Enc doesn't support AEAD ciphers.

[openssl.git] / crypto / dsa / dsa_lib.c

diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
index b9825791bab46e8ea0358026c91e3a3631e14289..b78fadd46792b8be65cc95073f8f6ae76503a843 100644 (file)
--- a/crypto/dsa/dsa_lib.c
+++ b/crypto/dsa/dsa_lib.c
@@ -70,7 +70,7 @@
 #include <openssl/dh.h>
 #endif
 
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
 
 static const DSA_METHOD *default_DSA_method = NULL;
 
@@ -163,7 +163,7 @@ DSA *DSA_new_method(ENGINE *engine)
        ret->method_mont_p=NULL;
 
        ret->references=1;
-       ret->flags=ret->meth->flags;
+       ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
@@ -272,11 +272,17 @@ void *DSA_get_ex_data(DSA *d, int idx)
        return(CRYPTO_get_ex_data(&d->ex_data,idx));
        }
 
+int DSA_security_bits(const DSA *d)
+       {
+       return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q));
+       }
+
 #ifndef OPENSSL_NO_DH
 DH *DSA_dup_DH(const DSA *r)
        {
        /* DSA has p, q, g, optional pub_key, optional priv_key.
-        * DH has p, optional length, g, optional pub_key, optional priv_key.
+        * DH has p, optional length, g, optional pub_key, optional priv_key,
+        * optional q.
         */ 
 
        DH *ret = NULL;
@@ -290,7 +296,11 @@ DH *DSA_dup_DH(const DSA *r)
                if ((ret->p = BN_dup(r->p)) == NULL)
                        goto err;
        if (r->q != NULL)
+               {
                ret->length = BN_num_bits(r->q);
+               if ((ret->q = BN_dup(r->q)) == NULL)
+                       goto err;
+               }
        if (r->g != NULL)
                if ((ret->g = BN_dup(r->g)) == NULL)
                        goto err;