summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordaurnimator <quae@daurnimator.com>2017-08-31 00:59:11 +1000
committerdaurnimator <quae@daurnimator.com>2017-08-31 01:09:55 +1000
commit2f09a2946403782c5b2418103deb4c964810ca1e (patch)
tree73eb27319eb503b82da72537c9465f63bbe4f296
parent2b86d68fd92a387dcbc3c9c62fa380c8d2a2e4aa (diff)
downloadluaossl-2f09a2946403782c5b2418103deb4c964810ca1e.tar.gz
luaossl-2f09a2946403782c5b2418103deb4c964810ca1e.tar.bz2
luaossl-2f09a2946403782c5b2418103deb4c964810ca1e.zip
Use 'generator' parameter for picking generator for DH keys (rather than 'exp'). Change default value to 2.
2 is the default generator for openssl; the number is a mostly arbitrary choice, and smaller values are faster.
-rw-r--r--doc/luaossl.pdfbin300041 -> 300085 bytes
-rw-r--r--doc/luaossl.tex4
-rw-r--r--src/openssl.c10
3 files changed, 9 insertions, 5 deletions
diff --git a/doc/luaossl.pdf b/doc/luaossl.pdf
index 81142cb..81112d9 100644
--- a/doc/luaossl.pdf
+++ b/doc/luaossl.pdf
Binary files differ
diff --git a/doc/luaossl.tex b/doc/luaossl.tex
index 7bb85df..5ac7761 100644
--- a/doc/luaossl.tex
+++ b/doc/luaossl.tex
@@ -284,7 +284,9 @@ field & type:default & description\\\hline
284 284
285.bits & number:1024 & private key size \\ 285.bits & number:1024 & private key size \\
286 286
287.exp & number:65537 & RSA or Diffie-Hellman exponent \\ 287.exp & number:65537 & RSA exponent \\
288
289.generator & number:2 & Diffie-Hellman generator \\
288 290
289.dhparam & string & PEM encoded string with precomputed DH parameters \\ 291.dhparam & string & PEM encoded string with precomputed DH parameters \\
290 292
diff --git a/src/openssl.c b/src/openssl.c
index 0760c35..0354666 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -3212,6 +3212,7 @@ static int pk_new(lua_State *L) {
3212 int type = EVP_PKEY_RSA; 3212 int type = EVP_PKEY_RSA;
3213 unsigned bits = 1024; 3213 unsigned bits = 1024;
3214 unsigned exp = 65537; 3214 unsigned exp = 65537;
3215 int generator = 2;
3215 int curve = NID_X9_62_prime192v1; 3216 int curve = NID_X9_62_prime192v1;
3216 const char *id; 3217 const char *id;
3217 const char *dhparam = NULL; 3218 const char *dhparam = NULL;
@@ -3264,9 +3265,10 @@ static int pk_new(lua_State *L) {
3264 bits = (unsigned)n; 3265 bits = (unsigned)n;
3265 } 3266 }
3266 3267
3267 if (loadfield(L, 1, "exp", LUA_TNUMBER, &n)) { 3268 /* compat: DH used to use the 'exp' field for the generator */
3268 luaL_argcheck(L, n > 0 && n < UINT_MAX, 1, lua_pushfstring(L, "%f: `exp' invalid", n)); 3269 if (loadfield(L, 1, "generator", LUA_TNUMBER, &n) || loadfield(L, 1, "exp", LUA_TNUMBER, &n)) {
3269 exp = (unsigned)n; 3270 luaL_argcheck(L, n > 0 && n <= INT_MAX, 1, lua_pushfstring(L, "%f: `exp' invalid", n));
3271 generator = (int)n;
3270 } 3272 }
3271 break; 3273 break;
3272 case EVP_PKEY_EC: 3274 case EVP_PKEY_EC:
@@ -3327,7 +3329,7 @@ creat:
3327 BIO_free(bio); 3329 BIO_free(bio);
3328 if (!dh) 3330 if (!dh)
3329 return auxL_error(L, auxL_EOPENSSL, "pkey.new"); 3331 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3330 } else if (!(dh = DH_generate_parameters(bits, exp, 0, 0))) 3332 } else if (!(dh = DH_generate_parameters(bits, generator, 0, 0)))
3331 return auxL_error(L, auxL_EOPENSSL, "pkey.new"); 3333 return auxL_error(L, auxL_EOPENSSL, "pkey.new");
3332 3334
3333 3335