From 91e1c84c95ce38b22a300a010e188074c0cbea36 Mon Sep 17 00:00:00 2001 From: qmuntal Date: Tue, 10 Dec 2024 15:47:20 +0100 Subject: [PATCH] simplify GenerateKeyDSA --- dsa.go | 29 ++++++++++++++--------------- dsa_test.go | 16 +++++++++------- 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/dsa.go b/dsa.go index c56071f5..384424c2 100644 --- a/dsa.go +++ b/dsa.go @@ -60,8 +60,8 @@ func (k *PublicKeyDSA) withKey(f func(C.GO_EVP_PKEY_PTR) C.int) C.int { return f(k._pkey) } -// GenerateDSAParameters generates a set of DSA parameters. -func GenerateDSAParameters(l, n int) (DSAParameters, error) { +// GenerateParametersDSA generates a set of DSA parameters. +func GenerateParametersDSA(l, n int) (DSAParameters, error) { // The DSA parameters are generated by creating a new DSA key and // extracting the domain parameters from it. @@ -147,35 +147,34 @@ func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) { } // GenerateKeyDSA generates a new private DSA key using the given parameters. -func GenerateKeyDSA(params DSAParameters) (*PrivateKeyDSA, error) { +func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) { pkey, err := newDSA(params, nil, nil) if err != nil { - return nil, err + return nil, nil, err } - var x, y C.GO_BIGNUM_PTR + defer C.go_openssl_EVP_PKEY_free(pkey) + var bx, by C.GO_BIGNUM_PTR switch vMajor { case 1: dsa := getDSA(pkey) if vMinor == 0 { - C.go_openssl_DSA_get0_key_backport(dsa, &y, &x) + C.go_openssl_DSA_get0_key_backport(dsa, &by, &bx) } else { - C.go_openssl_DSA_get0_key(dsa, &y, &x) + C.go_openssl_DSA_get0_key(dsa, &by, &bx) } case 3: defer func() { - C.go_openssl_BN_clear_free(x) - C.go_openssl_BN_free(y) + C.go_openssl_BN_clear_free(bx) + C.go_openssl_BN_free(by) }() - if C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY, &y) != 1 || - C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY, &x) != 1 { - return nil, newOpenSSLError("EVP_PKEY_get_bn_param") + if C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY, &by) != 1 || + C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY, &bx) != 1 { + return nil, nil, newOpenSSLError("EVP_PKEY_get_bn_param") } default: panic(errUnsupportedVersion()) } - k := &PrivateKeyDSA{params, bnToBig(x), bnToBig(y), pkey} - runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize) - return k, nil + return bnToBig(bx), bnToBig(by), nil } // SignDSA signs a hash (which should be the result of hashing a larger message). diff --git a/dsa_test.go b/dsa_test.go index 5b8b1fab..a83c51a7 100644 --- a/dsa_test.go +++ b/dsa_test.go @@ -33,13 +33,13 @@ func TestDSAGenerateParameters(t *testing.T) { if openssl.FIPS() { t.Skip("generating DSA parameters with L = 2048 is not supported in FIPS mode") } - testGenerateDSAParameters(t, test.L, test.N) + testGenerateParametersDSA(t, test.L, test.N) }) } } -func testGenerateDSAParameters(t *testing.T, L, N int) { - params, err := openssl.GenerateDSAParameters(L, N) +func testGenerateParametersDSA(t *testing.T, L, N int) { + params, err := openssl.GenerateParametersDSA(L, N) if err != nil { t.Errorf("error generating parameters: %s", err) return @@ -64,17 +64,19 @@ func testGenerateDSAParameters(t *testing.T, L, N int) { if rem.Sign() != 0 { t.Error("p-1 mod q != 0") } - x := new(big.Int).Exp(G, quo, P) - if x.Cmp(one) == 0 { + if x := new(big.Int).Exp(G, quo, P); x.Cmp(one) == 0 { t.Error("invalid generator") } - priv, err := openssl.GenerateKeyDSA(params) + x, y, err := openssl.GenerateKeyDSA(params) if err != nil { t.Errorf("error generating key: %s", err) return } - + priv, err := openssl.NewPrivateKeyDSA(params, x, y) + if err != nil { + t.Errorf("error creating key: %s", err) + } testDSASignAndVerify(t, priv) }