root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/crypto/evp/dsa_ctrl.c

133 lines
3.9 KiB
C
Raw Normal View History

EVP_PKEY & DSA: Make DSA EVP_PKEY_CTX parameter ctrls / setters more available EVP_PKEY_CTX_set_dsa_ functions were only available when DSA was enabled ('no-dsa' not configured). However, that makes it impossible to use these functions with an engine or a provider that happens to implement DSA. This change solves that problem by shuffling these functions to more appropriate places. Fixes #13529 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13530)
2020-11-26 18:58:56 +08:00
/*
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
2021-03-11 21:27:36 +08:00
* Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
EVP_PKEY & DSA: Make DSA EVP_PKEY_CTX parameter ctrls / setters more available EVP_PKEY_CTX_set_dsa_ functions were only available when DSA was enabled ('no-dsa' not configured). However, that makes it impossible to use these functions with an engine or a provider that happens to implement DSA. This change solves that problem by shuffling these functions to more appropriate places. Fixes #13529 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13530)
2020-11-26 18:58:56 +08:00
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdlib.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/dsa.h>
#include <openssl/evp.h>
#include "crypto/evp.h"
static int dsa_paramgen_check(EVP_PKEY_CTX *ctx)
{
if (ctx == NULL || !EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
/* Uses the same return values as EVP_PKEY_CTX_ctrl */
return -2;
}
/* If key type not DSA return error */
if (ctx->pmeth != NULL && ctx->pmeth->pkey_id != EVP_PKEY_DSA)
return -1;
return 1;
}
int EVP_PKEY_CTX_set_dsa_paramgen_type(EVP_PKEY_CTX *ctx, const char *name)
{
int ret;
OSSL_PARAM params[2], *p = params;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_TYPE,
(char *)name, 0);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
int EVP_PKEY_CTX_set_dsa_paramgen_gindex(EVP_PKEY_CTX *ctx, int gindex)
{
int ret;
OSSL_PARAM params[2], *p = params;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_int(OSSL_PKEY_PARAM_FFC_GINDEX, &gindex);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
int EVP_PKEY_CTX_set_dsa_paramgen_seed(EVP_PKEY_CTX *ctx,
const unsigned char *seed,
size_t seedlen)
{
int ret;
OSSL_PARAM params[2], *p = params;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_FFC_SEED,
(void *)seed, seedlen);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits)
{
int ret;
OSSL_PARAM params[2], *p = params;
size_t bits = nbits;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_PBITS, &bits);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits)
{
int ret;
OSSL_PARAM params[2], *p = params;
size_t bits2 = qbits;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_size_t(OSSL_PKEY_PARAM_FFC_QBITS, &bits2);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
int EVP_PKEY_CTX_set_dsa_paramgen_md_props(EVP_PKEY_CTX *ctx,
const char *md_name,
const char *md_properties)
{
int ret;
OSSL_PARAM params[3], *p = params;
if ((ret = dsa_paramgen_check(ctx)) <= 0)
return ret;
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST,
(char *)md_name, 0);
if (md_properties != NULL)
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_FFC_DIGEST_PROPS,
(char *)md_properties, 0);
*p++ = OSSL_PARAM_construct_end();
return EVP_PKEY_CTX_set_params(ctx, params);
}
#if !defined(FIPS_MODULE)
int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
{
Cleanup of some of the EVP_PKEY_CTX_ctrl related TODOs Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14290)
2021-02-23 23:52:49 +08:00
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, (void *)(md));
EVP_PKEY & DSA: Make DSA EVP_PKEY_CTX parameter ctrls / setters more available EVP_PKEY_CTX_set_dsa_ functions were only available when DSA was enabled ('no-dsa' not configured). However, that makes it impossible to use these functions with an engine or a provider that happens to implement DSA. This change solves that problem by shuffling these functions to more appropriate places. Fixes #13529 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13530)
2020-11-26 18:58:56 +08:00
}
#endif