#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
static const DSA_METHOD *default_DSA_method = NULL;
const DSA_METHOD *mtmp;
mtmp = dsa->meth;
if (mtmp->finish) mtmp->finish(dsa);
+#ifndef OPENSSL_NO_ENGINE
if (dsa->engine)
{
ENGINE_finish(dsa->engine);
dsa->engine = NULL;
}
+#endif
dsa->meth = meth;
if (meth->init) meth->init(dsa);
return 1;
return(NULL);
}
ret->meth = DSA_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
if (engine)
{
if (!ENGINE_init(engine))
return NULL;
}
}
+#endif
ret->pad=0;
ret->version=0;
ret->method_mont_p=NULL;
ret->references=1;
- ret->flags=ret->meth->flags;
+ ret->flags=ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
+#ifndef OPENSSL_NO_ENGINE
if (ret->engine)
ENGINE_finish(ret->engine);
+#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
if(r->meth->finish)
r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
if(r->engine)
ENGINE_finish(r->engine);
+#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
{
int ret,i;
ASN1_INTEGER bs;
- unsigned char buf[4];
+ unsigned char buf[4]; /* 4 bytes looks really small.
+ However, i2d_ASN1_INTEGER() will not look
+ beyond the first byte, as long as the second
+ parameter is NULL. */
i=BN_num_bits(r->q);
bs.length=(i+7)/8;
return(CRYPTO_get_ex_data(&d->ex_data,idx));
}
+int DSA_security_bits(const DSA *d)
+ {
+ return BN_security_bits(BN_num_bits(d->p), BN_num_bits(d->q));
+ }
+
#ifndef OPENSSL_NO_DH
DH *DSA_dup_DH(const DSA *r)
{
/* DSA has p, q, g, optional pub_key, optional priv_key.
- * DH has p, optional length, g, optional pub_key, optional priv_key.
+ * DH has p, optional length, g, optional pub_key, optional priv_key,
+ * optional q.
*/
DH *ret = NULL;
if ((ret->p = BN_dup(r->p)) == NULL)
goto err;
if (r->q != NULL)
+ {
ret->length = BN_num_bits(r->q);
+ if ((ret->q = BN_dup(r->q)) == NULL)
+ goto err;
+ }
if (r->g != NULL)
if ((ret->g = BN_dup(r->g)) == NULL)
goto err;