aa3f55e2185e1bf5820d5ef6aef5848d6f7f95e2
[openssl.git] / crypto / dsa / dsa_ameth.c
1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
2  * project 2006.
3  */
4 /* ====================================================================
5  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer. 
13  *
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in
16  *    the documentation and/or other materials provided with the
17  *    distribution.
18  *
19  * 3. All advertising materials mentioning features or use of this
20  *    software must display the following acknowledgment:
21  *    "This product includes software developed by the OpenSSL Project
22  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
23  *
24  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25  *    endorse or promote products derived from this software without
26  *    prior written permission. For written permission, please contact
27  *    licensing@OpenSSL.org.
28  *
29  * 5. Products derived from this software may not be called "OpenSSL"
30  *    nor may "OpenSSL" appear in their names without prior written
31  *    permission of the OpenSSL Project.
32  *
33  * 6. Redistributions of any form whatsoever must retain the following
34  *    acknowledgment:
35  *    "This product includes software developed by the OpenSSL Project
36  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
37  *
38  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
42  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49  * OF THE POSSIBILITY OF SUCH DAMAGE.
50  * ====================================================================
51  *
52  * This product includes cryptographic software written by Eric Young
53  * (eay@cryptsoft.com).  This product includes software written by Tim
54  * Hudson (tjh@cryptsoft.com).
55  *
56  */
57
58 #include <stdio.h>
59 #include "cryptlib.h"
60 #include <openssl/x509.h>
61 #include <openssl/asn1.h>
62 #include <openssl/dsa.h>
63 #include <openssl/bn.h>
64 #ifndef OPENSSL_NO_CMS
65 #include <openssl/cms.h>
66 #endif
67 #include "asn1_locl.h"
68
69 static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
70         {
71         const unsigned char *p, *pm;
72         int pklen, pmlen;
73         int ptype;
74         void *pval;
75         ASN1_STRING *pstr;
76         X509_ALGOR *palg;
77         ASN1_INTEGER *public_key = NULL;
78
79         DSA *dsa = NULL;
80
81         if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
82                 return 0;
83         X509_ALGOR_get0(NULL, &ptype, &pval, palg);
84
85
86         if (ptype == V_ASN1_SEQUENCE)
87                 {
88                 pstr = pval;    
89                 pm = pstr->data;
90                 pmlen = pstr->length;
91
92                 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
93                         {
94                         DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
95                         goto err;
96                         }
97
98                 }
99         else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF))
100                 {
101                 if (!(dsa = DSA_new()))
102                         {
103                         DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
104                         goto err;
105                         }
106                 }
107         else
108                 {
109                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
110                 goto err;
111                 }
112
113         if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
114                 {
115                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
116                 goto err;
117                 }
118
119         if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
120                 {
121                 DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
122                 goto err;
123                 }
124
125         ASN1_INTEGER_free(public_key);
126         EVP_PKEY_assign_DSA(pkey, dsa);
127         return 1;
128
129         err:
130         if (public_key)
131                 ASN1_INTEGER_free(public_key);
132         if (dsa)
133                 DSA_free(dsa);
134         return 0;
135
136         }
137
138 static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
139         {
140         DSA *dsa;
141         void *pval = NULL;
142         int ptype;
143         unsigned char *penc = NULL;
144         int penclen;
145
146         dsa=pkey->pkey.dsa;
147         if (pkey->save_parameters && dsa->p && dsa->q && dsa->g)
148                 {
149                 ASN1_STRING *str;
150                 str = ASN1_STRING_new();
151                 str->length = i2d_DSAparams(dsa, &str->data);
152                 if (str->length <= 0)
153                         {
154                         DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
155                         goto err;
156                         }
157                 pval = str;
158                 ptype = V_ASN1_SEQUENCE;
159                 }
160         else
161                 ptype = V_ASN1_UNDEF;
162
163         dsa->write_params=0;
164
165         penclen = i2d_DSAPublicKey(dsa, &penc);
166
167         if (penclen <= 0)
168                 {
169                 DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
170                 goto err;
171                 }
172
173         if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
174                                 ptype, pval, penc, penclen))
175                 return 1;
176
177         err:
178         if (penc)
179                 OPENSSL_free(penc);
180         if (pval)
181                 ASN1_STRING_free(pval);
182
183         return 0;
184         }
185
186 /* In PKCS#8 DSA: you just get a private key integer and parameters in the
187  * AlgorithmIdentifier the pubkey must be recalculated.
188  */
189         
190 static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
191         {
192         const unsigned char *p, *pm;
193         int pklen, pmlen;
194         int ptype;
195         void *pval;
196         ASN1_STRING *pstr;
197         X509_ALGOR *palg;
198         ASN1_INTEGER *privkey = NULL;
199         BN_CTX *ctx = NULL;
200
201         STACK_OF(ASN1_TYPE) *ndsa = NULL;
202         DSA *dsa = NULL;
203
204         if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
205                 return 0;
206         X509_ALGOR_get0(NULL, &ptype, &pval, palg);
207
208         /* Check for broken DSA PKCS#8, UGH! */
209         if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
210                 {
211                 ASN1_TYPE *t1, *t2;
212                 if(!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
213                         goto decerr;
214                 if (sk_ASN1_TYPE_num(ndsa) != 2)
215                         goto decerr;
216                 /* Handle Two broken types:
217                  * SEQUENCE {parameters, priv_key}
218                  * SEQUENCE {pub_key, priv_key}
219                  */
220
221                 t1 = sk_ASN1_TYPE_value(ndsa, 0);
222                 t2 = sk_ASN1_TYPE_value(ndsa, 1);
223                 if (t1->type == V_ASN1_SEQUENCE)
224                         {
225                         p8->broken = PKCS8_EMBEDDED_PARAM;
226                         pval = t1->value.ptr;
227                         }
228                 else if (ptype == V_ASN1_SEQUENCE)
229                         p8->broken = PKCS8_NS_DB;
230                 else
231                         goto decerr;
232
233                 if (t2->type != V_ASN1_INTEGER)
234                         goto decerr;
235
236                 privkey = t2->value.integer;
237                 }
238         else
239                 {
240                 const unsigned char *q = p;
241                 if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
242                         goto decerr;
243                 if (privkey->type == V_ASN1_NEG_INTEGER)
244                         {
245                         p8->broken = PKCS8_NEG_PRIVKEY;
246                         ASN1_INTEGER_free(privkey);
247                         if (!(privkey=d2i_ASN1_UINTEGER(NULL, &q, pklen)))
248                                 goto decerr;
249                         }
250                 if (ptype != V_ASN1_SEQUENCE)
251                         goto decerr;
252                 }
253
254         pstr = pval;    
255         pm = pstr->data;
256         pmlen = pstr->length;
257         if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
258                 goto decerr;
259         /* We have parameters now set private key */
260         if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
261                 {
262                 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
263                 goto dsaerr;
264                 }
265         /* Calculate public key */
266         if (!(dsa->pub_key = BN_new()))
267                 {
268                 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
269                 goto dsaerr;
270                 }
271         if (!(ctx = BN_CTX_new()))
272                 {
273                 DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
274                 goto dsaerr;
275                 }
276                         
277         if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
278                 {
279                 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
280                 goto dsaerr;
281                 }
282
283         EVP_PKEY_assign_DSA(pkey, dsa);
284         BN_CTX_free (ctx);
285         if(ndsa)
286                 sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
287         else
288                 ASN1_INTEGER_free(privkey);
289
290         return 1;
291
292         decerr:
293         DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
294         dsaerr:
295         BN_CTX_free (ctx);
296         if (privkey)
297                 ASN1_INTEGER_free(privkey);
298         sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
299         DSA_free(dsa);
300         return 0;
301         }
302
303 static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
304 {
305         ASN1_STRING *params = NULL;
306         ASN1_INTEGER *prkey = NULL;
307         unsigned char *dp = NULL;
308         int dplen;
309
310         if (!pkey->pkey.dsa->priv_key)
311                 {
312                 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_MISSING_PARAMETERS);
313                 goto err;
314                 }
315
316         params = ASN1_STRING_new();
317
318         if (!params)
319                 {
320                 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
321                 goto err;
322                 }
323
324         params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
325         if (params->length <= 0)
326                 {
327                 DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
328                 goto err;
329                 }
330         params->type = V_ASN1_SEQUENCE;
331
332         /* Get private key into integer */
333         prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
334
335         if (!prkey)
336                 {
337                 DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR);
338                 goto err;
339                 }
340
341         dplen = i2d_ASN1_INTEGER(prkey, &dp);
342
343         ASN1_INTEGER_free(prkey);
344
345         if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
346                                 V_ASN1_SEQUENCE, params, dp, dplen))
347                 goto err;
348
349         return 1;
350
351 err:
352         if (dp != NULL)
353                 OPENSSL_free(dp);
354         if (params != NULL)
355                 ASN1_STRING_free(params);
356         if (prkey != NULL)
357                 ASN1_INTEGER_free(prkey);
358         return 0;
359 }
360
361 static int int_dsa_size(const EVP_PKEY *pkey)
362         {
363         return(DSA_size(pkey->pkey.dsa));
364         }
365
366 static int dsa_bits(const EVP_PKEY *pkey)
367         {
368         return BN_num_bits(pkey->pkey.dsa->p);
369         }
370
371 static int dsa_security_bits(const EVP_PKEY *pkey)
372         {
373         return DSA_security_bits(pkey->pkey.dsa);
374         }
375
376 static int dsa_missing_parameters(const EVP_PKEY *pkey)
377         {
378         DSA *dsa;
379         dsa=pkey->pkey.dsa;
380         if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
381                         return 1;
382         return 0;
383         }
384
385 static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
386         {
387         BIGNUM *a;
388
389         if ((a=BN_dup(from->pkey.dsa->p)) == NULL)
390                 return 0;
391         if (to->pkey.dsa->p != NULL)
392                 BN_free(to->pkey.dsa->p);
393         to->pkey.dsa->p=a;
394
395         if ((a=BN_dup(from->pkey.dsa->q)) == NULL)
396                 return 0;
397         if (to->pkey.dsa->q != NULL)
398                 BN_free(to->pkey.dsa->q);
399         to->pkey.dsa->q=a;
400
401         if ((a=BN_dup(from->pkey.dsa->g)) == NULL)
402                 return 0;
403         if (to->pkey.dsa->g != NULL)
404                 BN_free(to->pkey.dsa->g);
405         to->pkey.dsa->g=a;
406         return 1;
407         }
408
409 static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
410         {
411         if (    BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
412                 BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
413                 BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
414                 return 0;
415         else
416                 return 1;
417         }
418
419 static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
420         {
421         if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
422                 return 0;
423         else
424                 return 1;
425         }
426
427 static void int_dsa_free(EVP_PKEY *pkey)
428         {
429         DSA_free(pkey->pkey.dsa);
430         }
431
432 static void update_buflen(const BIGNUM *b, size_t *pbuflen)
433         {
434         size_t i;
435         if (!b)
436                 return;
437         if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
438                         *pbuflen = i;
439         }
440
441 static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
442         {
443         unsigned char *m=NULL;
444         int ret=0;
445         size_t buf_len=0;
446         const char *ktype = NULL;
447
448         const BIGNUM *priv_key, *pub_key;
449
450         if (ptype == 2)
451                 priv_key = x->priv_key;
452         else
453                 priv_key = NULL;
454
455         if (ptype > 0)
456                 pub_key = x->pub_key;
457         else
458                 pub_key = NULL;
459
460         if (ptype == 2)
461                 ktype = "Private-Key";
462         else if (ptype == 1)
463                 ktype = "Public-Key";
464         else
465                 ktype = "DSA-Parameters";
466
467         update_buflen(x->p, &buf_len);
468         update_buflen(x->q, &buf_len);
469         update_buflen(x->g, &buf_len);
470         update_buflen(priv_key, &buf_len);
471         update_buflen(pub_key, &buf_len);
472
473         m=(unsigned char *)OPENSSL_malloc(buf_len+10);
474         if (m == NULL)
475                 {
476                 DSAerr(DSA_F_DO_DSA_PRINT,ERR_R_MALLOC_FAILURE);
477                 goto err;
478                 }
479
480         if (priv_key)
481                 {
482                 if(!BIO_indent(bp,off,128))
483                    goto err;
484                 if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p))
485                         <= 0) goto err;
486                 }
487
488         if (!ASN1_bn_print(bp,"priv:",priv_key,m,off))
489                 goto err;
490         if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off))
491                 goto err;
492         if (!ASN1_bn_print(bp,"P:   ",x->p,m,off)) goto err;
493         if (!ASN1_bn_print(bp,"Q:   ",x->q,m,off)) goto err;
494         if (!ASN1_bn_print(bp,"G:   ",x->g,m,off)) goto err;
495         ret=1;
496 err:
497         if (m != NULL) OPENSSL_free(m);
498         return(ret);
499         }
500
501 static int dsa_param_decode(EVP_PKEY *pkey,
502                                         const unsigned char **pder, int derlen)
503         {
504         DSA *dsa;
505         if (!(dsa = d2i_DSAparams(NULL, pder, derlen)))
506                 {
507                 DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
508                 return 0;
509                 }
510         EVP_PKEY_assign_DSA(pkey, dsa);
511         return 1;
512         }
513
514 static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
515         {
516         return i2d_DSAparams(pkey->pkey.dsa, pder);
517         }
518
519 static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
520                                                         ASN1_PCTX *ctx)
521         {
522         return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
523         }
524
525 static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
526                                                         ASN1_PCTX *ctx)
527         {
528         return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
529         }
530
531
532 static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
533                                                         ASN1_PCTX *ctx)
534         {
535         return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
536         }
537
538 static int old_dsa_priv_decode(EVP_PKEY *pkey,
539                                         const unsigned char **pder, int derlen)
540         {
541         DSA *dsa;
542         if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen)))
543                 {
544                 DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
545                 return 0;
546                 }
547         EVP_PKEY_assign_DSA(pkey, dsa);
548         return 1;
549         }
550
551 static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
552         {
553         return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
554         }
555
556 static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
557                                         const ASN1_STRING *sig,
558                                         int indent, ASN1_PCTX *pctx)
559         {
560         DSA_SIG *dsa_sig;
561         const unsigned char *p;
562         if (!sig)
563                 {
564                 if (BIO_puts(bp, "\n") <= 0)
565                         return 0;
566                 else
567                         return 1;
568                 }
569         p = sig->data;
570         dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
571         if (dsa_sig)
572                 {
573                 int rv = 0;
574                 size_t buf_len = 0;
575                 unsigned char *m=NULL;
576                 update_buflen(dsa_sig->r, &buf_len);
577                 update_buflen(dsa_sig->s, &buf_len);
578                 m = OPENSSL_malloc(buf_len+10);
579                 if (m == NULL)
580                         {
581                         DSAerr(DSA_F_DSA_SIG_PRINT,ERR_R_MALLOC_FAILURE);
582                         goto err;
583                         }
584
585                 if (BIO_write(bp, "\n", 1) != 1)
586                         goto err;
587
588                 if (!ASN1_bn_print(bp,"r:   ",dsa_sig->r,m,indent))
589                         goto err;
590                 if (!ASN1_bn_print(bp,"s:   ",dsa_sig->s,m,indent))
591                         goto err;
592                 rv = 1;
593                 err:
594                 if (m)
595                         OPENSSL_free(m);
596                 DSA_SIG_free(dsa_sig);
597                 return rv;
598                 }
599         return X509_signature_dump(bp, sig, indent);
600         }
601
602 static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
603         {
604         switch (op)
605                 {
606                 case ASN1_PKEY_CTRL_PKCS7_SIGN:
607                 if (arg1 == 0)
608                         {
609                         int snid, hnid;
610                         X509_ALGOR *alg1, *alg2;
611                         PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
612                         if (alg1 == NULL || alg1->algorithm == NULL)
613                                 return -1;
614                         hnid = OBJ_obj2nid(alg1->algorithm);
615                         if (hnid == NID_undef)
616                                 return -1;
617                         if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
618                                 return -1; 
619                         X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
620                         }
621                 return 1;
622 #ifndef OPENSSL_NO_CMS
623                 case ASN1_PKEY_CTRL_CMS_SIGN:
624                 if (arg1 == 0)
625                         {
626                         int snid, hnid;
627                         X509_ALGOR *alg1, *alg2;
628                         CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
629                         if (alg1 == NULL || alg1->algorithm == NULL)
630                                 return -1;
631                         hnid = OBJ_obj2nid(alg1->algorithm);
632                         if (hnid == NID_undef)
633                                 return -1;
634                         if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
635                                 return -1; 
636                         X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
637                         }
638                 return 1;
639
640                 case ASN1_PKEY_CTRL_CMS_RI_TYPE:
641                 *(int *)arg2 = CMS_RECIPINFO_NONE;
642                 return 1;
643 #endif
644
645                 case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
646                 *(int *)arg2 = NID_sha1;
647                 return 2;
648
649                 default:
650                 return -2;
651
652                 }
653
654         }
655
656 /* NB these are sorted in pkey_id order, lowest first */
657
658 const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = 
659         {
660
661                 {
662                 EVP_PKEY_DSA2,
663                 EVP_PKEY_DSA,
664                 ASN1_PKEY_ALIAS
665                 },
666
667                 {
668                 EVP_PKEY_DSA1,
669                 EVP_PKEY_DSA,
670                 ASN1_PKEY_ALIAS
671                 },
672
673                 {
674                 EVP_PKEY_DSA4,
675                 EVP_PKEY_DSA,
676                 ASN1_PKEY_ALIAS
677                 },
678
679                 {
680                 EVP_PKEY_DSA3,
681                 EVP_PKEY_DSA,
682                 ASN1_PKEY_ALIAS
683                 },
684
685                 {
686                 EVP_PKEY_DSA,
687                 EVP_PKEY_DSA,
688                 0,
689
690                 "DSA",
691                 "OpenSSL DSA method",
692
693                 dsa_pub_decode,
694                 dsa_pub_encode,
695                 dsa_pub_cmp,
696                 dsa_pub_print,
697
698                 dsa_priv_decode,
699                 dsa_priv_encode,
700                 dsa_priv_print,
701
702                 int_dsa_size,
703                 dsa_bits,
704                 dsa_security_bits,
705
706                 dsa_param_decode,
707                 dsa_param_encode,
708                 dsa_missing_parameters,
709                 dsa_copy_parameters,
710                 dsa_cmp_parameters,
711                 dsa_param_print,
712                 dsa_sig_print,
713
714                 int_dsa_free,
715                 dsa_pkey_ctrl,
716                 old_dsa_priv_decode,
717                 old_dsa_priv_encode
718                 }
719         };
720