pkey: don't pass a seed to DSA_generate_parameters_ex()

We currently always pass 20 random bytes generated by RAND_bytes(). It is fine when generating parameters <= 1024 bits, because OpenSSL requires a seed with the same length as the prime q, which is 160 bits. FIPS 186-3 allowed the parameters to be >= 2048 bits. For them, OpenSSL generates a 256 bits long q. We can pass 32 bytes long random bytes instead, but the function is able to generate on its own. So just give NULL.
author: Kazuki Yamaguchi <k@rhe.jp> 2016-08-06 13:18:41 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2016-08-07 17:15:18 +0900
commit: 88e510ed590026df208f182ca78f558a26c08a85 (patch)
tree: 43ba9071a3c9c7dc885f31591a9061de7c0b0dae /test/test_pkey_dsa.rb
parent: aba0560a65f97bd64299035ed825d286a13fb6b0 (diff)
download: ruby-openssl-88e510ed590026df208f182ca78f558a26c08a85.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/test/test_pkey_dsa.rb b/test/test_pkey_dsa.rb
index 522cdeed..ed79e0de 100644
--- a/test/test_pkey_dsa.rb
+++ b/test/test_pkey_dsa.rb
@@ -20,6 +20,11 @@ class OpenSSL::TestPKeyDSA < OpenSSL::TestCase
     key = OpenSSL::PKey::DSA.new 256
     pem  = key.public_key.to_pem
     OpenSSL::PKey::DSA.new pem
+    if $0 == __FILE__
+      assert_nothing_raised {
+        key = OpenSSL::PKey::DSA.new 2048
+      }
+    end
   end
 
   def test_new_break
author	Kazuki Yamaguchi <k@rhe.jp>	2016-08-06 13:18:41 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2016-08-07 17:15:18 +0900
commit	88e510ed590026df208f182ca78f558a26c08a85 (patch)
tree	43ba9071a3c9c7dc885f31591a9061de7c0b0dae /test/test_pkey_dsa.rb
parent	aba0560a65f97bd64299035ed825d286a13fb6b0 (diff)
download	ruby-openssl-88e510ed590026df208f182ca78f558a26c08a85.tar.gz