 64,
+        .size = 32,
          .gost_curve = 1,
          .supported = 1,
         },
@@ -182,7 +182,7 @@ gnutls_ecc_curve_entry_st ecc_curves[] = {
          .oid = "1.2.643.7.1.2.1.1.3",
          .id = GNUTLS_ECC_CURVE_GOST256C,
          .pk = GNUTLS_PK_GOST_12_256,
-        .size = 64,
+        .size = 32,
          .gost_curve = 1,
          .supported = 1,
         },
@@ -191,7 +191,7 @@ gnutls_ecc_curve_entry_st ecc_curves[] = {
          .oid = "1.2.643.7.1.2.1.1.4",
          .id = GNUTLS_ECC_CURVE_GOST256D,
          .pk = GNUTLS_PK_GOST_12_256,
-        .size = 64,
+        .size = 32,
          .gost_curve = 1,
          .supported = 1,
         },
diff --git a/tests/cert-tests/gost b/tests/cert-tests/gost

index a29332cf137e3e12dab1db6147e63d99c0884aa8..ff47988a6de79ec1271da1aec5b837b0a29945d7 100755 (executable)
--- a/tests/cert-tests/gost
+++ b/tests/cert-tests/gost
@@ -97,6 +97,29 @@ if [ $? != 0 ]; then
         exit 1
  fi
  
+echo "cn = End-user" > $TMPTEMPL
+
+"${CERTTOOL}" --generate-privkey --key-type gost01 --curve TC26-256-B > $TMPKEY 2>/dev/null
+
+"${CERTTOOL}" -d 2 --generate-certificate --template $TMPTEMPL \
+       --load-ca-privkey $TMPSUBCAKEY \
+       --load-ca-certificate $TMPSUBCA \
+       --load-privkey $TMPKEY \
+       --outfile $TMPUSER >$TMPFILE 2>&1
+
+if [ $? != 0 ]; then
+       cat $TMPFILE
+       exit 1
+fi
+
+cat $TMPUSER $TMPSUBCA $TMPCA > $TMPFILE
+"${CERTTOOL}" --verify-chain <$TMPFILE > $VERIFYOUT
+
+if [ $? != 0 ]; then
+       cat $VERIFYOUT
+       exit 1
+fi
+
  "${CERTTOOL}" -i < "${srcdir}"/data/grfc.crt --outfile $TMPFILE
  if [ $? != 0 ]; then
         cat $TMPFILE
author	Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
	Sun, 27 Oct 2019 00:08:33 +0000 (03:08 +0300)
committer	Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
	Sun, 27 Oct 2019 00:09:47 +0000 (03:09 +0300)
lib/algorithms/ecc.c		patch \| blob \| blame \| history
tests/cert-tests/gost		patch \| blob \| blame \| history