提交 2abaa9ca 编写于 作者: D Dr. Stephen Henson

Add support for DSA2 PQG generation of g parameter.

上级 f55f5f77
...@@ -494,22 +494,26 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ...@@ -494,22 +494,26 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
} }
mdsize = M_EVP_MD_size(evpmd); mdsize = M_EVP_MD_size(evpmd);
/* If unverificable g generation only don't need seed */
if (!ret->p || !ret->q || idx >= 0)
{
if (seed_len == 0)
seed_len = mdsize;
if (seed_len == 0) seed = OPENSSL_malloc(seed_len);
seed_len = mdsize;
seed = OPENSSL_malloc(seed_len); if (seed_out)
seed_tmp = seed_out;
else
seed_tmp = OPENSSL_malloc(seed_len);
if (seed_out) if (!seed || !seed_tmp)
seed_tmp = seed_out; goto err;
else
seed_tmp = OPENSSL_malloc(seed_len);
if (!seed || !seed_tmp) if (seed_in)
goto err; memcpy(seed, seed_in, seed_len);
if (seed_in) }
memcpy(seed, seed_in, seed_len);
if ((ctx=BN_CTX_new()) == NULL) if ((ctx=BN_CTX_new()) == NULL)
goto err; goto err;
...@@ -530,7 +534,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, ...@@ -530,7 +534,8 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
{ {
p = ret->p; p = ret->p;
q = ret->q; q = ret->q;
memcpy(seed_tmp, seed, seed_len); if (idx >= 0)
memcpy(seed_tmp, seed, seed_len);
goto g_only; goto g_only;
} }
else else
......
...@@ -123,30 +123,44 @@ static void pqg(FILE *in, FILE *out) ...@@ -123,30 +123,44 @@ static void pqg(FILE *in, FILE *out)
char *keyword, *value; char *keyword, *value;
int dsa2, L, N; int dsa2, L, N;
const EVP_MD *md = NULL; const EVP_MD *md = NULL;
BIGNUM *p = NULL, *q = NULL;
enum pqtype { PQG_NONE, PQG_PQ, PQG_G, PQG_GCANON}
pqg_type = PQG_NONE;
int seedlen=-1, idxlen, idx = -1;
unsigned char seed[1024], idtmp[1024];
while(fgets(buf,sizeof buf,in) != NULL) while(fgets(buf,sizeof buf,in) != NULL)
{ {
if (buf[0] == '[')
{
if (strstr(buf, "Probable"))
pqg_type = PQG_PQ;
else if (strstr(buf, "Unverifiable"))
pqg_type = PQG_G;
else if (strstr(buf, "Canonical"))
pqg_type = PQG_GCANON;
}
if (!parse_line(&keyword, &value, lbuf, buf)) if (!parse_line(&keyword, &value, lbuf, buf))
{ {
fputs(buf,out); fputs(buf,out);
continue; continue;
} }
fputs(buf,out);
if(!strcmp(keyword,"[mod")) if(!strcmp(keyword,"[mod"))
{ {
fputs(buf,out);
if (!parse_mod(value, &dsa2, &L, &N, &md)) if (!parse_mod(value, &dsa2, &L, &N, &md))
{ {
fprintf(stderr, "Mod Parse Error\n"); fprintf(stderr, "Mod Parse Error\n");
exit (1); exit (1);
} }
} }
else if(!strcmp(keyword,"N")) else if(!strcmp(keyword,"N")
|| (!strcmp(keyword, "Num") && pqg_type == PQG_PQ))
{ {
int n=atoi(value); int n=atoi(value);
while(n--) while(n--)
{ {
unsigned char seed[EVP_MAX_MD_SIZE];
DSA *dsa; DSA *dsa;
int counter; int counter;
unsigned long h; unsigned long h;
...@@ -169,14 +183,53 @@ static void pqg(FILE *in, FILE *out) ...@@ -169,14 +183,53 @@ static void pqg(FILE *in, FILE *out)
do_bn_print_name(out, "P",dsa->p); do_bn_print_name(out, "P",dsa->p);
do_bn_print_name(out, "Q",dsa->q); do_bn_print_name(out, "Q",dsa->q);
do_bn_print_name(out, "G",dsa->g); if (!dsa2)
OutputValue("Seed",seed, M_EVP_MD_size(md), out, 0); do_bn_print_name(out, "G",dsa->g);
fprintf(out, "c = %d\n",counter); OutputValue(dsa2 ? "domain_parameter_seed" : "Seed",
fprintf(out, "H = %lx\n\n",h); seed, M_EVP_MD_size(md), out, 0);
if (!dsa2)
{
fprintf(out, "c = %d\n",counter);
fprintf(out, "H = %lx\n\n",h);
}
else
fputs("\n", out);
} }
} }
else else if(!strcmp(keyword,"P"))
fputs(buf,out); p=hex2bn(value);
else if(!strcmp(keyword,"Q"))
q=hex2bn(value);
else if(!strcmp(keyword,"domain_parameter_seed"))
seedlen = hex2bin(value, seed);
else if(!strcmp(keyword,"index"))
{
idxlen = hex2bin(value, idtmp);
if (idxlen != 1)
{
fprintf(stderr, "Index value error\n");
exit (1);
}
idx = idtmp[0];
}
if ((idx >= 0 && pqg_type == PQG_GCANON) || (q && pqg_type == PQG_G))
{
DSA *dsa;
dsa = FIPS_dsa_new();
dsa->p = p;
dsa->q = q;
p = q = NULL;
if (dsa_builtin_paramgen2(dsa, L, N, md,
seed, seedlen, idx, NULL,
NULL, NULL, NULL) <= 0)
{
fprintf(stderr, "Parameter Generation error\n");
exit(1);
}
do_bn_print_name(out, "G",dsa->g);
FIPS_dsa_free(dsa);
idx = -1;
}
} }
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册