+2014-03-09 Niels Möller <nisse@lysator.liu.se>
+
+ * Makefile.in (hogweed_SOURCES): Added dsa-gen-params.c and
+ dsa-keygen-old.c.
+
+ * testsuite/dsa-keygen-test.c (test_main): Updated to use
+ dsa_generate_keypair_old.
+
+ * dsa.h: Update declarations for key generation functions.
+
+ * dsa-keygen.c (dsa_generate_keypair): New interface, generating
+ only a keypair, and no new parameters.
+
+ * dsa-keygen-old.c (dsa_generate_keypair_old): Implement old
+ dsa_generate_keypair interface, based on dsa_generate_params and
+ dsa_generate_keypair.
+
+ * dsa-gen-params.c (dsa_generate_params): New file and function,
+ extracted from DSA key generation.
+
2014-01-04 Niels Möller <nisse@lysator.liu.se>
* testsuite/testutils.c (test_dsa_sign): #if:ed out, unused.
rsa-encrypt.c rsa-decrypt.c rsa-decrypt-tr.c \
rsa-keygen.c rsa-compat.c rsa-blind.c \
rsa2sexp.c sexp2rsa.c \
- dsa.c dsa-sign.c dsa-verify.c dsa-keygen.c dsa-hash.c \
+ dsa.c dsa-gen-params.c \
+ dsa-sign.c dsa-verify.c dsa-keygen.c dsa-keygen-old.c \
+ dsa-hash.c \
dsa-sha1-sign.c dsa-sha1-verify.c \
dsa-sha256-sign.c dsa-sha256-verify.c \
dsa2sexp.c sexp2dsa.c \
--- /dev/null
+/* dsa-gen-params.c
+ *
+ * Generation of DSA parameters
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2002, 2013, 2014 Niels Möller
+ *
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB. If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include "dsa.h"
+
+#include "bignum.h"
+#include "nettle-internal.h"
+
+
+/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
+ (2048, 256), (3072, 256). */
+int
+dsa_generate_params(struct dsa_params *params,
+ void *random_ctx, nettle_random_func *random,
+ void *progress_ctx, nettle_progress_func *progress,
+ unsigned p_bits, unsigned q_bits)
+{
+ mpz_t r;
+ unsigned p0_bits;
+ unsigned a;
+
+ if (q_bits < 30 || p_bits < q_bits + 30)
+ return 0;
+
+ mpz_init (r);
+
+ nettle_random_prime (params->q, q_bits, 0, random_ctx, random,
+ progress_ctx, progress);
+
+ if (q_bits >= (p_bits + 2)/3)
+ _nettle_generate_pocklington_prime (params->p, r, p_bits, 0,
+ random_ctx, random,
+ params->q, NULL, params->q);
+ else
+ {
+ mpz_t p0, p0q;
+ mpz_init (p0);
+ mpz_init (p0q);
+
+ p0_bits = (p_bits + 3)/2;
+
+ nettle_random_prime (p0, p0_bits, 0,
+ random_ctx, random,
+ progress_ctx, progress);
+
+ if (progress)
+ progress (progress_ctx, 'q');
+
+ /* Generate p = 2 r q p0 + 1, such that 2^{n-1} < p < 2^n. */
+ mpz_mul (p0q, p0, params->q);
+
+ _nettle_generate_pocklington_prime (params->p, r, p_bits, 0,
+ random_ctx, random,
+ p0, params->q, p0q);
+
+ mpz_mul (r, r, p0);
+
+ mpz_clear (p0);
+ mpz_clear (p0q);
+ }
+ if (progress)
+ progress (progress_ctx, 'p');
+
+ for (a = 2; ; a++)
+ {
+ mpz_set_ui (params->g, a);
+ mpz_powm (params->g, params->g, r, params->p);
+ if (mpz_cmp_ui (params->g, 1) != 0)
+ break;
+ }
+
+ mpz_clear (r);
+
+ if (progress)
+ progress (progress_ctx, 'g');
+
+ return 1;
+}
--- /dev/null
+/* dsa-keygen.c
+ *
+ * Generation of DSA keypairs
+ */
+
+/* nettle, low-level cryptographics library
+ *
+ * Copyright (C) 2002, 2014 Niels Möller
+ *
+ * The nettle library is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2.1 of the License, or (at your
+ * option) any later version.
+ *
+ * The nettle library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with the nettle library; see the file COPYING.LIB. If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02111-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+
+#include "dsa.h"
+
+#include "bignum.h"
+
+
+/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
+ (2048, 256), (3072, 256). */
+int
+dsa_generate_keypair_old(struct dsa_public_key *pub,
+ struct dsa_private_key *key,
+ void *random_ctx, nettle_random_func *random,
+ void *progress_ctx, nettle_progress_func *progress,
+ unsigned p_bits, unsigned q_bits)
+{
+ struct dsa_params *params;
+ struct dsa_value vpub;
+ struct dsa_value vkey;
+
+ switch (q_bits)
+ {
+ case 160:
+ if (p_bits < DSA_SHA1_MIN_P_BITS)
+ return 0;
+ break;
+ case 224:
+ case 256:
+ if (p_bits < DSA_SHA256_MIN_P_BITS)
+ return 0;
+ break;
+ default:
+ return 0;
+ }
+
+ /* NOTE: Depends on identical layout! */
+ params = (struct dsa_params *) pub;
+
+ if (!dsa_generate_params (params,
+ random_ctx, random,
+ progress_ctx, progress,
+ p_bits, q_bits))
+ return 0;
+
+ dsa_value_init (&vpub, params);
+ dsa_value_init (&vkey, params);
+
+ dsa_generate_keypair (&vpub, &vkey, random_ctx, random);
+ mpz_swap (pub->y, vpub.x);
+ mpz_swap (key->x, vkey.x);
+
+ dsa_value_clear (&vpub);
+ dsa_value_clear (&vkey);
+
+ return 1;
+}
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
/* Valid sizes, according to FIPS 186-3 are (1024, 160), (2048, 224),
(2048, 256), (3072, 256). Currenty, we use only q_bits of 160 or
256. */
-int
-dsa_generate_keypair(struct dsa_public_key *pub,
- struct dsa_private_key *key,
- void *random_ctx, nettle_random_func *random,
- void *progress_ctx, nettle_progress_func *progress,
- unsigned p_bits, unsigned q_bits)
-{
- mpz_t p0, p0q, r;
- unsigned p0_bits;
- unsigned a;
-
- switch (q_bits)
- {
- case 160:
- if (p_bits < DSA_SHA1_MIN_P_BITS)
- return 0;
- break;
- case 224:
- case 256:
- if (p_bits < DSA_SHA256_MIN_P_BITS)
- return 0;
- break;
- default:
- return 0;
- }
-
- mpz_init (p0);
- mpz_init (p0q);
- mpz_init (r);
-
- nettle_random_prime (pub->q, q_bits, 0, random_ctx, random,
- progress_ctx, progress);
-
- p0_bits = (p_bits + 3)/2;
-
- nettle_random_prime (p0, p0_bits, 0,
- random_ctx, random,
- progress_ctx, progress);
-
- if (progress)
- progress (progress_ctx, 'q');
-
- /* Generate p = 2 r q p0 + 1, such that 2^{n-1} < p < 2^n.
- *
- * We select r in the range i + 1 < r <= 2i, with i = floor (2^{n-2} / (p0 q). */
-
- mpz_mul (p0q, p0, pub->q);
+void
+dsa_generate_keypair (struct dsa_value *pub,
+ struct dsa_value *key,
- _nettle_generate_pocklington_prime (pub->p, r, p_bits, 0,
- random_ctx, random,
- p0, pub->q, p0q);
-
- if (progress)
- progress (progress_ctx, 'p');
-
- mpz_mul (r, r, p0);
-
- for (a = 2; ; a++)
- {
- mpz_set_ui (pub->g, a);
- mpz_powm (pub->g, pub->g, r, pub->p);
- if (mpz_cmp_ui (pub->g, 1) != 0)
- break;
- }
+ void *random_ctx, nettle_random_func *random)
+{
+ const struct dsa_params *params;
+ mpz_t r;
- if (progress)
- progress (progress_ctx, 'g');
+ assert (pub->params == key->params);
+ params = pub->params;
- mpz_set(r, pub->q);
+ mpz_init_set(r, params->q);
mpz_sub_ui(r, r, 2);
nettle_mpz_random(key->x, random_ctx, random, r);
mpz_add_ui(key->x, key->x, 1);
-
- mpz_powm(pub->y, pub->g, key->x, pub->p);
-
- if (progress)
- progress (progress_ctx, '\n');
-
- mpz_clear (p0);
- mpz_clear (p0q);
+ mpz_powm(pub->x, params->g, key->x, params->p);
mpz_clear (r);
-
- return 1;
}
/* nettle, low-level cryptographics library
*
- * Copyright (C) 2002 Niels Möller
+ * Copyright (C) 2002, 2013, 2014 Niels Möller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
#define dsa_sha1_verify_digest nettle_dsa_sha1_verify_digest
#define dsa_sha256_sign_digest nettle_dsa_sha256_sign_digest
#define dsa_sha256_verify_digest nettle_dsa_sha256_verify_digest
+#define dsa_generate_params nettle_dsa_generate_params
#define dsa_generate_keypair nettle_dsa_generate_keypair
+#define dsa_generate_keypair_old nettle_dsa_generate_keypair_old
#define dsa_signature_from_sexp nettle_dsa_signature_from_sexp
#define dsa_keypair_to_sexp nettle_dsa_keypair_to_sexp
#define dsa_keypair_from_sexp_alist nettle_dsa_keypair_from_sexp_alist
const uint8_t *digest,
const struct dsa_signature *signature);
-void
+int
dsa_generate_params (struct dsa_params *params,
-
void *random_ctx, nettle_random_func *random,
-
void *progress_ctx, nettle_progress_func *progress,
unsigned p_bits, unsigned q_bits);
-#if 0
-int
+void
dsa_generate_keypair (struct dsa_value *pub,
struct dsa_value *key,
void *random_ctx, nettle_random_func *random);
-#endif
/* Old nettle interface, kept for backwards compatibility */
/* Key generation */
int
-dsa_generate_keypair(struct dsa_public_key *pub,
- struct dsa_private_key *key,
-
- void *random_ctx, nettle_random_func *random,
+dsa_generate_keypair_old(struct dsa_public_key *pub,
+ struct dsa_private_key *key,
- void *progress_ctx, nettle_progress_func *progress,
- unsigned p_bits, unsigned q_bits);
+ void *random_ctx, nettle_random_func *random,
+ void *progress_ctx, nettle_progress_func *progress,
+ unsigned p_bits, unsigned q_bits);
/* Keys in sexp form. */
knuth_lfib_init(&lfib, 13);
- ASSERT (dsa_generate_keypair(&pub, &key,
+ ASSERT (dsa_generate_keypair_old(&pub, &key,
&lfib,
(nettle_random_func *) knuth_lfib_random,
NULL, verbose ? progress : NULL,
test_dsa_key(&pub, &key, 160);
test_dsa160(&pub, &key, NULL);
- ASSERT (dsa_generate_keypair(&pub, &key,
+ ASSERT (dsa_generate_keypair_old(&pub, &key,
&lfib,
(nettle_random_func *) knuth_lfib_random,
NULL, verbose ? progress : NULL,
test_dsa_key(&pub, &key, 256);
test_dsa256(&pub, &key, NULL);
- ASSERT (dsa_generate_keypair(&pub, &key,
+ ASSERT (dsa_generate_keypair_old(&pub, &key,
&lfib,
(nettle_random_func *) knuth_lfib_random,
NULL, verbose ? progress : NULL,
projects / thirdparty / nettle.git / commitdiff
