Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
crypto: use EVP_PKEY_CTX_set_dsa_paramgen_q_bits when available
This matches the formulation described in the documentation:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_CTX_set_dsa_paramgen_q_bits.html

It is also, starting OpenSSL 3.0, more type-safe because the wrapper
macros were finally converted to real functions. In OpenSSL 3.0, it is
also no longer quite a wrapper over EVP_PKEY_CTX_ctrl, so using this
name saves some extra OSSL_PARAM <-> EVP_PKEY_CTRL conversions.

Alas, it was only backported to OpenSSL 1.1.1e, so I've left a temporary
compatibility define until you all decide to drop pre-1.1.1e releases of
1.1.1.
  • Loading branch information
davidben committed Sep 7, 2022
commit ec31a076856d75c49d0be1c1d85544983c0d57b3
20 changes: 13 additions & 7 deletions src/crypto/crypto_dsa.cc
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,17 @@

#include <cstdio>

// EVP_PKEY_CTX_set_dsa_paramgen_q_bits was added in OpenSSL 1.1.1e.
#if OPENSSL_VERSION_NUMBER < 0x1010105fL
#define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits) \
EVP_PKEY_CTX_ctrl((ctx), \
EVP_PKEY_DSA, \
EVP_PKEY_OP_PARAMGEN, \
EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, \
(qbits), \
nullptr)
#endif

namespace node {

using v8::FunctionCallbackInfo;
Expand Down Expand Up @@ -39,13 +50,8 @@ EVPKeyCtxPointer DsaKeyGenTraits::Setup(DsaKeyPairGenConfig* params) {
}

if (params->params.divisor_bits != -1) {
if (EVP_PKEY_CTX_ctrl(
param_ctx.get(),
EVP_PKEY_DSA,
EVP_PKEY_OP_PARAMGEN,
EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS,
params->params.divisor_bits,
nullptr) <= 0) {
if (EVP_PKEY_CTX_set_dsa_paramgen_q_bits(
param_ctx.get(), params->params.divisor_bits) <= 0) {
return EVPKeyCtxPointer();
}
}
Expand Down