/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#include <openssl/bn.h>
#include <openssl/rand.h>
#include <openssl/sha.h>
-#include "dsa_locl.h"
+#include "dsa_local.h"
int DSA_generate_parameters_ex(DSA *ret, int bits,
const unsigned char *seed_in, int seed_len,
goto err;
/* step 4 */
- r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
- use_random_seed, cb);
+ r = BN_check_prime(q, ctx, cb);
if (r > 0)
break;
if (r != 0)
/* step 10 */
if (BN_cmp(p, test) >= 0) {
/* step 11 */
- r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+ r = BN_check_prime(p, ctx, cb);
if (r > 0)
goto end; /* found it */
if (r != 0)
ret->p = BN_dup(p);
ret->q = BN_dup(q);
ret->g = BN_dup(g);
+ ret->dirty_cnt++;
if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
ok = 0;
goto err;
if (seed_out)
memcpy(seed_out, seed, qsize);
}
- if (ctx)
- BN_CTX_end(ctx);
+ BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_MONT_CTX_free(mont);
return ok;
if (mctx == NULL)
goto err;
+ /* make sure L > N, otherwise we'll get trapped in an infinite loop */
+ if (L <= N) {
+ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+ goto err;
+ }
+
if (evpmd == NULL) {
if (N == 160)
evpmd = EVP_sha1();
goto err;
/* step 4 */
- r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
- seed_in ? 1 : 0, cb);
+ r = BN_check_prime(q, ctx, cb);
if (r > 0)
break;
if (r != 0)
/* step 10 */
if (BN_cmp(p, test) >= 0) {
/* step 11 */
- r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+ r = BN_check_prime(p, ctx, cb);
if (r > 0)
goto end; /* found it */
if (r != 0)
ok = -1;
goto err;
}
+ ret->dirty_cnt++;
if (counter_ret != NULL)
*counter_ret = counter;
if (h_ret != NULL)
OPENSSL_free(seed);
if (seed_out != seed_tmp)
OPENSSL_free(seed_tmp);
- if (ctx)
- BN_CTX_end(ctx);
+ BN_CTX_end(ctx);
BN_CTX_free(ctx);
BN_MONT_CTX_free(mont);
EVP_MD_CTX_free(mctx);