// Key factory
bool OSSLDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */)
{
// Check parameters
if ((ppKeyPair == NULL) ||
(parameters == NULL))
{
return false;
}
if (!parameters->areOfType(DSAParameters::type))
{
ERROR_MSG("Invalid parameters supplied for DSA key generation");
return false;
}
DSAParameters* params = (DSAParameters*) parameters;
// Generate the key-pair
DSA* dsa = DSA_new();
if (dsa == NULL)
{
ERROR_MSG("Failed to instantiate OpenSSL DSA object");
return false;
}
// Use the OpenSSL implementation and not any engine
DSA_set_method(dsa, DSA_get_default_method());
dsa->p = OSSL::byteString2bn(params->getP());
dsa->q = OSSL::byteString2bn(params->getQ());
dsa->g = OSSL::byteString2bn(params->getG());
if (DSA_generate_key(dsa) != 1)
{
ERROR_MSG("DSA key generation failed (0x%08X)", ERR_get_error());
DSA_free(dsa);
return false;
}
// Create an asymmetric key-pair object to return
OSSLDSAKeyPair* kp = new OSSLDSAKeyPair();
((OSSLDSAPublicKey*) kp->getPublicKey())->setFromOSSL(dsa);
((OSSLDSAPrivateKey*) kp->getPrivateKey())->setFromOSSL(dsa);
*ppKeyPair = kp;
// Release the key
DSA_free(dsa);
return true;
}
void DSATests::testSerialisation()
{
// Generate 1024-bit parameters for testing
DSAParameters* p;
AsymmetricParameters** ap = (AsymmetricParameters**) &p;
CPPUNIT_ASSERT(dsa->generateParameters(ap, (void*) 1024));
// Serialise the parameters
ByteString serialisedParams = p->serialise();
// Deserialise the parameters
AsymmetricParameters* dP;
CPPUNIT_ASSERT(dsa->reconstructParameters(&dP, serialisedParams));
CPPUNIT_ASSERT(dP->areOfType(DSAParameters::type));
DSAParameters* ddP = (DSAParameters*) dP;
CPPUNIT_ASSERT(p->getP() == ddP->getP());
CPPUNIT_ASSERT(p->getQ() == ddP->getQ());
CPPUNIT_ASSERT(p->getG() == ddP->getG());
// Generate a key-pair
AsymmetricKeyPair* kp;
CPPUNIT_ASSERT(dsa->generateKeyPair(&kp, dP));
// Serialise the key-pair
ByteString serialisedKP = kp->serialise();
// Deserialise the key-pair
AsymmetricKeyPair* dKP;
CPPUNIT_ASSERT(dsa->reconstructKeyPair(&dKP, serialisedKP));
// Check the deserialised key-pair
DSAPrivateKey* privKey = (DSAPrivateKey*) kp->getPrivateKey();
DSAPublicKey* pubKey = (DSAPublicKey*) kp->getPublicKey();
DSAPrivateKey* dPrivKey = (DSAPrivateKey*) dKP->getPrivateKey();
DSAPublicKey* dPubKey = (DSAPublicKey*) dKP->getPublicKey();
CPPUNIT_ASSERT(privKey->getP() == dPrivKey->getP());
CPPUNIT_ASSERT(privKey->getQ() == dPrivKey->getQ());
CPPUNIT_ASSERT(privKey->getG() == dPrivKey->getG());
CPPUNIT_ASSERT(privKey->getX() == dPrivKey->getX());
CPPUNIT_ASSERT(pubKey->getP() == dPubKey->getP());
CPPUNIT_ASSERT(pubKey->getQ() == dPubKey->getQ());
CPPUNIT_ASSERT(pubKey->getG() == dPubKey->getG());
CPPUNIT_ASSERT(pubKey->getY() == dPubKey->getY());
dsa->recycleParameters(p);
dsa->recycleParameters(dP);
dsa->recycleKeyPair(kp);
dsa->recycleKeyPair(dKP);
}
// Key factory
bool BotanDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* rng /* = NULL */)
{
// Check parameters
if ((ppKeyPair == NULL) ||
(parameters == NULL))
{
return false;
}
if (!parameters->areOfType(DSAParameters::type))
{
ERROR_MSG("Invalid parameters supplied for DSA key generation");
return false;
}
DSAParameters* params = (DSAParameters*) parameters;
// Generate the key-pair
Botan::DSA_PrivateKey* dsa = NULL;
try
{
BotanRNG* rng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
dsa = new Botan::DSA_PrivateKey(*rng->getRNG(),
Botan::DL_Group(BotanUtil::byteString2bigInt(params->getP()),
BotanUtil::byteString2bigInt(params->getQ()),
BotanUtil::byteString2bigInt(params->getG())));
}
catch (...)
{
ERROR_MSG("DSA key generation failed");
return false;
}
// Create an asymmetric key-pair object to return
BotanDSAKeyPair* kp = new BotanDSAKeyPair();
((BotanDSAPublicKey*) kp->getPublicKey())->setFromBotan(dsa);
((BotanDSAPrivateKey*) kp->getPrivateKey())->setFromBotan(dsa);
*ppKeyPair = kp;
// Release the key
delete dsa;
return true;
}
bool BotanDSA::generateParameters(AsymmetricParameters** ppParams, void* parameters /* = NULL */, RNG* rng /* = NULL*/)
{
if ((ppParams == NULL) || (parameters == NULL))
{
return false;
}
size_t bitLen = (size_t) parameters;
if (bitLen < getMinKeySize() || bitLen > getMaxKeySize())
{
ERROR_MSG("This DSA key size is not supported");
return false;
}
Botan::DL_Group* group = NULL;
// Taken from OpenSSL
size_t qLen = bitLen >= 2048 ? 256 : 160;
try
{
BotanRNG* brng = (BotanRNG*)BotanCryptoFactory::i()->getRNG();
group = new Botan::DL_Group(*brng->getRNG(), Botan::DL_Group::Prime_Subgroup, bitLen, qLen);
}
catch (...)
{
ERROR_MSG("Failed to generate %d bit DSA parameters", bitLen);
return false;
}
// Store the DSA parameters
DSAParameters* params = new DSAParameters();
ByteString p = BotanUtil::bigInt2ByteString(group->get_p());
params->setP(p);
ByteString q = BotanUtil::bigInt2ByteString(group->get_q());
params->setQ(q);
ByteString g = BotanUtil::bigInt2ByteString(group->get_g());
params->setG(g);
*ppParams = params;
delete group;
return true;
}
bool OSSLDSA::reconstructParameters(AsymmetricParameters** ppParams, ByteString& serialisedData)
{
// Check input parameters
if ((ppParams == NULL) || (serialisedData.size() == 0))
{
return false;
}
DSAParameters* params = new DSAParameters();
if (!params->deserialise(serialisedData))
{
delete params;
return false;
}
*ppParams = params;
return true;
}
bool OSSLDSA::generateParameters(AsymmetricParameters** ppParams, void* parameters /* = NULL */, RNG* /*rng = NULL*/)
{
if ((ppParams == NULL) || (parameters == NULL))
{
return false;
}
size_t bitLen = (size_t) parameters;
if (bitLen < getMinKeySize() || bitLen > getMaxKeySize())
{
ERROR_MSG("This DSA key size is not supported");
return false;
}
DSA* dsa = DSA_generate_parameters(bitLen, NULL, 0, NULL, NULL, NULL, NULL);
if (dsa == NULL)
{
ERROR_MSG("Failed to generate %d bit DSA parameters", bitLen);
return false;
}
// Store the DSA parameters
DSAParameters* params = new DSAParameters();
ByteString p = OSSL::bn2ByteString(dsa->p); params->setP(p);
ByteString q = OSSL::bn2ByteString(dsa->q); params->setQ(q);
ByteString g = OSSL::bn2ByteString(dsa->g); params->setG(g);
*ppParams = params;
DSA_free(dsa);
return true;
}
