Skip to content

Commit

Permalink
crypto: use EVP_PKEY_CTX_set_dsa_paramgen_q_bits when available
Browse files Browse the repository at this point in the history
This matches the formulation described in the documentation:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_CTX_set_dsa_paramgen_q_bits.html

It is also, starting OpenSSL 3.0, more type-safe because the wrapper
macros were finally converted to real functions. In OpenSSL 3.0, it is
also no longer quite a wrapper over EVP_PKEY_CTX_ctrl, so using this
name saves some extra OSSL_PARAM <-> EVP_PKEY_CTRL conversions.

Alas, it was only backported to OpenSSL 1.1.1e, so I've left a temporary
compatibility define until you all decide to drop pre-1.1.1e releases of
1.1.1.

PR-URL: #44561
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
davidben authored and juanarbol committed Oct 11, 2022
1 parent 5854abc commit 7e07cce
Showing 1 changed file with 13 additions and 7 deletions.
20 changes: 13 additions & 7 deletions src/crypto/crypto_dsa.cc
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,17 @@

#include <cstdio>

// EVP_PKEY_CTX_set_dsa_paramgen_q_bits was added in OpenSSL 1.1.1e.
#if OPENSSL_VERSION_NUMBER < 0x1010105fL
#define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
EVP_PKEY_CTX_ctrl((ctx), \
EVP_PKEY_DSA, \
EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, \
(qbits), \
nullptr)
#endif

namespace node {

using v8::FunctionCallbackInfo;
Expand Down Expand Up @@ -39,13 +50,8 @@ EVPKeyCtxPointer DsaKeyGenTraits::Setup(DsaKeyPairGenConfig* params) {
}

if (params->params.divisor_bits != -1) {
if (EVP_PKEY_CTX_ctrl(
param_ctx.get(),
EVP_PKEY_DSA,
EVP_PKEY_OP_PARAMGEN,
EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS,
params->params.divisor_bits,
nullptr) <= 0) {
if (EVP_PKEY_CTX_set_dsa_paramgen_q_bits(
param_ctx.get(), params->params.divisor_bits) <= 0) {
return EVPKeyCtxPointer();
}
}
Expand Down

0 comments on commit 7e07cce

Please sign in to comment.