Commit 4f80d1d2 authored by Niels Möller's avatar Niels Möller

Make dsa_generate_keygen generate only a new key, but no new parameters.

parent 0835be21
2014-03-28 Niels Möller <nisse@lysator.liu.se>
* dsa-keygen.c (dsa_generate_keypair): New interface, generating
only a keypair, and no new parameters.
* dsa-compat-keygen.c (dsa_compat_generate_keypair): New file.
Moved old key generation function here. Use dsa_generate_keypair.
2014-03-27 Niels Möller <nisse@lysator.liu.se>
* dsa-compat.c (dsa_public_key_init, dsa_public_key_clear)
......
......@@ -148,7 +148,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \
rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \
rsa-keygen.c rsa-compat.c rsa-blind.c \
rsa2sexp.c sexp2rsa.c \
dsa.c dsa-compat.c dsa-gen-params.c \
dsa.c dsa-compat.c dsa-compat-keygen.c dsa-gen-params.c \
dsa-sign.c dsa-verify.c dsa-keygen.c dsa-hash.c \
dsa-sha1-sign.c dsa-sha1-verify.c \
dsa-sha256-sign.c dsa-sha256-verify.c \
......
/* dsa-compat-keygen.c
*
* Generation of DSA keypairs
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002, 2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02111-1301, USA.
*/
#if HAVE_CONFIG_H
# include "config.h"
#endif
#include <assert.h>
#include <stdlib.h>
#include "dsa-compat.h"
#include "bignum.h"
/* Undo name mangling */
#undef dsa_generate_keypair
#define dsa_generate_keypair nettle_dsa_generate_keypair
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
(2048, 256), (3072, 256). */
int
dsa_compat_generate_keypair(struct dsa_public_key *pub,
struct dsa_private_key *key,
void *random_ctx, nettle_random_func *random,
void *progress_ctx, nettle_progress_func *progress,
unsigned p_bits, unsigned q_bits)
{
struct dsa_params *params;
switch (q_bits)
{
case 160:
if (p_bits < DSA_SHA1_MIN_P_BITS)
return 0;
break;
case 224:
case 256:
if (p_bits < DSA_SHA256_MIN_P_BITS)
return 0;
break;
default:
return 0;
}
/* NOTE: Depends on identical layout! */
params = (struct dsa_params *) pub;
if (!dsa_generate_params (params,
random_ctx, random,
progress_ctx, progress,
p_bits, q_bits))
return 0;
dsa_generate_keypair (params, pub->y, key->x, random_ctx, random);
return 1;
}
......@@ -49,7 +49,6 @@
/* Switch meaning of dsa_generate_keypair */
#undef dsa_generate_keypair
#define dsa_generate_keypair nettle_dsa_compat_generate_keypair
#define dsa_generate_keypair_new nettle_dsa_generate_keypair
#ifdef __cplusplus
extern "C" {
......
......@@ -27,62 +27,29 @@
# include "config.h"
#endif
#include <assert.h>
#include <stdlib.h>
#include "dsa-compat.h"
#include "dsa.h"
#include "bignum.h"
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
(2048, 256), (3072, 256). */
int
dsa_generate_keypair(struct dsa_public_key *pub,
struct dsa_private_key *key,
void *random_ctx, nettle_random_func *random,
void *progress_ctx, nettle_progress_func *progress,
unsigned p_bits, unsigned q_bits)
(2048, 256), (3072, 256). Currenty, we use only q_bits of 160 or
256. */
void
dsa_generate_keypair (const struct dsa_params *params,
mpz_t pub, mpz_t key,
void *random_ctx, nettle_random_func *random)
{
struct dsa_params *params;
mpz_t r;
switch (q_bits)
{
case 160:
if (p_bits < DSA_SHA1_MIN_P_BITS)
return 0;
break;
case 224:
case 256:
if (p_bits < DSA_SHA256_MIN_P_BITS)
return 0;
break;
default:
return 0;
}
/* NOTE: Depends on identical layout! */
params = (struct dsa_params *) pub;
if (!dsa_generate_params (params,
random_ctx, random,
progress_ctx, progress,
p_bits, q_bits))
return 0;
mpz_init_set(r, pub->q);
mpz_init_set(r, params->q);
mpz_sub_ui(r, r, 2);
nettle_mpz_random(key->x, random_ctx, random, r);
nettle_mpz_random(key, random_ctx, random, r);
mpz_add_ui(key->x, key->x, 1);
mpz_powm(pub->y, pub->g, key->x, pub->p);
if (progress)
progress (progress_ctx, '\n');
mpz_add_ui(key, key, 1);
mpz_powm(pub, params->g, key, params->p);
mpz_clear (r);
return 1;
}
......@@ -119,6 +119,11 @@ dsa_generate_params(struct dsa_params *params,
void *progress_ctx, nettle_progress_func *progress,
unsigned p_bits, unsigned q_bits);
void
dsa_generate_keypair (const struct dsa_params *params,
mpz_t pub, mpz_t key,
void *random_ctx, nettle_random_func *random);
/* Keys in sexp form. */
struct nettle_buffer;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment