projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| d2e9e320 | 1 | /* |
| f11f86f6 | 2 | * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. |
| 0f113f3e | 3 | * |
| 3cdbea65 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
| d2e9e320 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at | |
| 7 | * https://www.openssl.org/source/license.html | |
| d02b48c6 RE |
8 | */ |
| 9 | ||
| f41ac0ee P |
10 | /* |
| 11 | * DSA low level APIs are deprecated for public use, but still ok for | |
| 12 | * internal use. | |
| 13 | */ | |
| 14 | #include "internal/deprecated.h" | |
| 15 | ||
| 3c27208f | 16 | #include <openssl/opensslconf.h> |
| 474e469b | 17 | #include <stdio.h> |
| b39fc560 | 18 | #include "internal/cryptlib.h" |
| 474e469b RS |
19 | #include <openssl/evp.h> |
| 20 | #include <openssl/bn.h> | |
| 21 | #include <openssl/rand.h> | |
| 22 | #include <openssl/sha.h> | |
| f11f86f6 | 23 | #include "crypto/dsa.h" |
| 706457b7 | 24 | #include "dsa_local.h" |
| 0e4aa0d2 | 25 | |
| f11f86f6 SL |
26 | int dsa_generate_ffc_parameters(OPENSSL_CTX *libctx, DSA *dsa, int type, |
| 27 | int pbits, int qbits, int gindex, | |
| 28 | BN_GENCB *cb) | |
| 0f113f3e | 29 | { |
| f11f86f6 | 30 | int ret = 0, res; |
| 0f113f3e | 31 | |
| f11f86f6 SL |
32 | if (qbits <= 0) { |
| 33 | const EVP_MD *evpmd = pbits >= 2048 ? EVP_sha256() : EVP_sha1(); | |
| 34 | ||
| 35 | qbits = EVP_MD_size(evpmd) * 8; | |
| 0f113f3e | 36 | } |
| f11f86f6 SL |
37 | dsa->params.gindex = gindex; |
| 38 | #ifndef FIPS_MODE | |
| 39 | if (type == DSA_PARAMGEN_TYPE_FIPS_186_2) | |
| 40 | ret = ffc_params_FIPS186_2_generate(libctx, &dsa->params, | |
| 41 | FFC_PARAM_TYPE_DSA, | |
| 42 | pbits, qbits, NULL, &res, cb); | |
| 43 | else | |
| 44 | #endif | |
| 45 | ret = ffc_params_FIPS186_4_generate(libctx, &dsa->params, | |
| 46 | FFC_PARAM_TYPE_DSA, | |
| 47 | pbits, qbits, NULL, &res, cb); | |
| 48 | if (ret > 0) | |
| 49 | dsa->dirty_cnt++; | |
| 50 | return ret; | |
| 0f113f3e | 51 | } |
| 0e4aa0d2 | 52 | |
| f11f86f6 SL |
53 | int dsa_generate_parameters_ctx(OPENSSL_CTX *libctx, DSA *dsa, int bits, |
| 54 | const unsigned char *seed_in, int seed_len, | |
| 55 | int *counter_ret, unsigned long *h_ret, | |
| 56 | BN_GENCB *cb) | |
| 0f113f3e | 57 | { |
| f11f86f6 SL |
58 | #ifndef FIPS_MODE |
| 59 | if (dsa->meth->dsa_paramgen) | |
| 60 | return dsa->meth->dsa_paramgen(dsa, bits, seed_in, seed_len, | |
| 61 | counter_ret, h_ret, cb); | |
| 62 | #endif | |
| 63 | if (seed_in != NULL | |
| 64 | && !ffc_params_set_validate_params(&dsa->params, seed_in, seed_len, -1)) | |
| 0f113f3e MC |
65 | return 0; |
| 66 | ||
| f11f86f6 SL |
67 | #ifndef FIPS_MODE |
| 68 | /* The old code used FIPS 186-2 DSA Parameter generation */ | |
| 69 | if (bits <= 1024 && seed_len == 20) { | |
| 70 | if (!dsa_generate_ffc_parameters(libctx, dsa, | |
| 71 | DSA_PARAMGEN_TYPE_FIPS_186_2, | |
| 72 | bits, 160, -1, cb)) | |
| 73 | return 0; | |
| 74 | } else | |
| 75 | #endif | |
| 76 | { | |
| 77 | if (!dsa_generate_ffc_parameters(libctx, dsa, | |
| 78 | DSA_PARAMGEN_TYPE_FIPS_186_4, | |
| 79 | bits, -1, -1, cb)) | |
| f00a10b8 | 80 | return 0; |
| 0f113f3e MC |
81 | } |
| 82 | ||
| f11f86f6 SL |
83 | if (counter_ret != NULL) |
| 84 | *counter_ret = dsa->params.pcounter; | |
| 85 | if (h_ret != NULL) | |
| 86 | *h_ret = dsa->params.h; | |
| 87 | return 1; | |
| 0f113f3e MC |
88 | } |
| 89 | ||
| f11f86f6 SL |
90 | int DSA_generate_parameters_ex(DSA *dsa, int bits, |
| 91 | const unsigned char *seed_in, int seed_len, | |
| 92 | int *counter_ret, unsigned long *h_ret, | |
| 93 | BN_GENCB *cb) | |
| 0f113f3e | 94 | { |
| f11f86f6 SL |
95 | return dsa_generate_parameters_ctx(NULL, dsa, bits, |
| 96 | seed_in, seed_len, | |
| 97 | counter_ret, h_ret, cb); | |
| 0f113f3e | 98 | } |