]>
Commit | Line | Data |
---|---|---|
d2e9e320 RS |
1 | /* |
2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. | |
d02b48c6 | 3 | * |
3cdbea65 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
d2e9e320 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
d02b48c6 RE |
8 | */ |
9 | ||
f41ac0ee P |
10 | /* |
11 | * DSA low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
d02b48c6 RE |
16 | #include <stdio.h> |
17 | #include <time.h> | |
b39fc560 | 18 | #include "internal/cryptlib.h" |
474e469b | 19 | #include <openssl/bn.h> |
f11f86f6 | 20 | #include "crypto/dsa.h" |
706457b7 | 21 | #include "dsa_local.h" |
d02b48c6 | 22 | |
f11f86f6 | 23 | static int dsa_builtin_keygen(OPENSSL_CTX *libctx, DSA *dsa); |
0e4aa0d2 | 24 | |
6b691a5c | 25 | int DSA_generate_key(DSA *dsa) |
0f113f3e | 26 | { |
f11f86f6 | 27 | if (dsa->meth->dsa_keygen != NULL) |
0f113f3e | 28 | return dsa->meth->dsa_keygen(dsa); |
f11f86f6 | 29 | return dsa_builtin_keygen(NULL, dsa); |
0f113f3e | 30 | } |
0e4aa0d2 | 31 | |
f11f86f6 SL |
32 | int dsa_generate_key_ctx(OPENSSL_CTX *libctx, DSA *dsa) |
33 | { | |
34 | #ifndef FIPS_MODE | |
35 | if (dsa->meth->dsa_keygen != NULL) | |
36 | return dsa->meth->dsa_keygen(dsa); | |
37 | #endif | |
38 | return dsa_builtin_keygen(libctx, dsa); | |
39 | } | |
40 | ||
41 | static int dsa_builtin_keygen(OPENSSL_CTX *libctx, DSA *dsa) | |
0f113f3e MC |
42 | { |
43 | int ok = 0; | |
44 | BN_CTX *ctx = NULL; | |
45 | BIGNUM *pub_key = NULL, *priv_key = NULL; | |
46 | ||
f11f86f6 | 47 | if ((ctx = BN_CTX_new_ex(libctx)) == NULL) |
0f113f3e | 48 | goto err; |
d02b48c6 | 49 | |
0f113f3e | 50 | if (dsa->priv_key == NULL) { |
74924dcb | 51 | if ((priv_key = BN_secure_new()) == NULL) |
0f113f3e | 52 | goto err; |
f11f86f6 | 53 | } else { |
0f113f3e | 54 | priv_key = dsa->priv_key; |
f11f86f6 | 55 | } |
d02b48c6 | 56 | |
f11f86f6 SL |
57 | if (!ffc_generate_private_key(ctx, &dsa->params, BN_num_bits(dsa->params.q), |
58 | 112, priv_key)) | |
59 | goto err; | |
d02b48c6 | 60 | |
0f113f3e MC |
61 | if (dsa->pub_key == NULL) { |
62 | if ((pub_key = BN_new()) == NULL) | |
63 | goto err; | |
f11f86f6 | 64 | } else { |
0f113f3e | 65 | pub_key = dsa->pub_key; |
f11f86f6 | 66 | } |
d02b48c6 | 67 | |
0f113f3e | 68 | { |
5584f65a | 69 | BIGNUM *prk = BN_new(); |
46a64376 | 70 | |
5584f65a MC |
71 | if (prk == NULL) |
72 | goto err; | |
73 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); | |
d02b48c6 | 74 | |
f11f86f6 | 75 | /* pub_key = g ^ priv_key mod p */ |
dc8de3e6 | 76 | if (!BN_mod_exp(pub_key, dsa->params.g, prk, dsa->params.p, ctx)) { |
5584f65a | 77 | BN_free(prk); |
0f113f3e MC |
78 | goto err; |
79 | } | |
5584f65a MC |
80 | /* We MUST free prk before any further use of priv_key */ |
81 | BN_free(prk); | |
0f113f3e | 82 | } |
d02b48c6 | 83 | |
0f113f3e MC |
84 | dsa->priv_key = priv_key; |
85 | dsa->pub_key = pub_key; | |
4889dadc | 86 | dsa->dirty_cnt++; |
0f113f3e | 87 | ok = 1; |
d02b48c6 | 88 | |
0f113f3e | 89 | err: |
23a1d5e9 | 90 | if (pub_key != dsa->pub_key) |
0f113f3e | 91 | BN_free(pub_key); |
23a1d5e9 | 92 | if (priv_key != dsa->priv_key) |
0f113f3e | 93 | BN_free(priv_key); |
23a1d5e9 | 94 | BN_CTX_free(ctx); |
26a7d938 | 95 | return ok; |
0f113f3e | 96 | } |