diff --git a/ChangeLog b/ChangeLog
index 5d77d60dac7a15af87770b1ae6980f79385e51fa..b069d6303dd2feb7aa0b11116f20aefde2b596c4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2014-03-28 Niels Möller <nisse@lysator.liu.se>
+
+ * dsa-keygen.c (dsa_generate_keypair): New interface, generating
+ only a keypair, and no new parameters.
+ * dsa-compat-keygen.c (dsa_compat_generate_keypair): New file.
+ Moved old key generation function here. Use dsa_generate_keypair.
+
2014-03-27 Niels Möller <nisse@lysator.liu.se>
* dsa-compat.c (dsa_public_key_init, dsa_public_key_clear)
diff --git a/Makefile.in b/Makefile.in
index fe9936b0277003d8469687860259eef90884c214..5fbc1eee043946fbb9060674a881013b1871986e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -148,7 +148,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \
rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \
rsa-keygen.c rsa-compat.c rsa-blind.c \
rsa2sexp.c sexp2rsa.c \
- dsa.c dsa-compat.c dsa-gen-params.c \
+ dsa.c dsa-compat.c dsa-compat-keygen.c dsa-gen-params.c \
dsa-sign.c dsa-verify.c dsa-keygen.c dsa-hash.c \
dsa-sha1-sign.c dsa-sha1-verify.c \
dsa-sha256-sign.c dsa-sha256-verify.c \
diff --git a/dsa-compat-keygen.c b/dsa-compat-keygen.c
new file mode 100644
index 0000000000000000000000000000000000000000..390b0a6290a53fc3da4cbd7a1f7cad2be1b605e9
--- /dev/null
+++ b/dsa-compat-keygen.c
@@ -0,0 +1,79 @@
+/* dsa-compat-keygen.c
+ *
+ * Generation of DSA keypairs
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2002, 2014 Niels Möller
+ *
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB. If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include "dsa-compat.h"
+
+#include "bignum.h"
+
+/* Undo name mangling */
+#undef dsa_generate_keypair
+#define dsa_generate_keypair nettle_dsa_generate_keypair
+
+/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
+ (2048, 256), (3072, 256). */
+int
+dsa_compat_generate_keypair(struct dsa_public_key *pub,
+ struct dsa_private_key *key,
+ void *random_ctx, nettle_random_func *random,
+ void *progress_ctx, nettle_progress_func *progress,
+ unsigned p_bits, unsigned q_bits)
+{
+ struct dsa_params *params;
+
+ switch (q_bits)
+ {
+ case 160:
+ if (p_bits < DSA_SHA1_MIN_P_BITS)
+ return 0;
+ break;
+ case 224:
+ case 256:
+ if (p_bits < DSA_SHA256_MIN_P_BITS)
+ return 0;
+ break;
+ default:
+ return 0;
+ }
+
+ /* NOTE: Depends on identical layout! */
+ params = (struct dsa_params *) pub;
+
+ if (!dsa_generate_params (params,
+ random_ctx, random,
+ progress_ctx, progress,
+ p_bits, q_bits))
+ return 0;
+
+ dsa_generate_keypair (params, pub->y, key->x, random_ctx, random);
+
+ return 1;
+}
diff --git a/dsa-compat.h b/dsa-compat.h
index 427c15d84e232c593b0ad5bda141bd10560bdc1c..05e5a7ac1160a84d3ca68faba09efce40609f710 100644
--- a/dsa-compat.h
+++ b/dsa-compat.h
@@ -49,7 +49,6 @@
/* Switch meaning of dsa_generate_keypair */
#undef dsa_generate_keypair
#define dsa_generate_keypair nettle_dsa_compat_generate_keypair
-#define dsa_generate_keypair_new nettle_dsa_generate_keypair
#ifdef __cplusplus
extern "C" {
diff --git a/dsa-keygen.c b/dsa-keygen.c
index 794810ddcb8fd971c8937a0ff1e23af1eeb9a6e4..4e432c2d8c8ecc679e16b716259ea200e6a87250 100644
--- a/dsa-keygen.c
+++ b/dsa-keygen.c
@@ -27,62 +27,29 @@
# include "config.h"
#endif
-#include <assert.h>
#include <stdlib.h>
-#include "dsa-compat.h"
+#include "dsa.h"
#include "bignum.h"
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
- (2048, 256), (3072, 256). */
-int
-dsa_generate_keypair(struct dsa_public_key *pub,
- struct dsa_private_key *key,
- void *random_ctx, nettle_random_func *random,
- void *progress_ctx, nettle_progress_func *progress,
- unsigned p_bits, unsigned q_bits)
+ (2048, 256), (3072, 256). Currenty, we use only q_bits of 160 or
+ 256. */
+void
+dsa_generate_keypair (const struct dsa_params *params,
+ mpz_t pub, mpz_t key,
+
+ void *random_ctx, nettle_random_func *random)
{
- struct dsa_params *params;
mpz_t r;
- switch (q_bits)
- {
- case 160:
- if (p_bits < DSA_SHA1_MIN_P_BITS)
- return 0;
- break;
- case 224:
- case 256:
- if (p_bits < DSA_SHA256_MIN_P_BITS)
- return 0;
- break;
- default:
- return 0;
- }
-
- /* NOTE: Depends on identical layout! */
- params = (struct dsa_params *) pub;
-
- if (!dsa_generate_params (params,
- random_ctx, random,
- progress_ctx, progress,
- p_bits, q_bits))
- return 0;
-
- mpz_init_set(r, pub->q);
+ mpz_init_set(r, params->q);
mpz_sub_ui(r, r, 2);
- nettle_mpz_random(key->x, random_ctx, random, r);
+ nettle_mpz_random(key, random_ctx, random, r);
- mpz_add_ui(key->x, key->x, 1);
-
- mpz_powm(pub->y, pub->g, key->x, pub->p);
-
- if (progress)
- progress (progress_ctx, '\n');
-
+ mpz_add_ui(key, key, 1);
+ mpz_powm(pub, params->g, key, params->p);
mpz_clear (r);
-
- return 1;
}
diff --git a/dsa.h b/dsa.h
index 4f15e78499b1352a3ca42e99397bad5e15afa4bd..094544d7df267fd5a4625652a0f72477f713d990 100644
--- a/dsa.h
+++ b/dsa.h
@@ -119,6 +119,11 @@ dsa_generate_params(struct dsa_params *params,
void *progress_ctx, nettle_progress_func *progress,
unsigned p_bits, unsigned q_bits);
+void
+dsa_generate_keypair (const struct dsa_params *params,
+ mpz_t pub, mpz_t key,
+ void *random_ctx, nettle_random_func *random);
+
/* Keys in sexp form. */
struct nettle_buffer;