Restore P>Q in RSA key generation (#558)
The PKCS#1 standard says nothing about the relation between P and Q
but many libraries guarantee P>Q and mbed TLS did so too in earlier
versions.
This commit restores this behaviour.
diff --git a/tests/suites/test_suite_rsa.data b/tests/suites/test_suite_rsa.data
index 720a5dd..e4bc89e 100644
--- a/tests/suites/test_suite_rsa.data
+++ b/tests/suites/test_suite_rsa.data
@@ -361,7 +361,7 @@
rsa_gen_key:2048:3:0
RSA Generate Key - 1025 bit key
-rsa_gen_key:1025:3:0
+rsa_gen_key:1025:3:POLARSSL_ERR_RSA_BAD_INPUT_DATA
RSA PKCS1 Encrypt Bad RNG
depends_on:POLARSSL_PKCS1_V15
diff --git a/tests/suites/test_suite_rsa.function b/tests/suites/test_suite_rsa.function
index 45d5723..d4f3308 100644
--- a/tests/suites/test_suite_rsa.function
+++ b/tests/suites/test_suite_rsa.function
@@ -668,14 +668,17 @@
entropy_init( &entropy );
TEST_ASSERT( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
- (const unsigned char *) pers, strlen( pers ) ) == 0 );
+ (const unsigned char *) pers,
+ strlen( pers ) ) == 0 );
rsa_init( &ctx, 0, 0 );
- TEST_ASSERT( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, nrbits, exponent ) == result );
+ TEST_ASSERT( rsa_gen_key( &ctx, ctr_drbg_random, &ctr_drbg, nrbits,
+ exponent ) == result );
if( result == 0 )
{
TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
+ TEST_ASSERT( mpi_cmp_mpi( &ctx.P, &ctx.Q ) > 0 );
}
exit: