Skip to content

Commit eb51754

Browse files
qmuntalqmuntal
committed
port support openssl 3
1 parent e4b19b5 commit eb51754

File tree

3 files changed

+44
-11
lines changed

3 files changed

+44
-11
lines changed

dsa.go

Lines changed: 34 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -249,34 +249,60 @@ func newDSA3(params DSAParameters, X, Y BigInt) (C.GO_EVP_PKEY_PTR, error) {
249249
return nil, newOpenSSLError("OSSL_PARAM_BLD_new")
250250
}
251251
defer C.go_openssl_OSSL_PARAM_BLD_free(bld)
252-
selection := C.int(C.GO_EVP_PKEY_PUBLIC_KEY)
253-
pub := bigToBN(Y)
254-
defer C.go_openssl_BN_free(pub)
255-
if C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramPubKey, pub) != 1 {
252+
p, q, g := bigToBN(params.P), bigToBN(params.Q), bigToBN(params.G)
253+
defer func() {
254+
C.go_openssl_BN_free(p)
255+
C.go_openssl_BN_free(q)
256+
C.go_openssl_BN_free(g)
257+
}()
258+
if C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramP, p) != 1 ||
259+
C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramQ, q) != 1 ||
260+
C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramG, g) != 1 {
256261
return nil, newOpenSSLError("OSSL_PARAM_BLD_push_BN")
257262
}
263+
selection := C.int(C.GO_EVP_PKEY_KEYPAIR)
264+
if Y != nil {
265+
pub := bigToBN(Y)
266+
defer C.go_openssl_BN_free(pub)
267+
if C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramPubKey, pub) != 1 {
268+
return nil, newOpenSSLError("OSSL_PARAM_BLD_push_BN")
269+
}
270+
selection = C.int(C.GO_EVP_PKEY_PUBLIC_KEY)
271+
}
258272
if X != nil {
259273
priv := bigToBN(X)
260274
defer C.go_openssl_BN_clear_free(priv)
261275
if C.go_openssl_OSSL_PARAM_BLD_push_BN(bld, paramPrivKey, priv) != 1 {
262276
return nil, newOpenSSLError("OSSL_PARAM_BLD_push_BN")
263277
}
264-
selection = C.GO_EVP_PKEY_KEYPAIR
265278
}
266279
bldparams := C.go_openssl_OSSL_PARAM_BLD_to_param(bld)
267280
if bldparams == nil {
268281
return nil, newOpenSSLError("OSSL_PARAM_BLD_to_param")
269282
}
270283
defer C.go_openssl_OSSL_PARAM_free(bldparams)
271-
pkey, err := newEvpFromParams(C.GO_EVP_PKEY_EC, selection, bldparams)
284+
pkey, err := newEvpFromParams(C.GO_EVP_PKEY_DSA, selection, bldparams)
272285
if err != nil {
273286
return nil, err
274287
}
275288
if Y != nil {
276289
return pkey, nil
277290
}
278-
// Generate the key.
279-
return nil, nil
291+
// pkey doesn't contain the public/private components. We use it
292+
// as domain parameters placeholder to generate the final key.
293+
defer C.go_openssl_EVP_PKEY_free(pkey)
294+
ctx := C.go_openssl_EVP_PKEY_CTX_new_from_pkey(nil, pkey, nil)
295+
if ctx == nil {
296+
return nil, newOpenSSLError("EVP_PKEY_CTX_new_from_pkey")
297+
}
298+
if C.go_openssl_EVP_PKEY_keygen_init(ctx) != 1 {
299+
return nil, newOpenSSLError("EVP_PKEY_keygen_init")
300+
}
301+
var gkey C.GO_EVP_PKEY_PTR
302+
if C.go_openssl_EVP_PKEY_keygen(ctx, &gkey) != 1 {
303+
return nil, newOpenSSLError("EVP_PKEY_keygen")
304+
}
305+
return gkey, nil
280306
}
281307

282308
// getDSA returns the DSA from pkey.

dsa_test.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -146,9 +146,15 @@ func TestDSANewPrivateKeyWithDegenerateKeys(t *testing.T) {
146146
Q: bbig.Enc(fromHex(test.q)),
147147
G: bbig.Enc(fromHex(test.g)),
148148
}
149-
_, err := openssl.NewPrivateKeyDSA(params, bbig.Enc(fromHex(test.x)), bbig.Enc(fromHex(test.y)))
150-
if err == nil {
151-
t.Errorf("#%d: error generating key: %s", i, err)
149+
x, y := bbig.Enc(fromHex(test.x)), bbig.Enc(fromHex(test.y))
150+
priv, err := openssl.NewPrivateKeyDSA(params, x, y)
151+
if err != nil {
152+
// Some OpenSSL 1 fails to create degenerated private keys, which is fine.
153+
continue
154+
}
155+
hashed := []byte("testing")
156+
if _, err := openssl.SignDSA(priv, hashed); err == nil {
157+
t.Errorf("#%d: unexpected success", i)
152158
}
153159
}
154160
}

shims.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -285,6 +285,7 @@ DEFINEFUNC_LEGACY_1(int, EVP_PKEY_assign, (GO_EVP_PKEY_PTR pkey, int type, void
285285
DEFINEFUNC(int, EVP_PKEY_verify, (GO_EVP_PKEY_CTX_PTR ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen), (ctx, sig, siglen, tbs, tbslen)) \
286286
DEFINEFUNC(GO_EVP_PKEY_CTX_PTR, EVP_PKEY_CTX_new, (GO_EVP_PKEY_PTR arg0, GO_ENGINE_PTR arg1), (arg0, arg1)) \
287287
DEFINEFUNC(GO_EVP_PKEY_CTX_PTR, EVP_PKEY_CTX_new_id, (int id, GO_ENGINE_PTR e), (id, e)) \
288+
DEFINEFUNC_3_0(GO_EVP_PKEY_CTX_PTR, EVP_PKEY_CTX_new_from_pkey, (GO_OSSL_LIB_CTX_PTR libctx, GO_EVP_PKEY_PTR pkey, const char *propquery), (libctx, pkey, propquery)) \
288289
DEFINEFUNC(int, EVP_PKEY_paramgen_init, (GO_EVP_PKEY_CTX_PTR ctx), (ctx)) \
289290
DEFINEFUNC(int, EVP_PKEY_paramgen, (GO_EVP_PKEY_CTX_PTR ctx, GO_EVP_PKEY_PTR *ppkey), (ctx, ppkey)) \
290291
DEFINEFUNC(int, EVP_PKEY_keygen_init, (GO_EVP_PKEY_CTX_PTR ctx), (ctx)) \

0 commit comments

Comments
 (0)