自学教程：C++ DSA_generate_key函数代码示例

dsa160_key::dsa160_key(int bits){    if (bits == 0) {        bits = 2048;    }    // Choose an appropriate set of DSA parameters for the new key.    if (bits <= 1024) {        dsa_ = get_dsa1024();    }    else if (bits <= 2048) {        dsa_ = get_dsa2048();    }    else if (bits <= 3072) {        dsa_ = get_dsa3072();    }    else {        logger::fatal() << "Can't currently produce DSA keys with more than 3072 bits";    }    assert(dsa_);    // Generate a new DSA key given those parameters    int rc = DSA_generate_key(dsa_);    assert(rc == 1);    assert(dsa_->priv_key != nullptr);    if (rc != 1 or dsa_->priv_key == nullptr) {        throw std::runtime_error("Cannot generate DSA private key");    }    set_type(public_and_private);}

static isc_result_topenssldsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {	DSA *dsa;	unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];	isc_result_t result;#if OPENSSL_VERSION_NUMBER > 0x00908000L	BN_GENCB cb;	union {		void *dptr;		void (*fptr)(int);	} u;#else	UNUSED(callback);#endif	UNUSED(unused);	result = dst__entropy_getdata(rand_array, sizeof(rand_array),				      ISC_FALSE);	if (result != ISC_R_SUCCESS)		return (result);#if OPENSSL_VERSION_NUMBER > 0x00908000L	dsa = DSA_new();	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	if (callback == NULL) {		BN_GENCB_set_old(&cb, NULL, NULL);	} else {		u.fptr = callback;		BN_GENCB_set(&cb, &progress_cb, u.dptr);	}	if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array,					ISC_SHA1_DIGESTLENGTH,  NULL, NULL,					&cb))	{		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}#else	dsa = DSA_generate_parameters(key->key_size, rand_array,				      ISC_SHA1_DIGESTLENGTH, NULL, NULL,				      NULL, NULL);	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));#endif	if (DSA_generate_key(dsa) == 0) {		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;	key->keydata.dsa = dsa;	return (ISC_R_SUCCESS);}

int crypto_sign_keypair(unsigned char *pk,unsigned char *sk){  DSA *x;  int len;  x = DSA_new();  if (!x) return -1;  memset(sk,0,SECRETKEY_BYTES);  memset(pk,0,PUBLICKEY_BYTES);  x->p = BN_new(); if (!x->p) goto error;  x->q = BN_new(); if (!x->q) goto error;  x->g = BN_new(); if (!x->g) goto error;  if (!BN_bin2bn(prime,sizeof prime,x->p)) goto error;  if (!BN_bin2bn(prime_q,sizeof prime_q,x->q)) goto error;  if (!BN_bin2bn(prime_g,sizeof prime_g,x->g)) goto error;  if (!DSA_generate_key(x)) goto error;  len = BN_num_bytes(x->pub_key); if (len > PUBLICKEY_BYTES) goto error;  BN_bn2bin(x->pub_key,pk + PUBLICKEY_BYTES - len);  BN_bn2bin(x->pub_key,sk + PUBLICKEY_BYTES - len);  len = BN_num_bytes(x->priv_key); if (len > SECRETKEY_BYTES - PUBLICKEY_BYTES) goto error;  BN_bn2bin(x->priv_key,sk + SECRETKEY_BYTES - len);  DSA_free(x);  return 0;error:  DSA_free(x);  return -1;}

void openssl_dsa_crypt(){	DSA *d;	unsigned int size, len;	unsigned char inputs[COMM_LEN] = "dsa crypt";	unsigned char outputs[MAX1_LEN] = { 0 };	printf("/nDSA generate key:/n");	d = DSA_new();	DSA_generate_parameters_ex(d, LINE_LEN, NULL, 0, NULL, NULL, NULL);	DSA_generate_key(d);	DSA_print_fp(stdout, d, 0);		DSA_sign(NID_md5_sha1, inputs, 20, outputs, &len, d);	printf("DSA_sign(%s) = ", inputs);	for (size = 0; size < len; size++)		printf("%.02x", outputs[size]);	printf("/n");		DSA_verify(NID_md5_sha1, inputs, 20, outputs, len, d);	printf("DSA_verify(");	for (size = 0; size < len; size++)		printf("%.02x", outputs[size]);	printf(") = %s/n", inputs);		DSA_free(d);}

void keypair()    {    char buf[1024];    int nmod=0;    while(fgets(buf,sizeof buf,stdin) != NULL)	{	if(!strncmp(buf,"[mod = ",7))	    nmod=atoi(buf+7);	else if(!strncmp(buf,"N = ",4))	    {	    DSA *dsa;	    int n=atoi(buf+4);	    printf("[mod = %d]/n/n",nmod);	    dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);	    pbn("P",dsa->p);	    pbn("Q",dsa->q);	    pbn("G",dsa->g);	    putc('/n',stdout);	    while(n--)		{		DSA_generate_key(dsa);		pbn("X",dsa->priv_key);		pbn("Y",dsa->pub_key);		putc('/n',stdout);		}	    }	}    }

static EP_STATgenerate_dsa_key(EP_CRYPTO_KEY *key, int keylen){	DSA *dsakey;	// generate new parameter block	dsakey = DSA_new();	if (DSA_generate_parameters_ex(dsakey, keylen,			NULL, 0, NULL, NULL, NULL) != 1)	{		_ep_crypto_error("cannot initialize DSA parameters");		goto fail0;	}	if (DSA_generate_key(dsakey) != 1)	{		_ep_crypto_error("cannot generate DSA key");		goto fail0;	}	if (EVP_PKEY_assign_DSA(key, dsakey) != 1)	{		_ep_crypto_error("cannot save DSA key");		goto fail0;	}	return EP_STAT_OK;fail0:	return EP_STAT_CRYPTO_KEYCREATE;}

static void keypair(FILE *in, FILE *out)    {    char buf[1024];    char lbuf[1024];    char *keyword, *value;    int dsa2, L, N;    while(fgets(buf,sizeof buf,in) != NULL)	{	if (!parse_line(&keyword, &value, lbuf, buf))		{		continue;		}	if(!strcmp(keyword,"[mod"))	    {	    if (!parse_mod(value, &dsa2, &L, &N, NULL))		{		fprintf(stderr, "Mod Parse Error/n");		exit (1);		}	    fputs(buf,out);	    }	else if(!strcmp(keyword,"N"))	    {	    DSA *dsa;	    int n=atoi(value);	    dsa = FIPS_dsa_new();	    if (!dsa2 && !dsa_builtin_paramgen(dsa, L, N, NULL, NULL, 0,						NULL, NULL, NULL, NULL))			{			fprintf(stderr, "Parameter Generation error/n");			exit(1);			}	    if (dsa2 && dsa_builtin_paramgen2(dsa, L, N, NULL, NULL, 0, -1,						NULL, NULL, NULL, NULL) <= 0)			{			fprintf(stderr, "Parameter Generation error/n");			exit(1);			}	    do_bn_print_name(out, "P",dsa->p);	    do_bn_print_name(out, "Q",dsa->q);	    do_bn_print_name(out, "G",dsa->g);	    fputs(RESP_EOL, out);	    while(n--)		{		if (!DSA_generate_key(dsa))			exit(1);		do_bn_print_name(out, "X",dsa->priv_key);		do_bn_print_name(out, "Y",dsa->pub_key);	    	fputs(RESP_EOL, out);		}	    if (dsa)		FIPS_dsa_free(dsa);	    }	}    }

// Key factorybool OSSLDSA::generateKeyPair(AsymmetricKeyPair** ppKeyPair, AsymmetricParameters* parameters, RNG* /*rng = NULL */){	// Check parameters	if ((ppKeyPair == NULL) ||	    (parameters == NULL))	{		return false;	}	if (!parameters->areOfType(DSAParameters::type))	{		ERROR_MSG("Invalid parameters supplied for DSA key generation");		return false;	}	DSAParameters* params = (DSAParameters*) parameters;	// Generate the key-pair	DSA* dsa = DSA_new();	if (dsa == NULL)	{		ERROR_MSG("Failed to instantiate OpenSSL DSA object");		return false;	}	// Use the OpenSSL implementation and not any engine	DSA_set_method(dsa, DSA_get_default_method());	dsa->p = OSSL::byteString2bn(params->getP());	dsa->q = OSSL::byteString2bn(params->getQ());	dsa->g = OSSL::byteString2bn(params->getG());	if (DSA_generate_key(dsa) != 1)	{		ERROR_MSG("DSA key generation failed (0x%08X)", ERR_get_error());		DSA_free(dsa);		return false;	}	// Create an asymmetric key-pair object to return	OSSLDSAKeyPair* kp = new OSSLDSAKeyPair();	((OSSLDSAPublicKey*) kp->getPublicKey())->setFromOSSL(dsa);	((OSSLDSAPrivateKey*) kp->getPrivateKey())->setFromOSSL(dsa);	*ppKeyPair = kp;	// Release the key	DSA_free(dsa);	return true;}

static int genkeys(void){    if (!TEST_ptr(dsakey = load_dsa_params()))        return 0;    if (!TEST_int_eq(DSA_generate_key(dsakey), 1))        return 0;    return 1;}

int main(int argc, char **argv){    DSA *dsa;    unsigned char*  input_string;    unsigned char*  sign_string;    unsigned int    sig_len;    unsigned int    i;    if ( argc != 2 )    {        fprintf(stderr, "%s <plain text>/n", argv[0]);        exit(-1);    }    input_string = (unsigned char*)calloc(strlen(argv[1]) + 1, sizeof(unsigned char));    if ( input_string == NULL )    {        fprintf(stderr, "Unable to allocate memory for input_string/n");        exit(-1);    }    strncpy((char *)input_string, argv[1], strlen(argv[1]));    dsa = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);    DSA_generate_key(dsa);    sign_string = (unsigned char *)calloc(DSA_size(dsa), sizeof(unsigned char));    if ( sign_string == NULL )    {        fprintf(stderr, "Unable to allocate memory for sign_string/n");        exit(-1);    }    if ( DSA_sign(0, input_string, strlen((char *)input_string), sign_string, &sig_len, dsa) == 0 )    {        fprintf(stderr, "Sign error/n");        exit(-1);    }    int is_valid_signature = DSA_verify(0, input_string, strlen((char*)input_string), sign_string, sig_len, dsa);    DSAparams_print_fp(stdout, dsa);    printf("input_string = %s/n", input_string);    printf("signed string = ");    for ( i = 0; i < sig_len; i++ )        printf("%x%x", (sign_string[i] >> 4) & 0xf, sign_string[i] & 0xf);    printf("/n");    printf("is_valid_signature? = %d/n", is_valid_signature);    return 0;}

int main(){   DSA *key;   FILE *fp1, *fp2;   unsigned char digest[8] = "1234567";   int siglen;   unsigned char signature[1000];   int retcode;   key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);   if (key == NULL)   {      printf("/nFailed to generate parameters/n");      exit(1);   }   fp1 = fopen("params.dat", "w");   DSAparams_print_fp(fp1, key);   fclose(fp1);   DSA_generate_key(key);   if (key == NULL)   {      printf("/nFailed to generate key/n");      exit(1);   }   fp2 = fopen("key.dat", "w");   DSA_print_fp(fp2, key, 0);   fclose(fp2);   retcode = DSA_sign(0, digest, 8, signature, &siglen, key);   if (retcode == 0)   {      printf("/n *** Error in signing ***/n/n");      exit(1);   }   printf("/n%s/n",signature);   retcode = DSA_verify(0, digest, 8, signature, siglen, key);   if (retcode == 1)      printf("/n *** Valid signature ***/n/n");   if (retcode == 0)      printf("/n *** Incorrect signature ***/n/n");   if (retcode == -1)      printf("/n *** Error in verifying ***/n/n");   DSA_free(key);   return 0;}

static int dsa_test(void){    BN_GENCB *cb;    DSA *dsa = NULL;    int counter, ret = 0, i, j;    unsigned char buf[256];    unsigned long h;    unsigned char sig[256];    unsigned int siglen;    const BIGNUM *p = NULL, *q = NULL, *g = NULL;    if (!TEST_ptr(cb = BN_GENCB_new()))        goto end;    BN_GENCB_set(cb, dsa_cb, NULL);    if (!TEST_ptr(dsa = DSA_new())        || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,                                                &counter, &h, cb)))        goto end;    if (!TEST_int_eq(counter, 105))        goto end;    if (!TEST_int_eq(h, 2))        goto end;    DSA_get0_pqg(dsa, &p, &q, &g);    i = BN_bn2bin(q, buf);    j = sizeof(out_q);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i))        goto end;    i = BN_bn2bin(p, buf);    j = sizeof(out_p);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i))        goto end;    i = BN_bn2bin(g, buf);    j = sizeof(out_g);    if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i))        goto end;    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))        ret = 1; end:    DSA_free(dsa);    BN_GENCB_free(cb);    return ret;}

void pki_evp::generate(int bits, int type, QProgressBar *progress, int curve_nid){	RSA *rsakey;	DSA *dsakey;	EC_KEY *eckey;	progress->setMinimum(0);	progress->setMaximum(100);	progress->setValue(50);	switch (type) {	case EVP_PKEY_RSA:		rsakey = RSA_generate_key(bits, 0x10001, inc_progress_bar,			progress);		if (rsakey)			EVP_PKEY_assign_RSA(key, rsakey);		break;	case EVP_PKEY_DSA:		progress->setMaximum(500);		dsakey = DSA_generate_parameters(bits, NULL, 0, NULL, NULL,				inc_progress_bar, progress);		DSA_generate_key(dsakey);		if (dsakey)			EVP_PKEY_assign_DSA(key, dsakey);		break;	case EVP_PKEY_EC:		EC_GROUP *group = EC_GROUP_new_by_curve_name(curve_nid);		if (!group)			break;		eckey = EC_KEY_new();		if (eckey == NULL) {			EC_GROUP_free(group);			break;		}		EC_GROUP_set_asn1_flag(group, 1);		if (EC_KEY_set_group(eckey, group)) {			if (EC_KEY_generate_key(eckey)) {				EVP_PKEY_assign_EC_KEY(key, eckey);				EC_GROUP_free(group);				break;			}		}		EC_KEY_free(eckey);		EC_GROUP_free(group);		break;	}	pki_openssl_error();	encryptKey();}

static int generate_dsa_keypair(EVP_PKEY* pkey, const keymaster_dsa_keygen_params_t* dsa_params) {    if (dsa_params->key_size < 512) {        ALOGI("Requested DSA key size is too small (<512)");        return -1;    }    Unique_DSA dsa(DSA_new());    if (dsa_params->generator_len == 0 || dsa_params->prime_p_len == 0 ||        dsa_params->prime_q_len == 0 || dsa_params->generator == NULL ||        dsa_params->prime_p == NULL || dsa_params->prime_q == NULL) {        if (DSA_generate_parameters_ex(dsa.get(), dsa_params->key_size, NULL, 0, NULL, NULL,                                       NULL) != 1) {            logOpenSSLError("generate_dsa_keypair");            return -1;        }    } else {        dsa->g = BN_bin2bn(dsa_params->generator, dsa_params->generator_len, NULL);        if (dsa->g == NULL) {            logOpenSSLError("generate_dsa_keypair");            return -1;        }        dsa->p = BN_bin2bn(dsa_params->prime_p, dsa_params->prime_p_len, NULL);        if (dsa->p == NULL) {            logOpenSSLError("generate_dsa_keypair");            return -1;        }        dsa->q = BN_bin2bn(dsa_params->prime_q, dsa_params->prime_q_len, NULL);        if (dsa->q == NULL) {            logOpenSSLError("generate_dsa_keypair");            return -1;        }    }    if (DSA_generate_key(dsa.get()) != 1) {        logOpenSSLError("generate_dsa_keypair");        return -1;    }    if (EVP_PKEY_assign_DSA(pkey, dsa.get()) == 0) {        logOpenSSLError("generate_dsa_keypair");        return -1;    }    release_because_ownership_transferred(dsa);    return 0;}

static isc_result_topenssldsa_generate(dst_key_t *key, int unused) {#if OPENSSL_VERSION_NUMBER > 0x00908000L        BN_GENCB cb;#endif	DSA *dsa;	unsigned char rand_array[ISC_SHA1_DIGESTLENGTH];	isc_result_t result;	UNUSED(unused);	result = dst__entropy_getdata(rand_array, sizeof(rand_array),				      ISC_FALSE);	if (result != ISC_R_SUCCESS)		return (result);#if OPENSSL_VERSION_NUMBER > 0x00908000L        dsa = DSA_new();	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	BN_GENCB_set_old(&cb, NULL, NULL);  	if (!DSA_generate_parameters_ex(dsa, key->key_size, rand_array,					ISC_SHA1_DIGESTLENGTH,  NULL, NULL,					&cb))	{		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}#else	dsa = DSA_generate_parameters(key->key_size, rand_array,				      ISC_SHA1_DIGESTLENGTH, NULL, NULL,				      NULL, NULL);	if (dsa == NULL)		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));#endif	if (DSA_generate_key(dsa) == 0) {		DSA_free(dsa);		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));	}	dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;	key->opaque = dsa;	return (ISC_R_SUCCESS);}

static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey){    DSA *dsa = NULL;    if (ctx->pkey == NULL) {        DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);        return 0;    }    dsa = DSA_new();    if (dsa == NULL)        return 0;    EVP_PKEY_assign_DSA(pkey, dsa);    /* Note: if error return, pkey is freed by parent routine */    if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))        return 0;    return DSA_generate_key(pkey->pkey.dsa);}

/* * DSA: generate keys and sign, verify input plaintext. */static int FIPS_dsa_test(int bad){    DSA *dsa = NULL;    EVP_PKEY pk;    unsigned char dgst[] = "etaonrishdlc";    unsigned char buf[60];    unsigned int slen;    int r = 0;    EVP_MD_CTX mctx;    ERR_clear_error();    EVP_MD_CTX_init(&mctx);    dsa = DSA_new();    if (!dsa)        goto end;    if (!DSA_generate_parameters_ex(dsa, 1024, NULL, 0, NULL, NULL, NULL))        goto end;    if (!DSA_generate_key(dsa))        goto end;    if (bad)        BN_add_word(dsa->pub_key, 1);    pk.type = EVP_PKEY_DSA;    pk.pkey.dsa = dsa;    if (!EVP_SignInit_ex(&mctx, EVP_dss1(), NULL))        goto end;    if (!EVP_SignUpdate(&mctx, dgst, sizeof(dgst) - 1))        goto end;    if (!EVP_SignFinal(&mctx, buf, &slen, &pk))        goto end;    if (!EVP_VerifyInit_ex(&mctx, EVP_dss1(), NULL))        goto end;    if (!EVP_VerifyUpdate(&mctx, dgst, sizeof(dgst) - 1))        goto end;    r = EVP_VerifyFinal(&mctx, buf, slen, &pk);end:    EVP_MD_CTX_cleanup(&mctx);    if (dsa)        DSA_free(dsa);    if (r != 1)        return 0;    return 1;}

int32_t CryptoNative_DsaGenerateKey(DSA** dsa, int32_t bits){    *dsa = DSA_new();    if (!dsa)    {        assert(false);        return 0;    }    if (!DSA_generate_parameters_ex(*dsa, bits, NULL, 0, NULL, NULL, NULL) ||        !DSA_generate_key(*dsa))    {        DSA_free(*dsa);        *dsa = NULL;        return 0;    }    return 1;}

/* * DSA: generate keys and sign, verify input plaintext. */static int FIPS_dsa_test(int bad){    DSA *dsa = NULL;    unsigned char dgst[] = "etaonrishdlc";    int r = 0;    EVP_MD_CTX mctx;    DSA_SIG *sig = NULL;    ERR_clear_error();    FIPS_md_ctx_init(&mctx);    dsa = FIPS_dsa_new();    if (!dsa)        goto end;    if (!DSA_generate_parameters_ex(dsa, 1024,NULL,0,NULL,NULL,NULL))        goto end;    if (!DSA_generate_key(dsa))        goto end;    if (bad)        BN_add_word(dsa->pub_key, 1);    if (!FIPS_digestinit(&mctx, EVP_sha256()))        goto end;    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))        goto end;    sig = FIPS_dsa_sign_ctx(dsa, &mctx);    if (!sig)        goto end;    if (!FIPS_digestinit(&mctx, EVP_sha256()))        goto end;    if (!FIPS_digestupdate(&mctx, dgst, sizeof(dgst) - 1))        goto end;    r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);end:    if (sig)        FIPS_dsa_sig_free(sig);    FIPS_md_ctx_cleanup(&mctx);    if (dsa)        FIPS_dsa_free(dsa);    if (r != 1)        return 0;    return 1;}

/**	load_probekeys	Loads public and private keys for the probe.  If it cannot load them,	it generates and saves them.  Returns 0 if we get actual keys and -1 if	no keys could be loaded or generated.*/static int load_probekeys(){	int r;	char *pubfn, *privfn;	pubfn = fm_abs(FM_KEY_PROBE_PUBLIC);	privfn = fm_abs(FM_KEY_PROBE_PRIVATE);	r = load_keys(pubfn, privfn, &probe);	if(r == -1 && DSA_generate_key(probe)) {		save_keys(pubfn, privfn, probe);		r = 0;	}	free(pubfn);	free(privfn);	return r;}

static void keypair(){    char buf[1024];    char lbuf[1024];    char *keyword, *value;    int nmod = 0;    while (fgets(buf, sizeof buf, stdin) != NULL) {        if (!parse_line(&keyword, &value, lbuf, buf)) {            fputs(buf, stdout);            continue;        }        if (!strcmp(keyword, "[mod"))            nmod = atoi(value);        else if (!strcmp(keyword, "N")) {            DSA *dsa;            int n = atoi(value);            printf("[mod = %d]/n/n", nmod);            dsa = FIPS_dsa_new();            if (!DSA_generate_parameters_ex                    (dsa, nmod, NULL, 0, NULL, NULL, NULL)) {                do_print_errors();                exit(1);            }            pbn("P", dsa->p);            pbn("Q", dsa->q);            pbn("G", dsa->g);            putc('/n', stdout);            while (n--) {                if (!DSA_generate_key(dsa)) {                    do_print_errors();                    exit(1);                }                pbn("X", dsa->priv_key);                pbn("Y", dsa->pub_key);                putc('/n', stdout);            }        }    }}

/* DSA: generate key and sign a known digest, then verify the signature * against the digest*/static int FIPS_dsa_test()    {    DSA *dsa = NULL;    unsigned char dgst[] = "etaonrishdlc";    unsigned char sig[256];    unsigned int siglen;    ERR_clear_error();    dsa = DSA_generate_parameters(512,NULL,0,NULL,NULL,NULL,NULL);    if (!dsa)	return 0;    if (!DSA_generate_key(dsa))	return 0;    if ( DSA_sign(0,dgst,sizeof(dgst) - 1,sig,&siglen,dsa) != 1 )	return 0;    if ( DSA_verify(0,dgst,sizeof(dgst) - 1,sig,siglen,dsa) != 1 )	return 0;    DSA_free(dsa);    return 1;    }

void siggen()    {    char buf[1024];    int nmod=0;    DSA *dsa=NULL;    while(fgets(buf,sizeof buf,stdin) != NULL)	{	if(!strncmp(buf,"[mod = ",7))	    {	    nmod=atoi(buf+7);	    printf("[mod = %d]/n/n",nmod);	    dsa=DSA_generate_parameters(nmod,NULL,0,NULL,NULL,NULL,NULL);	    pbn("P",dsa->p);	    pbn("Q",dsa->q);	    pbn("G",dsa->g);	    putc('/n',stdout);	    }	else if(!strncmp(buf,"Msg = ",6))	    {	    unsigned char msg[1024];	    unsigned char hash[20];	    int n;	    DSA_SIG *sig;	    n=hex2bin(buf+6,msg);	    pv("Msg",msg,n);	    DSA_generate_key(dsa);	    pbn("Y",dsa->pub_key);	    SHA1(msg,n,hash);	    sig=DSA_do_sign(hash,sizeof hash,dsa);	    pbn("R",sig->r);	    pbn("S",sig->s);	    putc('/n',stdout);	    }	}    }

/* * DSA key generation */EVP_PKEY *isns_dsa_generate_key(void){	EVP_PKEY *pkey;	DSA	*dsa = NULL;	if (!(dsa = isns_dsa_load_params(isns_config.ic_dsa.param_file)))		goto failed;	if (!DSA_generate_key(dsa)) {		isns_dsasig_report_errors("Failed to generate DSA key",				isns_error);		goto failed;	}	pkey = EVP_PKEY_new();	EVP_PKEY_assign_DSA(pkey, dsa);	return pkey;failed:	if (dsa)		DSA_free(dsa);	return NULL;}

//.........这里部分代码省略.........#ifndef OPENSSL_NO_IDEA		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode/n");#endif#ifndef OPENSSL_NO_SEED		BIO_printf(bio_err," -seed/n");		BIO_printf(bio_err,"                 encrypt PEM output with cbc seed/n");#endif#ifndef OPENSSL_NO_AES		BIO_printf(bio_err," -aes128, -aes192, -aes256/n");		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes/n");#endif#ifndef OPENSSL_NO_CAMELLIA		BIO_printf(bio_err," -camellia128, -camellia192, -camellia256/n");		BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia/n");#endif#ifndef OPENSSL_NO_ENGINE		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device./n");#endif		BIO_printf(bio_err," -rand file%cfile%c.../n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);		BIO_printf(bio_err,"           - load the file (or the files in the directory) into/n");		BIO_printf(bio_err,"             the random number generator/n");		BIO_printf(bio_err," dsaparam-file/n");		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command/n");		goto end;		}#ifndef OPENSSL_NO_ENGINE        e = setup_engine(bio_err, engine, 0);#endif	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {		BIO_printf(bio_err, "Error getting password/n");		goto end;	}	in=BIO_new(BIO_s_file());	if (!(BIO_read_filename(in,dsaparams)))		{		perror(dsaparams);		goto end;		}	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)		{		BIO_printf(bio_err,"unable to load DSA parameter file/n");		goto end;		}	BIO_free(in);	in = NULL;			out=BIO_new(BIO_s_file());	if (out == NULL) goto end;	if (outfile == NULL)		{		BIO_set_fp(out,stdout,BIO_NOCLOSE);#ifdef OPENSSL_SYS_VMS		{		BIO *tmpbio = BIO_new(BIO_f_linebuffer());		out = BIO_push(tmpbio, out);		}#endif		}	else		{		if (BIO_write_filename(out,outfile) <= 0)			{			perror(outfile);			goto end;			}		}	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)		{		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option/n");		}	if (inrand != NULL)		BIO_printf(bio_err,"%ld semi-random bytes loaded/n",			app_RAND_load_files(inrand));	BIO_printf(bio_err,"Generating DSA key, %d bits/n",							BN_num_bits(dsa->p));	if (!DSA_generate_key(dsa)) goto end;	app_RAND_write_file(NULL, bio_err);	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))		goto end;	ret=0;end:	if (ret != 0)		ERR_print_errors(bio_err);	if (in != NULL) BIO_free(in);	if (out != NULL) BIO_free_all(out);	if (dsa != NULL) DSA_free(dsa);	if(passout) OPENSSL_free(passout);	apps_shutdown();	OPENSSL_EXIT(ret);	}

int main(){	FILE *fp;    int len, i;    MD5_CTX ctx;    unsigned char buf[1000];    unsigned char md5sum[16];                        MD5_Init(&ctx);    if(!( fp = fopen("input.dat", "rb")))    {        printf("/nFailed to open file/n"); return (1);    }        while((len = fread( buf, 1, sizeof(buf), fp ) ) > 0 )    {        MD5_Update(&ctx, buf, len);    }             MD5_Final(md5sum, &ctx);    	printf("MD5(input.dat) = ");    for( i = 0; i < 16; i++ )    {       printf("%02x", md5sum[i]);    }    printf("/n");   DSA *key;   FILE *fp1, *fp2;   /*unsigned char digest[8] = "1234567";*/   int siglen;   unsigned char signature[1000];   int retcode;   key = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);   if (key == NULL)   {      printf("/nFailed to generate parameters/n");      exit(1);   }   fp1 = fopen("params.dat", "w");   DSAparams_print_fp(fp1, key);   fclose(fp1);   DSA_generate_key(key);   if (key == NULL)   {      printf("/nFailed to generate key/n");      exit(1);   }   fp2 = fopen("key.dat", "w");   DSA_print_fp(fp2, key, 0);   fclose(fp2);   retcode = DSA_sign(0, md5sum, 8, signature, &siglen, key);   if (retcode == 0)   {      printf("/n *** Error in signing ***/n/n");      exit(1);   }   FILE *fp3;   fp3 = fopen("signature.dat", "w");   fputs(signature, fp3);   fclose(fp3);   printf("/nSignature of the hash = ");   printf("%s/n",signature);   retcode = DSA_verify(0, md5sum, 8, signature, siglen, key);   if (retcode == 1)      printf("/n *** Valid signature ***/n/n");   if (retcode == 0)      printf("/n *** Incorrect signature ***/n/n");   if (retcode == -1)      printf("/n *** Error in verifying ***/n/n");   DSA_free(key);   return 0;}

//.........这里部分代码省略.........		{		unsigned char *data;		int l,len,bits_p,bits_q,bits_g;		len=BN_num_bytes(dsa->p);		bits_p=BN_num_bits(dsa->p);		bits_q=BN_num_bits(dsa->q);		bits_g=BN_num_bits(dsa->g);		data=(unsigned char *)OPENSSL_malloc(len+20);		if (data == NULL)			{			perror("OPENSSL_malloc");			goto end;			}		l=BN_bn2bin(dsa->p,data);		printf("static unsigned char dsa%d_p[]={",bits_p);		for (i=0; i<l; i++)			{			if ((i%12) == 0) printf("/n/t");			printf("0x%02X,",data[i]);			}		printf("/n/t};/n");		l=BN_bn2bin(dsa->q,data);		printf("static unsigned char dsa%d_q[]={",bits_p);		for (i=0; i<l; i++)			{			if ((i%12) == 0) printf("/n/t");			printf("0x%02X,",data[i]);			}		printf("/n/t};/n");		l=BN_bn2bin(dsa->g,data);		printf("static unsigned char dsa%d_g[]={",bits_p);		for (i=0; i<l; i++)			{			if ((i%12) == 0) printf("/n/t");			printf("0x%02X,",data[i]);			}		printf("/n/t};/n/n");		printf("DSA *get_dsa%d()/n/t{/n",bits_p);		printf("/tDSA *dsa;/n/n");		printf("/tif ((dsa=DSA_new()) == NULL) return(NULL);/n");		printf("/tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);/n",			bits_p,bits_p);		printf("/tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);/n",			bits_p,bits_p);		printf("/tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);/n",			bits_p,bits_p);		printf("/tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))/n");		printf("/t/t{ DSA_free(dsa); return(NULL); }/n");		printf("/treturn(dsa);/n/t}/n");		}	if (!noout)		{		if 	(outformat == FORMAT_ASN1)			i=i2d_DSAparams_bio(out,dsa);		else if (outformat == FORMAT_PEM)			i=PEM_write_bio_DSAparams(out,dsa);		else	{			BIO_printf(bio_err,"bad output format specified for outfile/n");			goto end;			}		if (!i)			{			BIO_printf(bio_err,"unable to write DSA parameters/n");			ERR_print_errors(bio_err);			goto end;			}		}	if (genkey)		{		DSA *dsakey;		assert(need_rand);		if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;		if (!DSA_generate_key(dsakey)) goto end;		if 	(outformat == FORMAT_ASN1)			i=i2d_DSAPrivateKey_bio(out,dsakey);		else if (outformat == FORMAT_PEM)			i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);		else	{			BIO_printf(bio_err,"bad output format specified for outfile/n");			goto end;			}		DSA_free(dsakey);		}	if (need_rand)		app_RAND_write_file(NULL, bio_err);	ret=0;end:	if (in != NULL) BIO_free(in);	if (out != NULL) BIO_free_all(out);	if (dsa != NULL) DSA_free(dsa);	apps_shutdown();	OPENSSL_EXIT(ret);	}

int ssl_test_dsa(int argc, char **argv)	{	BN_GENCB cb;	DSA *dsa=NULL;	int counter,ret=0,i,j;	unsigned char buf[256];	unsigned long h;	unsigned char sig[256];	unsigned int siglen;#ifndef OPENSSL_SYS_WINDOWS		bio_err = BIO_new(BIO_s_mem());		if (bio_err == NULL) return(1);	#else		if (bio_err == NULL)			bio_err=BIO_new_fp(OPENSSL_TYPE__FILE_STDERR,BIO_NOCLOSE);#endif	CRYPTO_malloc_debug_init();	CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);	ERR_load_crypto_strings();	RAND_seed(rnd_seed, sizeof rnd_seed);	TINYCLR_SSL_PRINTF("test generation of DSA parameters/n");	BN_GENCB_set(&cb, dsa_cb, bio_err);	if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,				seed, 20, &counter, &h, &cb))		goto end;	TINYCLR_SSL_PRINTF("seed/n");	for (i=0; i<20; i+=4)		{		TINYCLR_SSL_PRINTF("%02X%02X%02X%02X ",			seed[i],seed[i+1],seed[i+2],seed[i+3]);		}	TINYCLR_SSL_PRINTF("/ncounter=%d h=%ld/n",counter,h);			DSA_print(bio_err,dsa,0);	if (counter != 105) 		{		TINYCLR_SSL_PRINTF("counter should be 105/n");		goto end;		}	if (h != 2)		{		TINYCLR_SSL_PRINTF("h should be 2/n");		goto end;		}	i=BN_bn2bin(dsa->q,buf);	j=sizeof(out_q);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_q,i) != 0))		{		TINYCLR_SSL_PRINTF("q value is wrong/n");		goto end;		}	i=BN_bn2bin(dsa->p,buf);	j=sizeof(out_p);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_p,i) != 0))		{		TINYCLR_SSL_PRINTF("p value is wrong/n");		goto end;		}	i=BN_bn2bin(dsa->g,buf);	j=sizeof(out_g);	if ((i != j) || (TINYCLR_SSL_MEMCMP(buf,out_g,i) != 0))		{		TINYCLR_SSL_PRINTF("g value is wrong/n");		goto end;		}	dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;	DSA_generate_key(dsa);	DSA_sign(0, str1, 20, sig, &siglen, dsa);	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)		ret=1;	dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;	DSA_generate_key(dsa);	DSA_sign(0, str1, 20, sig, &siglen, dsa);	if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)		ret=1;end:	if (!ret)		ERR_print_errors(bio_err);	if (dsa != NULL) DSA_free(dsa);	CRYPTO_cleanup_all_ex_data();	ERR_remove_thread_state(NULL);	ERR_free_strings();	CRYPTO_mem_leaks(bio_err);	if (bio_err != NULL)		{		BIO_free(bio_err);//.........这里部分代码省略.........

int main(int argc, char **argv){    BN_GENCB *cb;    DSA *dsa = NULL;    int counter, ret = 0, i, j;    unsigned char buf[256];    unsigned long h;    unsigned char sig[256];    unsigned int siglen;    BIGNUM *p = NULL, *q = NULL, *g = NULL;    if (bio_err == NULL)        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);    CRYPTO_set_mem_debug(1);    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);    RAND_seed(rnd_seed, sizeof rnd_seed);    BIO_printf(bio_err, "test generation of DSA parameters/n");    cb = BN_GENCB_new();    if (!cb)        goto end;    BN_GENCB_set(cb, dsa_cb, bio_err);    if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,                                                                   seed, 20,                                                                   &counter,                                                                   &h, cb))        goto end;    BIO_printf(bio_err, "seed/n");    for (i = 0; i < 20; i += 4) {        BIO_printf(bio_err, "%02X%02X%02X%02X ",                   seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);    }    BIO_printf(bio_err, "/ncounter=%d h=%ld/n", counter, h);    DSA_print(bio_err, dsa, 0);    if (counter != 105) {        BIO_printf(bio_err, "counter should be 105/n");        goto end;    }    if (h != 2) {        BIO_printf(bio_err, "h should be 2/n");        goto end;    }    DSA_get0_pqg(dsa, &p, &q, &g);    i = BN_bn2bin(q, buf);    j = sizeof(out_q);    if ((i != j) || (memcmp(buf, out_q, i) != 0)) {        BIO_printf(bio_err, "q value is wrong/n");        goto end;    }    i = BN_bn2bin(p, buf);    j = sizeof(out_p);    if ((i != j) || (memcmp(buf, out_p, i) != 0)) {        BIO_printf(bio_err, "p value is wrong/n");        goto end;    }    i = BN_bn2bin(g, buf);    j = sizeof(out_g);    if ((i != j) || (memcmp(buf, out_g, i) != 0)) {        BIO_printf(bio_err, "g value is wrong/n");        goto end;    }    DSA_set_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)        ret = 1;    DSA_clear_flags(dsa, DSA_FLAG_NO_EXP_CONSTTIME);    DSA_generate_key(dsa);    DSA_sign(0, str1, 20, sig, &siglen, dsa);    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)        ret = 1; end:    if (!ret)        ERR_print_errors(bio_err);    DSA_free(dsa);    BN_GENCB_free(cb);#ifndef OPENSSL_NO_CRYPTO_MDEBUG    if (CRYPTO_mem_leaks(bio_err) <= 0)        ret = 0;#endif    BIO_free(bio_err);    bio_err = NULL;    EXIT(!ret);}

//.........这里部分代码省略.........	{		// RSA key		RSA* rsa_key;		rsa_key = RSA_generate_key(signatureKeyLengthM, RSA_3, NULL, 0);		if (rsa_key == NULL)		{			openSsl_ptr->printError(logger_ptr, LOG_ERROR, "generating RSA key");			goto end;		}		key_ptr = EVP_PKEY_new();		if (key_ptr == NULL)		{			openSsl_ptr->printError(logger_ptr, LOG_ERROR, "creating RSA key");			RSA_free(rsa_key);			goto end;		}		EVP_PKEY_assign_RSA(key_ptr, rsa_key);	}	else	{		// DSA key		DSA* dsa_key;		dsa_key = DSA_generate_parameters(signatureKeyLengthM, NULL, 0, NULL, NULL, NULL, 0);		if (dsa_key == NULL)		{			openSsl_ptr->printError(logger_ptr, LOG_ERROR, "generating DSA parameters");			goto end;		}		if (DSA_generate_key(dsa_key) == 0)		{			openSsl_ptr->printError(logger_ptr, LOG_ERROR, "generating DSA key");			DSA_free(dsa_key);			goto end;		}		key_ptr = EVP_PKEY_new();		if (key_ptr == NULL)		{			openSsl_ptr->printError(logger_ptr, LOG_ERROR, "creating DSA key");			DSA_free(dsa_key);			goto end;		}		EVP_PKEY_assign_DSA(key_ptr, dsa_key);	}	// create the certificate	cert_ptr = X509_new();	if (cert_ptr == NULL)	{		openSsl_ptr->printError(logger_ptr, LOG_ERROR, "creating certificate object");		goto end;	}	// version	if (X509_set_version(cert_ptr, (versionM - 1)) != 1)	{		openSsl_ptr->printError(logger_ptr, LOG_ERROR, "setting certificate version");		goto end;	}