#ifndef HEADER_DSA_H
#define HEADER_DSA_H
-#ifdef __cplusplus
-extern "C" {
-#endif
-
#ifdef NO_DSA
#error DSA is disabled.
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/bn.h>
+#include <openssl/crypto.h>
#ifndef NO_DH
# include <openssl/dh.h>
#endif
#define DSA_FLAG_CACHE_MONT_P 0x01
-typedef struct dsa_st
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct dsa_st DSA;
+
+typedef struct DSA_SIG_st
+ {
+ BIGNUM *r;
+ BIGNUM *s;
+ } DSA_SIG;
+
+typedef struct dsa_method {
+ const char *name;
+ DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
+ int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+ int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
+ DSA_SIG *sig, DSA *dsa);
+ int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+ BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *in_mont);
+ int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx,
+ BN_MONT_CTX *m_ctx); /* Can be null */
+ int (*init)(DSA *dsa);
+ int (*finish)(DSA *dsa);
+ int flags;
+ char *app_data;
+} DSA_METHOD;
+
+struct dsa_st
{
/* This first variable is used to pick up errors where
* a DSA is passed instead of of a EVP_PKEY */
int flags;
/* Normally used to cache montgomery values */
char *method_mont_p;
-
int references;
- } DSA;
-
-typedef struct DSA_SIG_st
- {
- BIGNUM *r;
- BIGNUM *s;
- } DSA_SIG;
+ CRYPTO_EX_DATA ex_data;
+#if 0
+ DSA_METHOD *meth;
+#else
+ struct engine_st *engine;
+#endif
+ };
#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
(char *(*)())d2i_DSAparams,(char *)(x))
DSA_SIG * DSA_SIG_new(void);
void DSA_SIG_free(DSA_SIG *a);
-int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
+int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
int DSA_do_verify(const unsigned char *dgst,int dgst_len,
DSA_SIG *sig,DSA *dsa);
+const DSA_METHOD *DSA_OpenSSL(void);
+
+void DSA_set_default_openssl_method(const DSA_METHOD *);
+const DSA_METHOD *DSA_get_default_openssl_method(void);
+#if 0
+const DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);
+#else
+int DSA_set_method(DSA *dsa, struct engine_st *engine);
+#endif
+
DSA * DSA_new(void);
-int DSA_size(DSA *);
+#if 0
+DSA * DSA_new_method(DSA_METHOD *meth);
+#else
+DSA * DSA_new_method(struct engine_st *engine);
+#endif
+int DSA_size(const DSA *);
/* next 4 return -1 on error */
int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
int DSA_sign(int type,const unsigned char *dgst,int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa);
int DSA_verify(int type,const unsigned char *dgst,int dgst_len,
- unsigned char *sigbuf, int siglen, DSA *dsa);
+ const unsigned char *sigbuf, int siglen, DSA *dsa);
void DSA_free (DSA *r);
+int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int DSA_set_ex_data(DSA *d, int idx, void *arg);
+void *DSA_get_ex_data(DSA *d, int idx);
void ERR_load_DSA_strings(void );
-DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
-DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
-DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
-DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
+DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+DSA * DSA_generate_parameters(int bits,
+ unsigned char *seed,int seed_len,
int *counter_ret, unsigned long *h_ret,void
- (*callback)(),char *cb_arg);
+ (*callback)(int, int, void *),void *cb_arg);
int DSA_generate_key(DSA *a);
-int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
-int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
-int i2d_DSAparams(DSA *a,unsigned char **pp);
+int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+int i2d_DSAparams(const DSA *a,unsigned char **pp);
-#ifdef HEADER_BIO_H
-int DSAparams_print(BIO *bp, DSA *x);
-int DSA_print(BIO *bp, DSA *x, int off);
+#ifndef NO_BIO
+int DSAparams_print(BIO *bp, const DSA *x);
+int DSA_print(BIO *bp, const DSA *x, int off);
#endif
#ifndef NO_FP_API
-int DSAparams_print_fp(FILE *fp, DSA *x);
-int DSA_print_fp(FILE *bp, DSA *x, int off);
+int DSAparams_print_fp(FILE *fp, const DSA *x);
+int DSA_print_fp(FILE *bp, const DSA *x, int off);
#endif
-int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg);
+#define DSS_prime_checks 50
+/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
+ * 50 rounds of Rabin-Miller */
+#define DSA_is_prime(n, callback, cb_arg) \
+ BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
#ifndef NO_DH
/* Convert DSA structure (key or just parameters) into DH structure
* (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(DSA *r);
+DH *DSA_dup_DH(const DSA *r);
#endif
/* BEGIN ERROR CODES */
#define DSA_F_DSAPARAMS_PRINT_FP 101
#define DSA_F_DSA_DO_SIGN 112
#define DSA_F_DSA_DO_VERIFY 113
-#define DSA_F_DSA_IS_PRIME 102
#define DSA_F_DSA_NEW 103
#define DSA_F_DSA_PRINT 104
#define DSA_F_DSA_PRINT_FP 105
#define DSA_F_DSA_SIG_NEW 109
#define DSA_F_DSA_VERIFY 108
#define DSA_F_I2D_DSA_SIG 111
+#define DSA_F_SIG_CB 114
/* Reason codes. */
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100