diff options
author | Werner Koch <wk@gnupg.org> | 2013-10-08 17:59:50 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-10-08 17:59:50 +0200 |
commit | 3816e46ce211e63adf46dbc775510aa137572248 (patch) | |
tree | 7a4e51d84d2e0f83803f5865b58c8135f4a1ca5e /cipher/dsa.c | |
parent | f79d3e13d3229115c47cbe5007647cb44105fe3f (diff) | |
download | libgcrypt-3816e46ce211e63adf46dbc775510aa137572248.tar.gz |
pubkey: Move sexp parsing for gcry_pk_getkey to the modules.
* cipher/pubkey-util.c: New.
(_gcry_pk_util_get_nbits): New. Based on code from gcry_pk_genkey.
(_gcry_pk_util_get_rsa_use_e): Ditto.
* cipher/pubkey.c (gcry_pk_genkey): Strip most code and pass.
* cipher/rsa.c (rsa_generate): Remove args ALGO, NBITS and EVALUE.
Call new fucntions to get these values.
* cipher/dsa.c (dsa_generate): Remove args ALGO, NBITS and EVALUE.
Call _gcry_pk_util_get_nbits to get nbits. Always parse genparms.
* cipher/elgamal.c (elg_generate): Ditto.
* cipher/ecc.c (ecc_generate): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/dsa.c')
-rw-r--r-- | cipher/dsa.c | 160 |
1 files changed, 78 insertions, 82 deletions
diff --git a/cipher/dsa.c b/cipher/dsa.c index 394800df..136d64f4 100644 --- a/cipher/dsa.c +++ b/cipher/dsa.c @@ -689,10 +689,11 @@ verify (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t hash, DSA_public_key *pkey ) *********************************************/ static gcry_err_code_t -dsa_generate (int algo, unsigned int nbits, unsigned long evalue, - const gcry_sexp_t genparms, gcry_sexp_t *r_skey) +dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) { gpg_err_code_t rc; + unsigned int nbits; + gcry_sexp_t domainsexp; DSA_secret_key sk; gcry_sexp_t l1; unsigned int qbits = 0; @@ -705,102 +706,97 @@ dsa_generate (int algo, unsigned int nbits, unsigned long evalue, dsa_domain_t domain; gcry_mpi_t *factors = NULL; - (void)algo; /* No need to check it. */ - (void)evalue; /* Not required for DSA. */ - memset (&sk, 0, sizeof sk); memset (&domain, 0, sizeof domain); - if (genparms) + rc = _gcry_pk_util_get_nbits (genparms, &nbits); + if (rc) + return rc; + + /* Parse the optional qbits element. */ + l1 = gcry_sexp_find_token (genparms, "qbits", 0); + if (l1) { - gcry_sexp_t domainsexp; + char buf[50]; + const char *s; + size_t n; - /* Parse the optional qbits element. */ - l1 = gcry_sexp_find_token (genparms, "qbits", 0); - if (l1) + s = gcry_sexp_nth_data (l1, 1, &n); + if (!s || n >= DIM (buf) - 1 ) { - char buf[50]; - const char *s; - size_t n; - - s = gcry_sexp_nth_data (l1, 1, &n); - if (!s || n >= DIM (buf) - 1 ) - { - gcry_sexp_release (l1); - return GPG_ERR_INV_OBJ; /* No value or value too large. */ - } - memcpy (buf, s, n); - buf[n] = 0; - qbits = (unsigned int)strtoul (buf, NULL, 0); gcry_sexp_release (l1); + return GPG_ERR_INV_OBJ; /* No value or value too large. */ } + memcpy (buf, s, n); + buf[n] = 0; + qbits = (unsigned int)strtoul (buf, NULL, 0); + gcry_sexp_release (l1); + } - /* Parse the optional transient-key flag. */ - l1 = gcry_sexp_find_token (genparms, "transient-key", 0); - if (l1) - { - transient_key = 1; - gcry_sexp_release (l1); - } + /* Parse the optional transient-key flag. */ + l1 = gcry_sexp_find_token (genparms, "transient-key", 0); + if (l1) + { + transient_key = 1; + gcry_sexp_release (l1); + } - /* Get the optional derive parameters. */ - deriveparms = gcry_sexp_find_token (genparms, "derive-parms", 0); + /* Get the optional derive parameters. */ + deriveparms = gcry_sexp_find_token (genparms, "derive-parms", 0); - /* Parse the optional "use-fips186" flags. */ - l1 = gcry_sexp_find_token (genparms, "use-fips186", 0); - if (l1) - { - use_fips186 = 1; - gcry_sexp_release (l1); - } - l1 = gcry_sexp_find_token (genparms, "use-fips186-2", 0); - if (l1) - { - use_fips186_2 = 1; - gcry_sexp_release (l1); - } + /* Parse the optional "use-fips186" flags. */ + l1 = gcry_sexp_find_token (genparms, "use-fips186", 0); + if (l1) + { + use_fips186 = 1; + gcry_sexp_release (l1); + } + l1 = gcry_sexp_find_token (genparms, "use-fips186-2", 0); + if (l1) + { + use_fips186_2 = 1; + gcry_sexp_release (l1); + } - /* Check whether domain parameters are given. */ - domainsexp = gcry_sexp_find_token (genparms, "domain", 0); - if (domainsexp) + /* Check whether domain parameters are given. */ + domainsexp = gcry_sexp_find_token (genparms, "domain", 0); + if (domainsexp) + { + /* DERIVEPARMS can't be used together with domain parameters. + NBITS abnd QBITS may not be specified because there values + are derived from the domain parameters. */ + if (deriveparms || qbits || nbits) { - /* DERIVEPARMS can't be used together with domain - parameters. NBITS abnd QBITS may not be specified - because there values are derived from the domain - parameters. */ - if (deriveparms || qbits || nbits) - { - gcry_sexp_release (domainsexp); - gcry_sexp_release (deriveparms); - return GPG_ERR_INV_VALUE; - } - - /* Put all domain parameters into the domain object. */ - l1 = gcry_sexp_find_token (domainsexp, "p", 0); - domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l1); - l1 = gcry_sexp_find_token (domainsexp, "q", 0); - domain.q = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l1); - l1 = gcry_sexp_find_token (domainsexp, "g", 0); - domain.g = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l1); gcry_sexp_release (domainsexp); + gcry_sexp_release (deriveparms); + return GPG_ERR_INV_VALUE; + } - /* Check that all domain parameters are available. */ - if (!domain.p || !domain.q || !domain.g) - { - gcry_mpi_release (domain.p); - gcry_mpi_release (domain.q); - gcry_mpi_release (domain.g); - gcry_sexp_release (deriveparms); - return GPG_ERR_MISSING_VALUE; - } - - /* Get NBITS and QBITS from the domain parameters. */ - nbits = mpi_get_nbits (domain.p); - qbits = mpi_get_nbits (domain.q); + /* Put all domain parameters into the domain object. */ + l1 = gcry_sexp_find_token (domainsexp, "p", 0); + domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (l1); + l1 = gcry_sexp_find_token (domainsexp, "q", 0); + domain.q = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (l1); + l1 = gcry_sexp_find_token (domainsexp, "g", 0); + domain.g = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (l1); + gcry_sexp_release (domainsexp); + + /* Check that all domain parameters are available. */ + if (!domain.p || !domain.q || !domain.g) + { + gcry_mpi_release (domain.p); + gcry_mpi_release (domain.q); + gcry_mpi_release (domain.g); + gcry_sexp_release (deriveparms); + return GPG_ERR_MISSING_VALUE; } + + /* Get NBITS and QBITS from the domain parameters. */ + nbits = mpi_get_nbits (domain.p); + qbits = mpi_get_nbits (domain.q); } if (deriveparms || use_fips186 || use_fips186_2 || fips_mode ()) |