6b1d52fab292a64ca0bc5613d91264a67f57eafe
[openssl.git] / crypto / dsa / dsa_ameth.c
1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2  * project 2006.
3  */
4 /* ====================================================================
5  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer. 
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com).
55  *
56  */
57
58 #include <stdio.h>
59 #include "cryptlib.h"
60 #include <openssl/x509.h>
61 #include <openssl/asn1.h>
62 #include <openssl/dsa.h>
63 #include <openssl/bn.h>
64 #ifndef OPENSSL_NO_CMS
65 #include <openssl/cms.h>
66 #endif
67 #include "asn1_locl.h"
68
69 static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
70         {
71         const unsigned char *p, *pm;
72         int pklen, pmlen;
73         int ptype;
74         void *pval;
75         ASN1_STRING *pstr;
76         X509_ALGOR *palg;
77         ASN1_INTEGER *public_key = NULL;
78
79         DSA *dsa = NULL;
80
81         if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
82                 return 0;
83         X509_ALGOR_get0(NULL, &ptype, &pval, palg);
84
85
86         if (ptype == V_ASN1_SEQUENCE)
87                 {
88                 pstr = pval;    
89                 pm = pstr->data;
90                 pmlen = pstr->length;
91
92                 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
93                         {
94                         DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
95                         goto err;
96                         }
97
98                 }
99         else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF))
100                 {
101                 if (!(dsa = DSA_new()))
102                         {
103                         DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
104                         goto err;
105                         }
106                 }
107         else
108                 {
109                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
110                 goto err;
111                 }
112
113         if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
114                 {
115                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
116                 goto err;
117                 }
118
119         if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
120                 {
121                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
122                 goto err;
123                 }
124
125         ASN1_INTEGER_free(public_key);
126         EVP_PKEY_assign_DSA(pkey, dsa);
127         return 1;
128
129         err:
130         if (public_key)
131                 ASN1_INTEGER_free(public_key);
132         if (dsa)
133                 DSA_free(dsa);
134         return 0;
135
136         }
137
138 static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
139         {
140         DSA *dsa;
141         void *pval = NULL;
142         int ptype;
143         unsigned char *penc = NULL;
144         int penclen;
145
146         dsa=pkey->pkey.dsa;
147         if (pkey->save_parameters && dsa->p && dsa->q && dsa->g)
148                 {
149                 ASN1_STRING *str;
150                 str = ASN1_STRING_new();
151                 str->length = i2d_DSAparams(dsa, &str->data);
152                 if (str->length <= 0)
153                         {
154                         DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
155                         goto err;
156                         }
157                 pval = str;
158                 ptype = V_ASN1_SEQUENCE;
159                 }
160         else
161                 ptype = V_ASN1_UNDEF;
162
163         dsa->write_params=0;
164
165         penclen = i2d_DSAPublicKey(dsa, &penc);
166
167         if (penclen <= 0)
168                 {
169                 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
170                 goto err;
171                 }
172
173         if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
174                                 ptype, pval, penc, penclen))
175                 return 1;
176
177         err:
178         if (penc)
179                 OPENSSL_free(penc);
180         if (pval)
181                 ASN1_STRING_free(pval);
182
183         return 0;
184         }
185
186 /* In PKCS#8 DSA: you just get a private key integer and parameters in the
187  * AlgorithmIdentifier the pubkey must be recalculated.
188  */
189         
190 static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
191         {
192         const unsigned char *p, *pm;
193         int pklen, pmlen;
194         int ptype;
195         void *pval;
196         ASN1_STRING *pstr;
197         X509_ALGOR *palg;
198         ASN1_INTEGER *privkey = NULL;
199         BN_CTX *ctx = NULL;
200
201         STACK_OF(ASN1_TYPE) *ndsa = NULL;
202         DSA *dsa = NULL;
203
204         if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
205                 return 0;
206         X509_ALGOR_get0(NULL, &ptype, &pval, palg);
207
208         /* Check for broken DSA PKCS#8, UGH! */
209         if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
210                 {
211                 ASN1_TYPE *t1, *t2;
212                 if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
213                         goto decerr;
214                 if (sk_ASN1_TYPE_num(ndsa) != 2)
215                         goto decerr;
216                 /* Handle Two broken types:
217                  * SEQUENCE {parameters, priv_key}
218                  * SEQUENCE {pub_key, priv_key}
219                  */
220
221                 t1 = sk_ASN1_TYPE_value(ndsa, 0);
222                 t2 = sk_ASN1_TYPE_value(ndsa, 1);
223                 if (t1->type == V_ASN1_SEQUENCE)
224                         {
225                         p8->broken = PKCS8_EMBEDDED_PARAM;
226                         pval = t1->value.ptr;
227                         }
228                 else if (ptype == V_ASN1_SEQUENCE)
229                         p8->broken = PKCS8_NS_DB;
230                 else
231                         goto decerr;
232
233                 if (t2->type != V_ASN1_INTEGER)
234                         goto decerr;
235
236                 privkey = t2->value.integer;
237                 }
238         else
239                 {
240                 const unsigned char *q = p;
241                 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
242                         goto decerr;
243                 if (privkey->type == V_ASN1_NEG_INTEGER)
244                         {
245                         p8->broken = PKCS8_NEG_PRIVKEY;
246                         ASN1_INTEGER_free(privkey);
247                         if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
248                                 goto decerr;
249                         }
250                 if (ptype != V_ASN1_SEQUENCE)
251                         goto decerr;
252                 }
253
254         pstr = pval;    
255         pm = pstr->data;
256         pmlen = pstr->length;
257         if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
258                 goto decerr;
259         /* We have parameters now set private key */
260         if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
261                 {
262                 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
263                 goto dsaerr;
264                 }
265         /* Calculate public key */
266         if (!(dsa->pub_key = BN_new()))
267                 {
268                 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
269                 goto dsaerr;
270                 }
271         if (!(ctx = BN_CTX_new()))
272                 {
273                 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
274                 goto dsaerr;
275                 }
276                         
277         if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
278                 {
279                 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
280                 goto dsaerr;
281                 }
282
283         EVP_PKEY_assign_DSA(pkey, dsa);
284         BN_CTX_free (ctx);
285         if(ndsa)
286                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
287         else
288                 ASN1_INTEGER_free(privkey);
289
290         return 1;
291
292         decerr:
293         DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
294         dsaerr:
295         BN_CTX_free (ctx);
296         if (privkey)
297                 ASN1_INTEGER_free(privkey);
298         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
299         DSA_free(dsa);
300         return 0;
301         }
302
303 static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
304 {
305         ASN1_STRING *params = NULL;
306         ASN1_INTEGER *prkey = NULL;
307         unsigned char *dp = NULL;
308         int dplen;
309
310         if (!pkey->pkey.dsa->priv_key)
311                 {
312                 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_MISSING_PARAMETERS);
313                 goto err;
314                 }
315
316         params = ASN1_STRING_new();
317
318         if (!params)
319                 {
320                 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
321                 goto err;
322                 }
323
324         params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
325         if (params->length <= 0)
326                 {
327                 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
328                 goto err;
329                 }
330         params->type = V_ASN1_SEQUENCE;
331
332         /* Get private key into integer */
333         prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
334
335         if (!prkey)
336                 {
337                 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR);
338                 goto err;
339                 }
340
341         dplen = i2d_ASN1_INTEGER(prkey, &dp);
342
343         ASN1_INTEGER_free(prkey);
344
345         if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
346                                 V_ASN1_SEQUENCE, params, dp, dplen))
347                 goto err;
348
349         return 1;
350
351 err:
352         if (dp != NULL)
353                 OPENSSL_free(dp);
354         if (params != NULL)
355                 ASN1_STRING_free(params);
356         if (prkey != NULL)
357                 ASN1_INTEGER_free(prkey);
358         return 0;
359 }
360
361 static int int_dsa_size(const EVP_PKEY *pkey)
362         {
363         return(DSA_size(pkey->pkey.dsa));
364         }
365
366 static int dsa_bits(const EVP_PKEY *pkey)
367         {
368         return BN_num_bits(pkey->pkey.dsa->p);
369         }
370
371 static int dsa_missing_parameters(const EVP_PKEY *pkey)
372         {
373         DSA *dsa;
374         dsa=pkey->pkey.dsa;
375         if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
376                         return 1;
377         return 0;
378         }
379
380 static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
381         {
382         BIGNUM *a;
383
384         if ((a=BN_dup(from->pkey.dsa->p)) == NULL)
385                 return 0;
386         if (to->pkey.dsa->p != NULL)
387                 BN_free(to->pkey.dsa->p);
388         to->pkey.dsa->p=a;
389
390         if ((a=BN_dup(from->pkey.dsa->q)) == NULL)
391                 return 0;
392         if (to->pkey.dsa->q != NULL)
393                 BN_free(to->pkey.dsa->q);
394         to->pkey.dsa->q=a;
395
396         if ((a=BN_dup(from->pkey.dsa->g)) == NULL)
397                 return 0;
398         if (to->pkey.dsa->g != NULL)
399                 BN_free(to->pkey.dsa->g);
400         to->pkey.dsa->g=a;
401         return 1;
402         }
403
404 static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
405         {
406         if (    BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
407                 BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
408                 BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
409                 return 0;
410         else
411                 return 1;
412         }
413
414 static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
415         {
416         if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
417                 return 0;
418         else
419                 return 1;
420         }
421
422 static void int_dsa_free(EVP_PKEY *pkey)
423         {
424         DSA_free(pkey->pkey.dsa);
425         }
426
427 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
428         {
429         size_t i;
430         if (!b)
431                 return;
432         if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
433                         *pbuflen = i;
434         }
435
436 static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
437         {
438         unsigned char *m=NULL;
439         int ret=0;
440         size_t buf_len=0;
441         const char *ktype = NULL;
442
443         const BIGNUM *priv_key, *pub_key;
444
445         if (ptype == 2)
446                 priv_key = x->priv_key;
447         else
448                 priv_key = NULL;
449
450         if (ptype > 0)
451                 pub_key = x->pub_key;
452         else
453                 pub_key = NULL;
454
455         if (ptype == 2)
456                 ktype = "Private-Key";
457         else if (ptype == 1)
458                 ktype = "Public-Key";
459         else
460                 ktype = "DSA-Parameters";
461
462         update_buflen(x->p, &buf_len);
463         update_buflen(x->q, &buf_len);
464         update_buflen(x->g, &buf_len);
465         update_buflen(priv_key, &buf_len);
466         update_buflen(pub_key, &buf_len);
467
468         m=(unsigned char *)OPENSSL_malloc(buf_len+10);
469         if (m == NULL)
470                 {
471                 DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE);
472                 goto err;
473                 }
474
475         if (priv_key)
476                 {
477                 if(!BIO_indent(bp,off,128))
478                    goto err;
479                 if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p))
480                         <= 0) goto err;
481                 }
482
483         if (!ASN1_bn_print(bp,"priv:",priv_key,m,off))
484                 goto err;
485         if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off))
486                 goto err;
487         if (!ASN1_bn_print(bp,"P:   ",x->p,m,off)) goto err;
488         if (!ASN1_bn_print(bp,"Q:   ",x->q,m,off)) goto err;
489         if (!ASN1_bn_print(bp,"G:   ",x->g,m,off)) goto err;
490         ret=1;
491 err:
492         if (m != NULL) OPENSSL_free(m);
493         return(ret);
494         }
495
496 static int dsa_param_decode(EVP_PKEY *pkey,
497                                         const unsigned char **pder, int derlen)
498         {
499         DSA *dsa;
500         if (!(dsa = d2i_DSAparams(NULL, pder, derlen)))
501                 {
502                 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
503                 return 0;
504                 }
505         EVP_PKEY_assign_DSA(pkey, dsa);
506         return 1;
507         }
508
509 static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
510         {
511         return i2d_DSAparams(pkey->pkey.dsa, pder);
512         }
513
514 static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
515                                                         ASN1_PCTX *ctx)
516         {
517         return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
518         }
519
520 static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
521                                                         ASN1_PCTX *ctx)
522         {
523         return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
524         }
525
526
527 static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
528                                                         ASN1_PCTX *ctx)
529         {
530         return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
531         }
532
533 static int old_dsa_priv_decode(EVP_PKEY *pkey,
534                                         const unsigned char **pder, int derlen)
535         {
536         DSA *dsa;
537         if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen)))
538                 {
539                 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
540                 return 0;
541                 }
542         EVP_PKEY_assign_DSA(pkey, dsa);
543         return 1;
544         }
545
546 static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
547         {
548         return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
549         }
550
551 static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
552                                         const ASN1_STRING *sig,
553                                         int indent, ASN1_PCTX *pctx)
554         {
555         DSA_SIG *dsa_sig;
556         const unsigned char *p;
557         if (!sig)
558                 {
559                 if (BIO_puts(bp, "\n") <= 0)
560                         return 0;
561                 else
562                         return 1;
563                 }
564         p = sig->data;
565         dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
566         if (dsa_sig)
567                 {
568                 int rv = 0;
569                 size_t buf_len = 0;
570                 unsigned char *m=NULL;
571                 update_buflen(dsa_sig->r, &buf_len);
572                 update_buflen(dsa_sig->s, &buf_len);
573                 m = OPENSSL_malloc(buf_len+10);
574                 if (m == NULL)
575                         {
576                         DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE);
577                         goto err;
578                         }
579
580                 if (BIO_write(bp, "\n", 1) != 1)
581                         goto err;
582
583                 if (!ASN1_bn_print(bp,"r:   ",dsa_sig->r,m,indent))
584                         goto err;
585                 if (!ASN1_bn_print(bp,"s:   ",dsa_sig->s,m,indent))
586                         goto err;
587                 rv = 1;
588                 err:
589                 if (m)
590                         OPENSSL_free(m);
591                 DSA_SIG_free(dsa_sig);
592                 return rv;
593                 }
594         return X509_signature_dump(bp, sig, indent);
595         }
596
597 static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
598         {
599         switch (op)
600                 {
601                 case ASN1_PKEY_CTRL_PKCS7_SIGN:
602                 if (arg1 == 0)
603                         {
604                         int snid, hnid;
605                         X509_ALGOR *alg1, *alg2;
606                         PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
607                         if (alg1 == NULL || alg1->algorithm == NULL)
608                                 return -1;
609                         hnid = OBJ_obj2nid(alg1->algorithm);
610                         if (hnid == NID_undef)
611                                 return -1;
612                         if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
613                                 return -1; 
614                         X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
615                         }
616                 return 1;
617 #ifndef OPENSSL_NO_CMS
618                 case ASN1_PKEY_CTRL_CMS_SIGN:
619                 if (arg1 == 0)
620                         {
621                         int snid, hnid;
622                         X509_ALGOR *alg1, *alg2;
623                         CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
624                         if (alg1 == NULL || alg1->algorithm == NULL)
625                                 return -1;
626                         hnid = OBJ_obj2nid(alg1->algorithm);
627                         if (hnid == NID_undef)
628                                 return -1;
629                         if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
630                                 return -1; 
631                         X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
632                         }
633                 return 1;
634
635                 case ASN1_PKEY_CTRL_CMS_RI_TYPE:
636                 *(int *)arg2 = CMS_RECIPINFO_NONE;
637                 return 1;
638 #endif
639
640                 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
641                 *(int *)arg2 = NID_sha1;
642                 return 2;
643
644                 default:
645                 return -2;
646
647                 }
648
649         }
650
651 /* NB these are sorted in pkey_id order, lowest first */
652
653 const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = 
654         {
655
656                 {
657                 EVP_PKEY_DSA2,
658                 EVP_PKEY_DSA,
659                 ASN1_PKEY_ALIAS
660                 },
661
662                 {
663                 EVP_PKEY_DSA1,
664                 EVP_PKEY_DSA,
665                 ASN1_PKEY_ALIAS
666                 },
667
668                 {
669                 EVP_PKEY_DSA4,
670                 EVP_PKEY_DSA,
671                 ASN1_PKEY_ALIAS
672                 },
673
674                 {
675                 EVP_PKEY_DSA3,
676                 EVP_PKEY_DSA,
677                 ASN1_PKEY_ALIAS
678                 },
679
680                 {
681                 EVP_PKEY_DSA,
682                 EVP_PKEY_DSA,
683                 0,
684
685                 "DSA",
686                 "OpenSSL DSA method",
687
688                 dsa_pub_decode,
689                 dsa_pub_encode,
690                 dsa_pub_cmp,
691                 dsa_pub_print,
692
693                 dsa_priv_decode,
694                 dsa_priv_encode,
695                 dsa_priv_print,
696
697                 int_dsa_size,
698                 dsa_bits,
699
700                 dsa_param_decode,
701                 dsa_param_encode,
702                 dsa_missing_parameters,
703                 dsa_copy_parameters,
704                 dsa_cmp_parameters,
705                 dsa_param_print,
706                 dsa_sig_print,
707
708                 int_dsa_free,
709                 dsa_pkey_ctrl,
710                 old_dsa_priv_decode,
711                 old_dsa_priv_encode
712                 }
713         };
714