generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

As with RSA, which was modified recently, this change makes it possible to

Browse Source 
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
This commit is contained in:
Geoff Thorpe 2003-01-15 02:01:55 +00:00
parent 08cb96bba2
commit 0e4aa0d2d2
15 changed files with 77 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.7 and 0.9.8 [xx XXX xxxx]
*) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
and DH_METHOD (eg. by ENGINE implementations) to override the normal
software implementations. For DSA and DH, parameter generation can
also be overriden by providing the appropriate method callbacks.
[Geoff Thorpe]
*) Change the "progress" mechanism used in key-generation and
primality testing to functions that take a new BN_GENCB pointer in
place of callback/argument pairs. The new API functions have "_ex"

2
crypto/dh/dh.h
View File

@ -91,6 +91,8 @@ typedef struct dh_method {
int (*finish)(DH *dh);
int flags;
char *app_data;
/* If this is non-NULL, it will be used to generate parameters */
int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
} DH_METHOD;
struct dh_st

11
crypto/dh/dh_gen.c
View File

@ -66,6 +66,15 @@
#include <openssl/bn.h>
#include <openssl/dh.h>
static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb);
int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
{
if(ret->meth->generate_params)
return ret->meth->generate_params(ret, prime_len, generator, cb);
return dh_builtin_genparams(ret, prime_len, generator, cb);
}
/* We generate DH parameters as follows
* find a prime q which is prime_len/2 bits long.
* p=(2*q)+1 or (p-1)/2 = q
@ -91,7 +100,7 @@
* It's just as OK (and in some sense better) to use a generator of the
* order-q subgroup.
*/
int DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
static int dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
{
BIGNUM *t1,*t2;
int g,ok= -1;

1
crypto/dh/dh_key.c
View File

@ -90,6 +90,7 @@ dh_bn_mod_exp,
dh_init,
dh_finish,
0,
NULL,
NULL
};

7
crypto/dsa/dsa.h
View File

@ -110,6 +110,13 @@ typedef struct dsa_method {
int (*finish)(DSA *dsa);
int flags;
char *app_data;
/* If this is non-NULL, it is used to generate DSA parameters */
int (*dsa_paramgen)(DSA *dsa, int bits,
unsigned char *seed, int seed_len,
int *counter_ret, unsigned long *h_ret,
BN_GENCB *cb);
/* If this is non-NULL, it is used to generate DSA keys */
int (*dsa_keygen)(DSA *dsa);
} DSA_METHOD;
struct dsa_st

15
crypto/dsa/dsa_gen.c
View File

@ -80,10 +80,25 @@
#include <openssl/rand.h>
#include <openssl/sha.h>
static int dsa_builtin_paramgen(DSA *ret, int bits,
unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
int DSA_generate_parameters_ex(DSA *ret, int bits,
unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{
if(ret->meth->dsa_paramgen)
return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
counter_ret, h_ret, cb);
return dsa_builtin_paramgen(ret, bits, seed_in, seed_len,
counter_ret, h_ret, cb);
}
static int dsa_builtin_paramgen(DSA *ret, int bits,
unsigned char *seed_in, int seed_len,
int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
{
int ok=0;
unsigned char seed[SHA_DIGEST_LENGTH];
unsigned char md[SHA_DIGEST_LENGTH];

9
crypto/dsa/dsa_key.c
View File

@ -64,7 +64,16 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
static int dsa_builtin_keygen(DSA *dsa);
int DSA_generate_key(DSA *dsa)
{
if(dsa->meth->dsa_keygen)
return dsa->meth->dsa_keygen(dsa);
return dsa_builtin_keygen(dsa);
}
static int dsa_builtin_keygen(DSA *dsa)
{
int ok=0;
BN_CTX *ctx=NULL;

2
crypto/dsa/dsa_ossl.c
View File

@ -89,6 +89,8 @@ dsa_bn_mod_exp,
dsa_init,
dsa_finish,
0,
NULL,
NULL,
NULL
};

5
engines/e_aep.c
View File

@ -190,7 +190,9 @@ static DSA_METHOD aep_dsa =
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL /* app_data */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
#endif
@ -205,6 +207,7 @@ static DH_METHOD aep_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif

5
engines/e_atalla.c
View File

@ -154,7 +154,9 @@ static DSA_METHOD atalla_dsa =
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL /* app_data */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
#endif
@ -169,6 +171,7 @@ static DH_METHOD atalla_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif

5
engines/e_cswift.c
View File

@ -172,7 +172,9 @@ static DSA_METHOD cswift_dsa =
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL /* app_data */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
#endif
@ -187,6 +189,7 @@ static DH_METHOD cswift_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif

1
engines/e_ncipher.c
View File

@ -201,6 +201,7 @@ static DH_METHOD hwcrhk_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif

5
engines/e_nuron.c
View File

@ -287,7 +287,9 @@ static DSA_METHOD nuron_dsa =
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL /* app_data */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
#endif
@ -301,6 +303,7 @@ static DH_METHOD nuron_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif

5
engines/e_sureware.c
View File

@ -145,7 +145,8 @@ static DH_METHOD surewarehk_dh =
NULL, /* init*/
NULL, /* finish*/
0, /* flags*/
NULL
NULL,
NULL
};
#endif
@ -194,6 +195,8 @@ static DSA_METHOD surewarehk_dsa =
NULL,/*finish*/
0,
NULL,
NULL,
NULL
};
#endif

5
engines/e_ubsec.c
View File

@ -162,7 +162,9 @@ static DSA_METHOD ubsec_dsa =
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL /* app_data */
NULL, /* app_data */
NULL, /* dsa_paramgen */
NULL /* dsa_keygen */
};
#endif
@ -177,6 +179,7 @@ static DH_METHOD ubsec_dh =
NULL,
NULL,
0,
NULL,
NULL
};
#endif