Chapter 7 Public-Key Operations 241
Performing DSA Operations
Step 5: Generate
To generate DSA parameters, call the Crypto-C function B_GenerateParameters. The
Reference Manual Chapter 4 entry for this call indicates there are four arguments. The
first is the algorithm object that generates the parameters; in this example, that is
dsaParamGenerator
.
The second is a result algorithm object. Crypto-C will generate some values and will
need to place them somewhere. This information will be used in later Crypto-C calls,
so you might as well place these values in an algorithm object now. Create an
algorithm object, but do not set it;
B_GenerateParameters will do that. (This is similar
to generating an RSA key pair, where the results were placed into key objects.)
The third argument is a random algorithm. Complete Steps 1 through 4 of
“Generating Random Numbers” on page 165. You do not need random bytes, only an
algorithm that can generate them. The algorithm chooser you are using contains the
AM for SHA1 random number generation.
The last argument is a surrender context. Generating DSA parameters can be time-
consuming, sometimes taking two or three minutes. On slower machines, generating
parameters over 800 bits can take more than an hour. Use the surrender context
described previously. It will print out a dot every second to let you know that Crypto-
C is computing and the machine has not crashed:
Step 6: Destroy
Remember to destroy your objects. Do not destroy the
dsaKeyGenObj
object until you
have used it to generate the actual DSA key pair:
B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;
if ((status = B_CreateAlgorithmObject (&dsaKeyGenObj)) != 0)
break;
/* generalFlag is for this tutorial’s surrender function. */
generalFlag = 0;
if ((status = B_GenerateParameters
(dsaParamGenerator, dsaKeyGenObj, randomAlgorithm,
&generalSurrenderContext)) != 0)
break;
B_DestroyAlgorithmObject (&randomAlgorithm);
B_DestroyAlgorithmObject (&dsaParamGenerator);
