// Create the OpenSSL representation of the key void OSSLDSAPublicKey::createOSSLKey() { if (dsa != NULL) return; dsa = DSA_new(); if (dsa == NULL) { ERROR_MSG("Could not create DSA object"); return; } // Use the OpenSSL implementation and not any engine #if OPENSSL_VERSION_NUMBER < 0x10100000L #ifdef WITH_FIPS if (FIPS_mode()) DSA_set_method(dsa, FIPS_dsa_openssl()); else DSA_set_method(dsa, DSA_OpenSSL()); #else DSA_set_method(dsa, DSA_OpenSSL()); #endif #else DSA_set_method(dsa, DSA_OpenSSL()); #endif BIGNUM* bn_p = OSSL::byteString2bn(p); BIGNUM* bn_q = OSSL::byteString2bn(q); BIGNUM* bn_g = OSSL::byteString2bn(g); BIGNUM* bn_pub_key = OSSL::byteString2bn(y); DSA_set0_pqg(dsa, bn_p, bn_q, bn_g); DSA_set0_key(dsa, bn_pub_key, NULL); }
// Key factory bool OSSLDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */) { // Check parameters if ((ppKeyPair == NULL) || (parameters == NULL)) { return false; } if (!parameters->areOfType(DSAParameters::type)) { ERROR_MSG("Invalid parameters supplied for DSA key generation"); return false; } DSAParameters* params = (DSAParameters*) parameters; // Generate the key-pair DSA* dsa = DSA_new(); if (dsa == NULL) { ERROR_MSG("Failed to instantiate OpenSSL DSA object"); return false; } // Use the OpenSSL implementation and not any engine DSA_set_method(dsa, DSA_get_default_method()); dsa->p = OSSL::byteString2bn(params->getP()); dsa->q = OSSL::byteString2bn(params->getQ()); dsa->g = OSSL::byteString2bn(params->getG()); if (DSA_generate_key(dsa) != 1) { ERROR_MSG("DSA key generation failed (0x%08X)", ERR_get_error()); DSA_free(dsa); return false; } // Create an asymmetric key-pair object to return OSSLDSAKeyPair* kp = new OSSLDSAKeyPair(); ((OSSLDSAPublicKey*) kp->getPublicKey())->setFromOSSL(dsa); ((OSSLDSAPrivateKey*) kp->getPrivateKey())->setFromOSSL(dsa); *ppKeyPair = kp; // Release the key DSA_free(dsa); return true; }
static PKCS11H_BOOL __pkcs11h_openssl_session_setDSA( IN const pkcs11h_openssl_session_t openssl_session, IN EVP_PKEY * evp ) { PKCS11H_BOOL ret = FALSE; DSA *dsa = NULL; _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: __pkcs11h_openssl_session_setDSA - entered openssl_session=%p, evp=%p", (void *)openssl_session, (void *)evp ); if ( (dsa = EVP_PKEY_get1_DSA (evp)) == NULL ) { _PKCS11H_LOG (PKCS11H_LOG_WARN, "PKCS#11: Cannot get DSA key"); goto cleanup; } DSA_set_method (dsa, __openssl_methods.dsa); DSA_set_ex_data (dsa, __openssl_methods.dsa_index, openssl_session); ret = TRUE; cleanup: if (dsa != NULL) { DSA_free (dsa); dsa = NULL; } _PKCS11H_DEBUG ( PKCS11H_LOG_DEBUG2, "PKCS#11: __pkcs11h_openssl_session_setDSA - return ret=%d", ret ); return ret; }