diff options
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | Makefile.in | 2 | ||||
| -rw-r--r-- | dsa-compat-keygen.c | 79 | ||||
| -rw-r--r-- | dsa-compat.h | 1 | ||||
| -rw-r--r-- | dsa-keygen.c | 57 | ||||
| -rw-r--r-- | dsa.h | 5 |
6 files changed, 104 insertions, 47 deletions
@@ -1,3 +1,10 @@ +2014-03-28 Niels Möller <nisse@lysator.liu.se> + + * dsa-keygen.c (dsa_generate_keypair): New interface, generating + only a keypair, and no new parameters. + * dsa-compat-keygen.c (dsa_compat_generate_keypair): New file. + Moved old key generation function here. Use dsa_generate_keypair. + 2014-03-27 Niels Möller <nisse@lysator.liu.se> * dsa-compat.c (dsa_public_key_init, dsa_public_key_clear) diff --git a/Makefile.in b/Makefile.in index fe9936b0..5fbc1eee 100644 --- a/Makefile.in +++ b/Makefile.in @@ -148,7 +148,7 @@ hogweed_SOURCES = sexp.c sexp-format.c \ rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \ rsa-keygen.c rsa-compat.c rsa-blind.c \ rsa2sexp.c sexp2rsa.c \ - dsa.c dsa-compat.c dsa-gen-params.c \ + dsa.c dsa-compat.c dsa-compat-keygen.c dsa-gen-params.c \ dsa-sign.c dsa-verify.c dsa-keygen.c dsa-hash.c \ dsa-sha1-sign.c dsa-sha1-verify.c \ dsa-sha256-sign.c dsa-sha256-verify.c \ diff --git a/dsa-compat-keygen.c b/dsa-compat-keygen.c new file mode 100644 index 00000000..390b0a62 --- /dev/null +++ b/dsa-compat-keygen.c @@ -0,0 +1,79 @@ +/* dsa-compat-keygen.c + * + * Generation of DSA keypairs + */ + +/* nettle, low-level cryptographics library + * + * Copyright (C) 2002, 2014 Niels Möller + * + * The nettle library is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation; either version 2.1 of the License, or (at your + * option) any later version. + * + * The nettle library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public + * License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with the nettle library; see the file COPYING.LIB. If not, write to + * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02111-1301, USA. + */ + +#if HAVE_CONFIG_H +# include "config.h" +#endif + +#include <assert.h> +#include <stdlib.h> + +#include "dsa-compat.h" + +#include "bignum.h" + +/* Undo name mangling */ +#undef dsa_generate_keypair +#define dsa_generate_keypair nettle_dsa_generate_keypair + +/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224), + (2048, 256), (3072, 256). */ +int +dsa_compat_generate_keypair(struct dsa_public_key *pub, + struct dsa_private_key *key, + void *random_ctx, nettle_random_func *random, + void *progress_ctx, nettle_progress_func *progress, + unsigned p_bits, unsigned q_bits) +{ + struct dsa_params *params; + + switch (q_bits) + { + case 160: + if (p_bits < DSA_SHA1_MIN_P_BITS) + return 0; + break; + case 224: + case 256: + if (p_bits < DSA_SHA256_MIN_P_BITS) + return 0; + break; + default: + return 0; + } + + /* NOTE: Depends on identical layout! */ + params = (struct dsa_params *) pub; + + if (!dsa_generate_params (params, + random_ctx, random, + progress_ctx, progress, + p_bits, q_bits)) + return 0; + + dsa_generate_keypair (params, pub->y, key->x, random_ctx, random); + + return 1; +} diff --git a/dsa-compat.h b/dsa-compat.h index 427c15d8..05e5a7ac 100644 --- a/dsa-compat.h +++ b/dsa-compat.h @@ -49,7 +49,6 @@ /* Switch meaning of dsa_generate_keypair */ #undef dsa_generate_keypair #define dsa_generate_keypair nettle_dsa_compat_generate_keypair -#define dsa_generate_keypair_new nettle_dsa_generate_keypair #ifdef __cplusplus extern "C" { diff --git a/dsa-keygen.c b/dsa-keygen.c index 794810dd..4e432c2d 100644 --- a/dsa-keygen.c +++ b/dsa-keygen.c @@ -27,62 +27,29 @@ # include "config.h" #endif -#include <assert.h> #include <stdlib.h> -#include "dsa-compat.h" +#include "dsa.h" #include "bignum.h" /* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224), - (2048, 256), (3072, 256). */ -int -dsa_generate_keypair(struct dsa_public_key *pub, - struct dsa_private_key *key, - void *random_ctx, nettle_random_func *random, - void *progress_ctx, nettle_progress_func *progress, - unsigned p_bits, unsigned q_bits) + (2048, 256), (3072, 256). Currenty, we use only q_bits of 160 or + 256. */ +void +dsa_generate_keypair (const struct dsa_params *params, + mpz_t pub, mpz_t key, + + void *random_ctx, nettle_random_func *random) { - struct dsa_params *params; mpz_t r; - switch (q_bits) - { - case 160: - if (p_bits < DSA_SHA1_MIN_P_BITS) - return 0; - break; - case 224: - case 256: - if (p_bits < DSA_SHA256_MIN_P_BITS) - return 0; - break; - default: - return 0; - } - - /* NOTE: Depends on identical layout! */ - params = (struct dsa_params *) pub; - - if (!dsa_generate_params (params, - random_ctx, random, - progress_ctx, progress, - p_bits, q_bits)) - return 0; - - mpz_init_set(r, pub->q); + mpz_init_set(r, params->q); mpz_sub_ui(r, r, 2); - nettle_mpz_random(key->x, random_ctx, random, r); + nettle_mpz_random(key, random_ctx, random, r); - mpz_add_ui(key->x, key->x, 1); - - mpz_powm(pub->y, pub->g, key->x, pub->p); - - if (progress) - progress (progress_ctx, '\n'); - + mpz_add_ui(key, key, 1); + mpz_powm(pub, params->g, key, params->p); mpz_clear (r); - - return 1; } @@ -119,6 +119,11 @@ dsa_generate_params(struct dsa_params *params, void *progress_ctx, nettle_progress_func *progress, unsigned p_bits, unsigned q_bits); +void +dsa_generate_keypair (const struct dsa_params *params, + mpz_t pub, mpz_t key, + void *random_ctx, nettle_random_func *random); + /* Keys in sexp form. */ struct nettle_buffer; |