RSA Security 5.2.2 manual Generate

Performing DSA Operations

Step 5: Generate

To generate DSA parameters, call the Crypto-C function B_GenerateParameters. The Reference Manual Chapter 4 entry for this call indicates there are four arguments. The first is the algorithm object that generates the parameters; in this example, that is dsaParamGenerator.

The second is a result algorithm object. Crypto-C will generate some values and will need to place them somewhere. This information will be used in later Crypto-C calls, so you might as well place these values in an algorithm object now. Create an algorithm object, but do not set it; B_GenerateParameters will do that. (This is similar to generating an RSA key pair, where the results were placed into key objects.)

The third argument is a random algorithm. Complete Steps 1 through 4 of

“Generating Random Numbers” on page 165. You do not need random bytes, only an algorithm that can generate them. The algorithm chooser you are using contains the AM for SHA1 random number generation.

The last argument is a surrender context. Generating DSA parameters can be time- consuming, sometimes taking two or three minutes. On slower machines, generating parameters over 800 bits can take more than an hour. Use the surrender context described previously. It will print out a dot every second to let you know that Crypto- C is computing and the machine has not crashed:

B_ALGORITHM_OBJ dsaKeyGenObj = (B_ALGORITHM_OBJ)NULL_PTR;

if ((status = B_CreateAlgorithmObject (&dsaKeyGenObj)) != 0) break;

/* generalFlag is for this tutorial’s surrender function. */ generalFlag = 0;

if ((status = B_GenerateParameters (dsaParamGenerator, dsaKeyGenObj, randomAlgorithm, &generalSurrenderContext)) != 0)

break;

Step 6: Destroy

Remember to destroy your objects. Do not destroy the dsaKeyGenObj object until you have used it to generate the actual DSA key pair:

B_DestroyAlgorithmObject (&randomAlgorithm);

B_DestroyAlgorithmObject (&dsaParamGenerator);