crypto/rsa: revert minimum GenerateKey size to 32 bits

No point in causing breakage even with GODEBUG=rsa1024min=0.

Change-Id: I923254a8c8afaca77be551b19e3555c44ebdbb67
Reviewed-on: https://go-review.googlesource.com/c/go/+/636557
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Daniel McCarney <daniel@binaryparadox.net>

src/crypto/internal/fips140/rsa/keygen.go

@@ -13,9 +13,9 @@ import (
 )
 
 // GenerateKey generates a new RSA key pair of the given bit size.
-// bits must be at least 128.
+// bits must be at least 32.
 func GenerateKey(rand io.Reader, bits int) (*PrivateKey, error) {
-	if bits < 128 {
+	if bits < 32 {
 		return nil, errors.New("rsa: key too small")
 	}
 	fips140.RecordApproved()
@@ -93,8 +93,8 @@ func GenerateKey(rand io.Reader, bits int) (*PrivateKey, error) {
 // randomPrime returns a random prime number of the given bit size following
 // the process in FIPS 186-5, Appendix A.1.3.
 func randomPrime(rand io.Reader, bits int) ([]byte, error) {
-	if bits < 64 {
+	if bits < 16 {
-		return nil, errors.New("rsa: prime size must be at least 32-bit")
+		return nil, errors.New("rsa: prime size must be at least 16 bits")
 	}
 
 	b := make([]byte, (bits+7)/8)

src/crypto/rsa/rsa_test.go

@@ -101,7 +101,7 @@ func TestImpossibleKeyGeneration(t *testing.T) {
 	// This test ensures that trying to generate or validate toy RSA keys
 	// doesn't enter an infinite loop or panic.
 	t.Setenv("GODEBUG", "rsa1024min=0")
-	for i := 0; i < 128; i++ {
+	for i := 0; i < 32; i++ {
 		GenerateKey(rand.Reader, i)
 		GenerateMultiPrimeKey(rand.Reader, 3, i)
 		GenerateMultiPrimeKey(rand.Reader, 4, i)
@@ -184,7 +184,7 @@ func TestEverything(t *testing.T) {
 	}
 
 	t.Setenv("GODEBUG", "rsa1024min=0")
-	min := 128
+	min := 32
 	max := 560 // any smaller than this and not all tests will run
 	if *allFlag {
 		max = 2048