diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-04-15 13:02:52 +0200 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-04-15 13:02:52 +0200 |
| commit | b03ec3b5d62ee26bf8437556b9040d4141d5bdd8 (patch) | |
| tree | 1f27a892757c24efab70d2fb8f93110f71c0fbb3 /crypto/evp | |
| parent | Make sure we always send an alert in libssl if we hit a fatal error (diff) | |
| download | openssl-b03ec3b5d62ee26bf8437556b9040d4141d5bdd8.tar.xz openssl-b03ec3b5d62ee26bf8437556b9040d4141d5bdd8.zip | |
Add DSA keygen to provider
Moved some shared FFC code into the FFC files.
Added extra paramgen parameters for seed, gindex.
Fixed bug in ossl_prov util to print bignums.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11303)
Diffstat (limited to 'crypto/evp')
| -rw-r--r-- | crypto/evp/p_lib.c | 20 | ||||
| -rw-r--r-- | crypto/evp/pmeth_lib.c | 22 |
2 files changed, 31 insertions, 11 deletions
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 9f04c72330..b0163f5792 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -627,14 +627,6 @@ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) # endif # ifndef OPENSSL_NO_DSA -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) -{ - int ret = EVP_PKEY_assign_DSA(pkey, key); - if (ret) - DSA_up_ref(key); - return ret; -} - DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) { if (!evp_pkey_downgrade((EVP_PKEY *)pkey)) { @@ -648,6 +640,13 @@ DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey) return pkey->pkey.dsa; } +int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) +{ + int ret = EVP_PKEY_assign_DSA(pkey, key); + if (ret) + DSA_up_ref(key); + return ret; +} DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) { DSA *ret = EVP_PKEY_get0_DSA(pkey); @@ -655,10 +654,11 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) DSA_up_ref(ret); return ret; } -# endif +# endif /* OPENSSL_NO_DSA */ +#endif /* FIPS_MODE */ +#ifndef FIPS_MODE # ifndef OPENSSL_NO_EC - int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { int ret = EVP_PKEY_assign_EC_KEY(pkey, key); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 6a86b26ded..6d34accc3c 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -8,7 +8,7 @@ */ /* - * DH low level APIs are deprecated for public use, but still ok for + * Low level key APIs (DH etc) are deprecated for public use, but still ok for * internal use. */ #include "internal/deprecated.h" @@ -816,6 +816,18 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype, } } # endif +# ifndef OPENSSL_NO_DSA + if (keytype == EVP_PKEY_DSA) { + switch (cmd) { + case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS: + return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, p1); + case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS: + return EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, p1); + case EVP_PKEY_CTRL_DSA_PARAMGEN_MD: + return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, p2); + } + } +# endif # ifndef OPENSSL_NO_EC if (keytype == EVP_PKEY_EC) { switch (cmd) { @@ -1000,6 +1012,14 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name, name = OSSL_PKEY_PARAM_RSA_E; else if (strcmp(name, "rsa_keygen_primes") == 0) name = OSSL_PKEY_PARAM_RSA_PRIMES; +# ifndef OPENSSL_NO_DSA + else if (strcmp(name, "dsa_paramgen_bits") == 0) + name = OSSL_PKEY_PARAM_FFC_PBITS; + else if (strcmp(name, "dsa_paramgen_q_bits") == 0) + name = OSSL_PKEY_PARAM_FFC_QBITS; + else if (strcmp(name, "dsa_paramgen_md") == 0) + name = OSSL_PKEY_PARAM_FFC_DIGEST; +# endif # ifndef OPENSSL_NO_DH else if (strcmp(name, "dh_pad") == 0) name = OSSL_EXCHANGE_PARAM_PAD; |