diff options
| author | Geoff Thorpe <geoff@openssl.org> | 2003-01-15 02:01:55 +0000 |
|---|---|---|
| committer | Geoff Thorpe <geoff@openssl.org> | 2003-01-15 02:01:55 +0000 |
| commit | 0e4aa0d2d2807e0cbeac29b65d2b9061daed8941 (patch) | |
| tree | cec435e2a3ce007d0b1a7be92c4cf12cdc4bd1a5 /crypto | |
| parent | 08cb96bba2831a8fc3dbda697ab65d64bb05a371 (diff) | |
| download | openssl-0e4aa0d2d2807e0cbeac29b65d2b9061daed8941.tar.gz | |
As with RSA, which was modified recently, this change makes it possible to
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/dh/dh.h | 2 | ||||
| -rw-r--r-- | crypto/dh/dh_gen.c | 11 | ||||
| -rw-r--r-- | crypto/dh/dh_key.c | 1 | ||||
| -rw-r--r-- | crypto/dsa/dsa.h | 7 | ||||
| -rw-r--r-- | crypto/dsa/dsa_gen.c | 15 | ||||
| -rw-r--r-- | crypto/dsa/dsa_key.c | 9 | ||||
| -rw-r--r-- | crypto/dsa/dsa_ossl.c | 2 |
7 files changed, 46 insertions, 1 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index cab9b1493d..62dba4055c 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -91,6 +91,8 @@ typedef struct dh_method { int (*finish)(DH *dh); int flags; char *app_data; + /* If this is non-NULL, it will be used to generate parameters */ + int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb); } DH_METHOD; struct dh_st diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index a929a0f064..1f805073cf 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -66,6 +66,15 @@ #include <openssl/bn.h> #include <openssl/dh.h> +static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb); + +int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) + { + if(ret->meth->generate_params) + return ret->meth->generate_params(ret, prime_len, generator, cb); + return dh_builtin_genparams(ret, prime_len, generator, cb); + } + /* We generate DH parameters as follows * find a prime q which is prime_len/2 bits long. * p=(2*q)+1 or (p-1)/2 = q @@ -91,7 +100,7 @@ * It's just as OK (and in some sense better) to use a generator of the * order-q subgroup. */ -int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb) +static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb) { BIGNUM *t1,*t2; int g,ok= -1; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 1a0efca2c4..5e58e0032f 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -90,6 +90,7 @@ dh_bn_mod_exp, dh_init, dh_finish, 0, +NULL, NULL }; diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 7a126e486b..6ba79b01df 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -110,6 +110,13 @@ typedef struct dsa_method { int (*finish)(DSA *dsa); int flags; char *app_data; + /* If this is non-NULL, it is used to generate DSA parameters */ + int (*dsa_paramgen)(DSA *dsa, int bits, + unsigned char *seed, int seed_len, + int *counter_ret, unsigned long *h_ret, + BN_GENCB *cb); + /* If this is non-NULL, it is used to generate DSA keys */ + int (*dsa_keygen)(DSA *dsa); } DSA_METHOD; struct dsa_st diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index ca2c867089..4b9aff3689 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -80,10 +80,25 @@ #include <openssl/rand.h> #include <openssl/sha.h> +static int dsa_builtin_paramgen(DSA *ret, int bits, + unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb); + int DSA_generate_parameters_ex(DSA *ret, int bits, unsigned char *seed_in, int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) { + if(ret->meth->dsa_paramgen) + return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); + return dsa_builtin_paramgen(ret, bits, seed_in, seed_len, + counter_ret, h_ret, cb); + } + +static int dsa_builtin_paramgen(DSA *ret, int bits, + unsigned char *seed_in, int seed_len, + int *counter_ret, unsigned long *h_ret, BN_GENCB *cb) + { int ok=0; unsigned char seed[SHA_DIGEST_LENGTH]; unsigned char md[SHA_DIGEST_LENGTH]; diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index ef87c3e637..48ff1f423c 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -64,8 +64,17 @@ #include <openssl/dsa.h> #include <openssl/rand.h> +static int dsa_builtin_keygen(DSA *dsa); + int DSA_generate_key(DSA *dsa) { + if(dsa->meth->dsa_keygen) + return dsa->meth->dsa_keygen(dsa); + return dsa_builtin_keygen(dsa); + } + +static int dsa_builtin_keygen(DSA *dsa) + { int ok=0; BN_CTX *ctx=NULL; BIGNUM *pub_key=NULL,*priv_key=NULL; diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index fc35dfe1f6..313c06fa3f 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -89,6 +89,8 @@ dsa_bn_mod_exp, dsa_init, dsa_finish, 0, +NULL, +NULL, NULL }; |