Simplify GenerateKeyDSA

dsa.go

@@ -60,8 +60,8 @@ func (k *PublicKeyDSA) withKey(f func(C.GO_EVP_PKEY_PTR) C.int) C.int {
 	return f(k._pkey)
 }
 
-// GenerateDSAParameters generates a set of DSA parameters.
-func GenerateDSAParameters(l, n int) (DSAParameters, error) {
+// GenerateParametersDSA generates a set of DSA parameters.
+func GenerateParametersDSA(l, n int) (DSAParameters, error) {
 	// The DSA parameters are generated by creating a new DSA key and
 	// extracting the domain parameters from it.
 
@@ -147,35 +147,34 @@ func NewPublicKeyDSA(params DSAParameters, y BigInt) (*PublicKeyDSA, error) {
 }
 
 // GenerateKeyDSA generates a new private DSA key using the given parameters.
-func GenerateKeyDSA(params DSAParameters) (*PrivateKeyDSA, error) {
+func GenerateKeyDSA(params DSAParameters) (x, y BigInt, err error) {
 	pkey, err := newDSA(params, nil, nil)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
-	var x, y C.GO_BIGNUM_PTR
+	defer C.go_openssl_EVP_PKEY_free(pkey)
+	var bx, by C.GO_BIGNUM_PTR
 	switch vMajor {
 	case 1:
 		dsa := getDSA(pkey)
 		if vMinor == 0 {
-			C.go_openssl_DSA_get0_key_backport(dsa, &y, &x)
+			C.go_openssl_DSA_get0_key_backport(dsa, &by, &bx)
 		} else {
-			C.go_openssl_DSA_get0_key(dsa, &y, &x)
+			C.go_openssl_DSA_get0_key(dsa, &by, &bx)
 		}
 	case 3:
 		defer func() {
-			C.go_openssl_BN_clear_free(x)
-			C.go_openssl_BN_free(y)
+			C.go_openssl_BN_clear_free(bx)
+			C.go_openssl_BN_free(by)
 		}()
-		if C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY, &y) != 1 ||
-			C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY, &x) != 1 {
-			return nil, newOpenSSLError("EVP_PKEY_get_bn_param")
+		if C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PUB_KEY, &by) != 1 ||
+			C.go_openssl_EVP_PKEY_get_bn_param(pkey, _OSSL_PKEY_PARAM_PRIV_KEY, &bx) != 1 {
+			return nil, nil, newOpenSSLError("EVP_PKEY_get_bn_param")
 		}
 	default:
 		panic(errUnsupportedVersion())
 	}
-	k := &PrivateKeyDSA{params, bnToBig(x), bnToBig(y), pkey}
-	runtime.SetFinalizer(k, (*PrivateKeyDSA).finalize)
-	return k, nil
+	return bnToBig(bx), bnToBig(by), nil
 }
 
 // SignDSA signs a hash (which should be the result of hashing a larger message).

dsa_test.go

@@ -33,13 +33,13 @@ func TestDSAGenerateParameters(t *testing.T) {
 			if openssl.FIPS() {
 				t.Skip("generating DSA parameters with L = 2048 is not supported in FIPS mode")
 			}
-			testGenerateDSAParameters(t, test.L, test.N)
+			testGenerateParametersDSA(t, test.L, test.N)
 		})
 	}
 }
 
-func testGenerateDSAParameters(t *testing.T, L, N int) {
-	params, err := openssl.GenerateDSAParameters(L, N)
+func testGenerateParametersDSA(t *testing.T, L, N int) {
+	params, err := openssl.GenerateParametersDSA(L, N)
 	if err != nil {
 		t.Errorf("error generating parameters: %s", err)
 		return
@@ -64,17 +64,19 @@ func testGenerateDSAParameters(t *testing.T, L, N int) {
 	if rem.Sign() != 0 {
 		t.Error("p-1 mod q != 0")
 	}
-	x := new(big.Int).Exp(G, quo, P)
-	if x.Cmp(one) == 0 {
+	if x := new(big.Int).Exp(G, quo, P); x.Cmp(one) == 0 {
 		t.Error("invalid generator")
 	}
 
-	priv, err := openssl.GenerateKeyDSA(params)
+	x, y, err := openssl.GenerateKeyDSA(params)
 	if err != nil {
 		t.Errorf("error generating key: %s", err)
 		return
 	}
-
+	priv, err := openssl.NewPrivateKeyDSA(params, x, y)
+	if err != nil {
+		t.Errorf("error creating key: %s", err)
+	}
 	testDSASignAndVerify(t, priv)
 }