diff options
| author | daurnimator <quae@daurnimator.com> | 2017-08-31 00:59:11 +1000 |
|---|---|---|
| committer | daurnimator <quae@daurnimator.com> | 2017-08-31 01:09:55 +1000 |
| commit | 2f09a2946403782c5b2418103deb4c964810ca1e (patch) | |
| tree | 73eb27319eb503b82da72537c9465f63bbe4f296 | |
| parent | 2b86d68fd92a387dcbc3c9c62fa380c8d2a2e4aa (diff) | |
| download | luaossl-2f09a2946403782c5b2418103deb4c964810ca1e.tar.gz luaossl-2f09a2946403782c5b2418103deb4c964810ca1e.tar.bz2 luaossl-2f09a2946403782c5b2418103deb4c964810ca1e.zip | |
Use 'generator' parameter for picking generator for DH keys (rather than 'exp'). Change default value to 2.
2 is the default generator for openssl; the number is a mostly arbitrary choice, and smaller values are faster.
| -rw-r--r-- | doc/luaossl.pdf | bin | 300041 -> 300085 bytes | |||
| -rw-r--r-- | doc/luaossl.tex | 4 | ||||
| -rw-r--r-- | src/openssl.c | 10 |
3 files changed, 9 insertions, 5 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf index 81142cb..81112d9 100644 --- a/doc/luaossl.pdf +++ b/doc/luaossl.pdf | |||
| Binary files differ | |||
diff --git a/doc/luaossl.tex b/doc/luaossl.tex index 7bb85df..5ac7761 100644 --- a/doc/luaossl.tex +++ b/doc/luaossl.tex | |||
| @@ -284,7 +284,9 @@ field & type:default & description\\\hline | |||
| 284 | 284 | ||
| 285 | .bits & number:1024 & private key size \\ | 285 | .bits & number:1024 & private key size \\ |
| 286 | 286 | ||
| 287 | .exp & number:65537 & RSA or Diffie-Hellman exponent \\ | 287 | .exp & number:65537 & RSA exponent \\ |
| 288 | |||
| 289 | .generator & number:2 & Diffie-Hellman generator \\ | ||
| 288 | 290 | ||
| 289 | .dhparam & string & PEM encoded string with precomputed DH parameters \\ | 291 | .dhparam & string & PEM encoded string with precomputed DH parameters \\ |
| 290 | 292 | ||
diff --git a/src/openssl.c b/src/openssl.c index 0760c35..0354666 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -3212,6 +3212,7 @@ static int pk_new(lua_State *L) { | |||
| 3212 | int type = EVP_PKEY_RSA; | 3212 | int type = EVP_PKEY_RSA; |
| 3213 | unsigned bits = 1024; | 3213 | unsigned bits = 1024; |
| 3214 | unsigned exp = 65537; | 3214 | unsigned exp = 65537; |
| 3215 | int generator = 2; | ||
| 3215 | int curve = NID_X9_62_prime192v1; | 3216 | int curve = NID_X9_62_prime192v1; |
| 3216 | const char *id; | 3217 | const char *id; |
| 3217 | const char *dhparam = NULL; | 3218 | const char *dhparam = NULL; |
| @@ -3264,9 +3265,10 @@ static int pk_new(lua_State *L) { | |||
| 3264 | bits = (unsigned)n; | 3265 | bits = (unsigned)n; |
| 3265 | } | 3266 | } |
| 3266 | 3267 | ||
| 3267 | if (loadfield(L, 1, "exp", LUA_TNUMBER, &n)) { | 3268 | /* compat: DH used to use the 'exp' field for the generator */ |
| 3268 | luaL_argcheck(L, n > 0 && n < UINT_MAX, 1, lua_pushfstring(L, "%f: `exp' invalid", n)); | 3269 | if (loadfield(L, 1, "generator", LUA_TNUMBER, &n) || loadfield(L, 1, "exp", LUA_TNUMBER, &n)) { |
| 3269 | exp = (unsigned)n; | 3270 | luaL_argcheck(L, n > 0 && n <= INT_MAX, 1, lua_pushfstring(L, "%f: `exp' invalid", n)); |
| 3271 | generator = (int)n; | ||
| 3270 | } | 3272 | } |
| 3271 | break; | 3273 | break; |
| 3272 | case EVP_PKEY_EC: | 3274 | case EVP_PKEY_EC: |
| @@ -3327,7 +3329,7 @@ creat: | |||
| 3327 | BIO_free(bio); | 3329 | BIO_free(bio); |
| 3328 | if (!dh) | 3330 | if (!dh) |
| 3329 | return auxL_error(L, auxL_EOPENSSL, "pkey.new"); | 3331 | return auxL_error(L, auxL_EOPENSSL, "pkey.new"); |
| 3330 | } else if (!(dh = DH_generate_parameters(bits, exp, 0, 0))) | 3332 | } else if (!(dh = DH_generate_parameters(bits, generator, 0, 0))) |
| 3331 | return auxL_error(L, auxL_EOPENSSL, "pkey.new"); | 3333 | return auxL_error(L, auxL_EOPENSSL, "pkey.new"); |
| 3332 | 3334 | ||
| 3333 | 3335 | ||