pubkey: Move sexp parsing for gcry_pk_getkey to the modules.

* cipher/pubkey-util.c: New. (_gcry_pk_util_get_nbits): New. Based on code from gcry_pk_genkey. (_gcry_pk_util_get_rsa_use_e): Ditto. * cipher/pubkey.c (gcry_pk_genkey): Strip most code and pass. * cipher/rsa.c (rsa_generate): Remove args ALGO, NBITS and EVALUE. Call new fucntions to get these values. * cipher/dsa.c (dsa_generate): Remove args ALGO, NBITS and EVALUE. Call _gcry_pk_util_get_nbits to get nbits. Always parse genparms. * cipher/elgamal.c (elg_generate): Ditto. * cipher/ecc.c (ecc_generate): Ditto. Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2013-10-08 17:59:50 +0200
committer: Werner Koch <wk@gnupg.org> 2013-10-08 17:59:50 +0200
commit: 3816e46ce211e63adf46dbc775510aa137572248 (patch)
tree: 7a4e51d84d2e0f83803f5865b58c8135f4a1ca5e /cipher/dsa.c
parent: f79d3e13d3229115c47cbe5007647cb44105fe3f (diff)
download: libgcrypt-3816e46ce211e63adf46dbc775510aa137572248.tar.gz
1 files changed, 78 insertions, 82 deletions
diff --git a/cipher/dsa.c b/cipher/dsa.c
index 394800df..136d64f4 100644
--- a/cipher/dsa.c
+++ b/cipher/dsa.c
@@ -689,10 +689,11 @@ verify (gcry_mpi_t r, gcry_mpi_t s, gcry_mpi_t hash, DSA_public_key *pkey )
  *********************************************/
 
 static gcry_err_code_t
-dsa_generate (int algo, unsigned int nbits, unsigned long evalue,
-              const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
+dsa_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
 {
   gpg_err_code_t rc;
+  unsigned int nbits;
+  gcry_sexp_t domainsexp;
   DSA_secret_key sk;
   gcry_sexp_t l1;
   unsigned int qbits = 0;
@@ -705,102 +706,97 @@ dsa_generate (int algo, unsigned int nbits, unsigned long evalue,
   dsa_domain_t domain;
   gcry_mpi_t *factors = NULL;
 
-  (void)algo;    /* No need to check it.  */
-  (void)evalue;  /* Not required for DSA. */
-
   memset (&sk, 0, sizeof sk);
   memset (&domain, 0, sizeof domain);
 
-  if (genparms)
+  rc = _gcry_pk_util_get_nbits (genparms, &nbits);
+  if (rc)
+    return rc;
+
+  /* Parse the optional qbits element.  */
+  l1 = gcry_sexp_find_token (genparms, "qbits", 0);
+  if (l1)
     {
-      gcry_sexp_t domainsexp;
+      char buf[50];
+      const char *s;
+      size_t n;
 
-      /* Parse the optional qbits element.  */
-      l1 = gcry_sexp_find_token (genparms, "qbits", 0);
-      if (l1)
+      s = gcry_sexp_nth_data (l1, 1, &n);
+      if (!s || n >= DIM (buf) - 1 )
         {
-          char buf[50];
-          const char *s;
-          size_t n;
-
-          s = gcry_sexp_nth_data (l1, 1, &n);
-          if (!s || n >= DIM (buf) - 1 )
-            {
-              gcry_sexp_release (l1);
-              return GPG_ERR_INV_OBJ; /* No value or value too large.  */
-            }
-          memcpy (buf, s, n);
-          buf[n] = 0;
-          qbits = (unsigned int)strtoul (buf, NULL, 0);
           gcry_sexp_release (l1);
+          return GPG_ERR_INV_OBJ; /* No value or value too large.  */
         }
+      memcpy (buf, s, n);
+      buf[n] = 0;
+      qbits = (unsigned int)strtoul (buf, NULL, 0);
+      gcry_sexp_release (l1);
+    }
 
-      /* Parse the optional transient-key flag.  */
-      l1 = gcry_sexp_find_token (genparms, "transient-key", 0);
-      if (l1)
-        {
-          transient_key = 1;
-          gcry_sexp_release (l1);
-        }
+  /* Parse the optional transient-key flag.  */
+  l1 = gcry_sexp_find_token (genparms, "transient-key", 0);
+  if (l1)
+    {
+      transient_key = 1;
+      gcry_sexp_release (l1);
+    }
 
-      /* Get the optional derive parameters.  */
-      deriveparms = gcry_sexp_find_token (genparms, "derive-parms", 0);
+  /* Get the optional derive parameters.  */
+  deriveparms = gcry_sexp_find_token (genparms, "derive-parms", 0);
 
-      /* Parse the optional "use-fips186" flags.  */
-      l1 = gcry_sexp_find_token (genparms, "use-fips186", 0);
-      if (l1)
-        {
-          use_fips186 = 1;
-          gcry_sexp_release (l1);
-        }
-      l1 = gcry_sexp_find_token (genparms, "use-fips186-2", 0);
-      if (l1)
-        {
-          use_fips186_2 = 1;
-          gcry_sexp_release (l1);
-        }
+  /* Parse the optional "use-fips186" flags.  */
+  l1 = gcry_sexp_find_token (genparms, "use-fips186", 0);
+  if (l1)
+    {
+      use_fips186 = 1;
+      gcry_sexp_release (l1);
+    }
+  l1 = gcry_sexp_find_token (genparms, "use-fips186-2", 0);
+  if (l1)
+    {
+      use_fips186_2 = 1;
+      gcry_sexp_release (l1);
+    }
 
-      /* Check whether domain parameters are given.  */
-      domainsexp = gcry_sexp_find_token (genparms, "domain", 0);
-      if (domainsexp)
+  /* Check whether domain parameters are given.  */
+  domainsexp = gcry_sexp_find_token (genparms, "domain", 0);
+  if (domainsexp)
+    {
+      /* DERIVEPARMS can't be used together with domain parameters.
+         NBITS abnd QBITS may not be specified because there values
+         are derived from the domain parameters.  */
+      if (deriveparms || qbits || nbits)
         {
-          /* DERIVEPARMS can't be used together with domain
-             parameters.  NBITS abnd QBITS may not be specified
-             because there values are derived from the domain
-             parameters.  */
-          if (deriveparms || qbits || nbits)
-            {
-              gcry_sexp_release (domainsexp);
-              gcry_sexp_release (deriveparms);
-              return GPG_ERR_INV_VALUE;
-            }
-
-          /* Put all domain parameters into the domain object.  */
-          l1 = gcry_sexp_find_token (domainsexp, "p", 0);
-          domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
-          gcry_sexp_release (l1);
-          l1 = gcry_sexp_find_token (domainsexp, "q", 0);
-          domain.q = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
-          gcry_sexp_release (l1);
-          l1 = gcry_sexp_find_token (domainsexp, "g", 0);
-          domain.g = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
-          gcry_sexp_release (l1);
           gcry_sexp_release (domainsexp);
+          gcry_sexp_release (deriveparms);
+          return GPG_ERR_INV_VALUE;
+        }
 
-          /* Check that all domain parameters are available.  */
-          if (!domain.p || !domain.q || !domain.g)
-            {
-              gcry_mpi_release (domain.p);
-              gcry_mpi_release (domain.q);
-              gcry_mpi_release (domain.g);
-              gcry_sexp_release (deriveparms);
-              return GPG_ERR_MISSING_VALUE;
-            }
-
-          /* Get NBITS and QBITS from the domain parameters.  */
-          nbits = mpi_get_nbits (domain.p);
-          qbits = mpi_get_nbits (domain.q);
+      /* Put all domain parameters into the domain object.  */
+      l1 = gcry_sexp_find_token (domainsexp, "p", 0);
+      domain.p = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+      gcry_sexp_release (l1);
+      l1 = gcry_sexp_find_token (domainsexp, "q", 0);
+      domain.q = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+      gcry_sexp_release (l1);
+      l1 = gcry_sexp_find_token (domainsexp, "g", 0);
+      domain.g = gcry_sexp_nth_mpi (l1, 1, GCRYMPI_FMT_USG);
+      gcry_sexp_release (l1);
+      gcry_sexp_release (domainsexp);
+
+      /* Check that all domain parameters are available.  */
+      if (!domain.p || !domain.q || !domain.g)
+        {
+          gcry_mpi_release (domain.p);
+          gcry_mpi_release (domain.q);
+          gcry_mpi_release (domain.g);
+          gcry_sexp_release (deriveparms);
+          return GPG_ERR_MISSING_VALUE;
         }
+
+      /* Get NBITS and QBITS from the domain parameters.  */
+      nbits = mpi_get_nbits (domain.p);
+      qbits = mpi_get_nbits (domain.q);
     }
 
   if (deriveparms || use_fips186 || use_fips186_2 || fips_mode ())
author	Werner Koch <wk@gnupg.org>	2013-10-08 17:59:50 +0200
committer	Werner Koch <wk@gnupg.org>	2013-10-08 17:59:50 +0200
commit	3816e46ce211e63adf46dbc775510aa137572248 (patch)
tree	7a4e51d84d2e0f83803f5865b58c8135f4a1ca5e /cipher/dsa.c
parent	f79d3e13d3229115c47cbe5007647cb44105fe3f (diff)
download	libgcrypt-3816e46ce211e63adf46dbc775510aa137572248.tar.gz