projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Deprecate the low level DSA functions.
[openssl.git]
/
crypto
/
dsa
/
dsa_pmeth.c
diff --git
a/crypto/dsa/dsa_pmeth.c
b/crypto/dsa/dsa_pmeth.c
index cfba91ca08167ccbee21e12d4f75c39c81eef924..008a607bc664f1f2e3d18641a5b4c64e72c3ff34 100644
(file)
--- a/
crypto/dsa/dsa_pmeth.c
+++ b/
crypto/dsa/dsa_pmeth.c
@@
-7,21
+7,27
@@
* https://www.openssl.org/source/license.html
*/
* https://www.openssl.org/source/license.html
*/
+/*
+ * DSA low level APIs are deprecated for public use, but still ok for
+ * internal use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/bn.h>
-#include "
internal/evp_int
.h"
-#include "dsa_locl.h"
+#include "
crypto/evp
.h"
+#include "dsa_loc
a
l.h"
/* DSA pkey context structure */
typedef struct {
/* Parameter gen parameters */
/* DSA pkey context structure */
typedef struct {
/* Parameter gen parameters */
- int nbits; /* size of p in bits (default:
1024
) */
- int qbits; /* size of q in bits (default:
160
) */
+ int nbits; /* size of p in bits (default:
2048
) */
+ int qbits; /* size of q in bits (default:
224
) */
const EVP_MD *pmd; /* MD for parameter generation */
/* Keygen callback info */
int gentmp[2];
const EVP_MD *pmd; /* MD for parameter generation */
/* Keygen callback info */
int gentmp[2];
@@
-35,8
+41,8
@@
static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
if (dctx == NULL)
return 0;
if (dctx == NULL)
return 0;
- dctx->nbits =
1024
;
- dctx->qbits =
160
;
+ dctx->nbits =
2048
;
+ dctx->qbits =
224
;
dctx->pmd = NULL;
dctx->md = NULL;
dctx->pmd = NULL;
dctx->md = NULL;
@@
-138,7
+144,11
@@
static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
- EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha512 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha3_224 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha3_256 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha3_384 &&
+ EVP_MD_type((const EVP_MD *)p2) != NID_sha3_512) {
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
return 0;
}
@@
-193,7
+203,7
@@
static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
DSA *dsa = NULL;
DSA_PKEY_CTX *dctx = ctx->data;
BN_GENCB *pcb;
DSA *dsa = NULL;
DSA_PKEY_CTX *dctx = ctx->data;
BN_GENCB *pcb;
- int ret;
+ int ret
, res
;
if (ctx->pkey_gencb) {
pcb = BN_GENCB_new();
if (ctx->pkey_gencb) {
pcb = BN_GENCB_new();
@@
-207,8
+217,9
@@
static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
BN_GENCB_free(pcb);
return 0;
}
BN_GENCB_free(pcb);
return 0;
}
- ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
- NULL, 0, NULL, NULL, NULL, pcb);
+ ret = ffc_params_FIPS186_4_generate(NULL, &dsa->params, FFC_PARAM_TYPE_DSA,
+ dctx->nbits, dctx->qbits, dctx->pmd,
+ &res, pcb);
BN_GENCB_free(pcb);
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
BN_GENCB_free(pcb);
if (ret)
EVP_PKEY_assign_DSA(pkey, dsa);
@@
-235,7
+246,7
@@
static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
return DSA_generate_key(pkey->pkey.dsa);
}
return DSA_generate_key(pkey->pkey.dsa);
}
-const EVP_PKEY_METHOD dsa_pkey_meth = {
+
static
const EVP_PKEY_METHOD dsa_pkey_meth = {
EVP_PKEY_DSA,
EVP_PKEY_FLAG_AUTOARGLEN,
pkey_dsa_init,
EVP_PKEY_DSA,
EVP_PKEY_FLAG_AUTOARGLEN,
pkey_dsa_init,
@@
-267,3
+278,8
@@
const EVP_PKEY_METHOD dsa_pkey_meth = {
pkey_dsa_ctrl,
pkey_dsa_ctrl_str
};
pkey_dsa_ctrl,
pkey_dsa_ctrl_str
};
+
+const EVP_PKEY_METHOD *dsa_pkey_method(void)
+{
+ return &dsa_pkey_meth;
+}