1 /* $OpenBSD: dsa_ameth.c,v 1.39 2023/01/11 04:39:42 jsing Exp $ */ 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3 * project 2006. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #include <stdio.h> 60 61 #include <openssl/opensslconf.h> 62 63 #include <openssl/asn1.h> 64 #include <openssl/bn.h> 65 #include <openssl/cms.h> 66 #include <openssl/dsa.h> 67 #include <openssl/err.h> 68 #include <openssl/x509.h> 69 70 #include "asn1_local.h" 71 #include "bn_local.h" 72 #include "dsa_local.h" 73 #include "evp_local.h" 74 75 static int 76 dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) 77 { 78 const unsigned char *p, *pm; 79 int pklen, pmlen; 80 int ptype; 81 const void *pval; 82 const ASN1_STRING *pstr; 83 X509_ALGOR *palg; 84 ASN1_INTEGER *public_key = NULL; 85 86 DSA *dsa = NULL; 87 88 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) 89 return 0; 90 X509_ALGOR_get0(NULL, &ptype, &pval, palg); 91 92 if (ptype == V_ASN1_SEQUENCE) { 93 pstr = pval; 94 pm = pstr->data; 95 pmlen = pstr->length; 96 97 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) { 98 DSAerror(DSA_R_DECODE_ERROR); 99 goto err; 100 } 101 } else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) { 102 if (!(dsa = DSA_new())) { 103 DSAerror(ERR_R_MALLOC_FAILURE); 104 goto err; 105 } 106 } else { 107 DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); 108 goto err; 109 } 110 111 if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) { 112 DSAerror(DSA_R_DECODE_ERROR); 113 goto err; 114 } 115 116 if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) { 117 DSAerror(DSA_R_BN_DECODE_ERROR); 118 goto err; 119 } 120 121 ASN1_INTEGER_free(public_key); 122 EVP_PKEY_assign_DSA(pkey, dsa); 123 return 1; 124 125 err: 126 if (public_key) 127 ASN1_INTEGER_free(public_key); 128 DSA_free(dsa); 129 return 0; 130 } 131 132 static int 133 dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) 134 { 135 DSA *dsa; 136 ASN1_INTEGER *pubint = NULL; 137 ASN1_STRING *str = NULL; 138 int ptype = V_ASN1_UNDEF; 139 unsigned char *penc = NULL; 140 int penclen; 141 142 dsa = pkey->pkey.dsa; 143 if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) { 144 if ((str = ASN1_STRING_new()) == NULL) { 145 DSAerror(ERR_R_MALLOC_FAILURE); 146 goto err; 147 } 148 str->length = i2d_DSAparams(dsa, &str->data); 149 if (str->length <= 0) { 150 DSAerror(ERR_R_MALLOC_FAILURE); 151 goto err; 152 } 153 ptype = V_ASN1_SEQUENCE; 154 } 155 156 if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { 157 DSAerror(ERR_R_MALLOC_FAILURE); 158 goto err; 159 } 160 161 penclen = i2d_ASN1_INTEGER(pubint, &penc); 162 ASN1_INTEGER_free(pubint); 163 164 if (penclen <= 0) { 165 DSAerror(ERR_R_MALLOC_FAILURE); 166 goto err; 167 } 168 169 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, str, 170 penc, penclen)) 171 return 1; 172 173 err: 174 free(penc); 175 ASN1_STRING_free(str); 176 177 return 0; 178 } 179 180 /* In PKCS#8 DSA: you just get a private key integer and parameters in the 181 * AlgorithmIdentifier the pubkey must be recalculated. 182 */ 183 static int 184 dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) 185 { 186 const unsigned char *p, *pm; 187 int pklen, pmlen; 188 int ptype; 189 const void *pval; 190 const ASN1_STRING *pstr; 191 const X509_ALGOR *palg; 192 ASN1_INTEGER *privkey = NULL; 193 BN_CTX *ctx = NULL; 194 DSA *dsa = NULL; 195 int ret = 0; 196 197 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) 198 return 0; 199 X509_ALGOR_get0(NULL, &ptype, &pval, palg); 200 if (ptype != V_ASN1_SEQUENCE) 201 goto decerr; 202 203 if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) 204 goto decerr; 205 if (privkey->type == V_ASN1_NEG_INTEGER) 206 goto decerr; 207 208 pstr = pval; 209 pm = pstr->data; 210 pmlen = pstr->length; 211 if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) 212 goto decerr; 213 /* We have parameters now set private key */ 214 if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { 215 DSAerror(DSA_R_BN_ERROR); 216 goto dsaerr; 217 } 218 /* Calculate public key */ 219 if (!(dsa->pub_key = BN_new())) { 220 DSAerror(ERR_R_MALLOC_FAILURE); 221 goto dsaerr; 222 } 223 224 if ((ctx = BN_CTX_new()) == NULL) { 225 DSAerror(ERR_R_MALLOC_FAILURE); 226 goto dsaerr; 227 } 228 229 BN_CTX_start(ctx); 230 231 if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { 232 DSAerror(DSA_R_BN_ERROR); 233 goto dsaerr; 234 } 235 236 if (!EVP_PKEY_assign_DSA(pkey, dsa)) 237 goto decerr; 238 239 ret = 1; 240 goto done; 241 242 decerr: 243 DSAerror(DSA_R_DECODE_ERROR); 244 dsaerr: 245 DSA_free(dsa); 246 done: 247 BN_CTX_end(ctx); 248 BN_CTX_free(ctx); 249 ASN1_INTEGER_free(privkey); 250 251 return ret; 252 } 253 254 static int 255 dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) 256 { 257 ASN1_STRING *params = NULL; 258 ASN1_INTEGER *prkey = NULL; 259 unsigned char *dp = NULL; 260 int dplen; 261 262 params = ASN1_STRING_new(); 263 if (!params) { 264 DSAerror(ERR_R_MALLOC_FAILURE); 265 goto err; 266 } 267 268 params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); 269 if (params->length <= 0) { 270 DSAerror(ERR_R_MALLOC_FAILURE); 271 goto err; 272 } 273 params->type = V_ASN1_SEQUENCE; 274 275 /* Get private key into integer */ 276 prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); 277 if (!prkey) { 278 DSAerror(DSA_R_BN_ERROR); 279 goto err; 280 } 281 282 dplen = i2d_ASN1_INTEGER(prkey, &dp); 283 284 ASN1_INTEGER_free(prkey); 285 prkey = NULL; 286 287 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, 288 params, dp, dplen)) 289 goto err; 290 291 return 1; 292 293 err: 294 free(dp); 295 ASN1_STRING_free(params); 296 ASN1_INTEGER_free(prkey); 297 return 0; 298 } 299 300 static int 301 int_dsa_size(const EVP_PKEY *pkey) 302 { 303 return DSA_size(pkey->pkey.dsa); 304 } 305 306 static int 307 dsa_bits(const EVP_PKEY *pkey) 308 { 309 return BN_num_bits(pkey->pkey.dsa->p); 310 } 311 312 static int 313 dsa_security_bits(const EVP_PKEY *pkey) 314 { 315 return DSA_security_bits(pkey->pkey.dsa); 316 } 317 318 static int 319 dsa_missing_parameters(const EVP_PKEY *pkey) 320 { 321 DSA *dsa; 322 323 dsa = pkey->pkey.dsa; 324 if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) 325 return 1; 326 return 0; 327 } 328 329 static int 330 dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 331 { 332 BIGNUM *a; 333 334 if ((a = BN_dup(from->pkey.dsa->p)) == NULL) 335 return 0; 336 BN_free(to->pkey.dsa->p); 337 to->pkey.dsa->p = a; 338 339 if ((a = BN_dup(from->pkey.dsa->q)) == NULL) 340 return 0; 341 BN_free(to->pkey.dsa->q); 342 to->pkey.dsa->q = a; 343 344 if ((a = BN_dup(from->pkey.dsa->g)) == NULL) 345 return 0; 346 BN_free(to->pkey.dsa->g); 347 to->pkey.dsa->g = a; 348 return 1; 349 } 350 351 static int 352 dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) 353 { 354 if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) || 355 BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) || 356 BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g)) 357 return 0; 358 else 359 return 1; 360 } 361 362 static int 363 dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) 364 { 365 if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0) 366 return 0; 367 else 368 return 1; 369 } 370 371 static void 372 int_dsa_free(EVP_PKEY *pkey) 373 { 374 DSA_free(pkey->pkey.dsa); 375 } 376 377 static void 378 update_buflen(const BIGNUM *b, size_t *pbuflen) 379 { 380 size_t i; 381 382 if (!b) 383 return; 384 if (*pbuflen < (i = (size_t)BN_num_bytes(b))) 385 *pbuflen = i; 386 } 387 388 static int 389 do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) 390 { 391 unsigned char *m = NULL; 392 int ret = 0; 393 size_t buf_len = 0; 394 const char *ktype = NULL; 395 const BIGNUM *priv_key, *pub_key; 396 397 if (ptype == 2) 398 priv_key = x->priv_key; 399 else 400 priv_key = NULL; 401 402 if (ptype > 0) 403 pub_key = x->pub_key; 404 else 405 pub_key = NULL; 406 407 if (ptype == 2) 408 ktype = "Private-Key"; 409 else if (ptype == 1) 410 ktype = "Public-Key"; 411 else 412 ktype = "DSA-Parameters"; 413 414 update_buflen(x->p, &buf_len); 415 update_buflen(x->q, &buf_len); 416 update_buflen(x->g, &buf_len); 417 update_buflen(priv_key, &buf_len); 418 update_buflen(pub_key, &buf_len); 419 420 m = malloc(buf_len + 10); 421 if (m == NULL) { 422 DSAerror(ERR_R_MALLOC_FAILURE); 423 goto err; 424 } 425 426 if (priv_key) { 427 if (!BIO_indent(bp, off, 128)) 428 goto err; 429 if (BIO_printf(bp, "%s: (%d bit)\n", ktype, 430 BN_num_bits(x->p)) <= 0) 431 goto err; 432 } 433 434 if (!ASN1_bn_print(bp, "priv:", priv_key, m, off)) 435 goto err; 436 if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off)) 437 goto err; 438 if (!ASN1_bn_print(bp, "P: ", x->p, m, off)) 439 goto err; 440 if (!ASN1_bn_print(bp, "Q: ", x->q, m, off)) 441 goto err; 442 if (!ASN1_bn_print(bp, "G: ", x->g, m, off)) 443 goto err; 444 ret = 1; 445 err: 446 free(m); 447 return ret; 448 } 449 450 static int 451 dsa_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) 452 { 453 DSA *dsa; 454 455 if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) { 456 DSAerror(ERR_R_DSA_LIB); 457 return 0; 458 } 459 EVP_PKEY_assign_DSA(pkey, dsa); 460 return 1; 461 } 462 463 static int 464 dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder) 465 { 466 return i2d_DSAparams(pkey->pkey.dsa, pder); 467 } 468 469 static int 470 dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) 471 { 472 return do_dsa_print(bp, pkey->pkey.dsa, indent, 0); 473 } 474 475 static int 476 dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) 477 { 478 return do_dsa_print(bp, pkey->pkey.dsa, indent, 1); 479 } 480 481 static int 482 dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) 483 { 484 return do_dsa_print(bp, pkey->pkey.dsa, indent, 2); 485 } 486 487 static int 488 old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) 489 { 490 DSA *dsa; 491 BN_CTX *ctx = NULL; 492 BIGNUM *j, *p1, *newp1, *powg; 493 int qbits; 494 495 if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) { 496 DSAerror(ERR_R_DSA_LIB); 497 return 0; 498 } 499 500 /* FIPS 186-3 allows only three different sizes for q. */ 501 qbits = BN_num_bits(dsa->q); 502 if (qbits != 160 && qbits != 224 && qbits != 256) { 503 DSAerror(DSA_R_BAD_Q_VALUE); 504 goto err; 505 } 506 if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) { 507 DSAerror(DSA_R_MODULUS_TOO_LARGE); 508 goto err; 509 } 510 511 /* Check that 1 < g < p. */ 512 if (BN_cmp(dsa->g, BN_value_one()) <= 0 || 513 BN_cmp(dsa->g, dsa->p) >= 0) { 514 DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); /* XXX */ 515 goto err; 516 } 517 518 if ((ctx = BN_CTX_new()) == NULL) 519 goto err; 520 521 BN_CTX_start(ctx); 522 523 /* 524 * Check that p and q are consistent with each other. 525 */ 526 if ((j = BN_CTX_get(ctx)) == NULL) 527 goto err; 528 if ((p1 = BN_CTX_get(ctx)) == NULL) 529 goto err; 530 if ((newp1 = BN_CTX_get(ctx)) == NULL) 531 goto err; 532 if ((powg = BN_CTX_get(ctx)) == NULL) 533 goto err; 534 535 /* p1 = p - 1 */ 536 if (BN_sub(p1, dsa->p, BN_value_one()) == 0) 537 goto err; 538 539 /* j = (p - 1) / q */ 540 if (BN_div_ct(j, NULL, p1, dsa->q, ctx) == 0) 541 goto err; 542 543 /* q * j should == p - 1 */ 544 if (BN_mul(newp1, dsa->q, j, ctx) == 0) 545 goto err; 546 if (BN_cmp(newp1, p1) != 0) { 547 DSAerror(DSA_R_BAD_Q_VALUE); 548 goto err; 549 } 550 551 /* 552 * Check that g generates a multiplicative subgroup of order q. 553 * We only check that g^q == 1, so the order is a divisor of q. 554 * Once we know that q is prime, this is enough. 555 */ 556 557 if (!BN_mod_exp_ct(powg, dsa->g, dsa->q, dsa->p, ctx)) 558 goto err; 559 if (BN_cmp(powg, BN_value_one()) != 0) { 560 DSAerror(DSA_R_PARAMETER_ENCODING_ERROR); /* XXX */ 561 goto err; 562 } 563 564 /* 565 * Check that q is not a composite number. 566 */ 567 568 if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) <= 0) { 569 DSAerror(DSA_R_BAD_Q_VALUE); 570 goto err; 571 } 572 573 BN_CTX_end(ctx); 574 BN_CTX_free(ctx); 575 576 EVP_PKEY_assign_DSA(pkey, dsa); 577 return 1; 578 579 err: 580 BN_CTX_end(ctx); 581 BN_CTX_free(ctx); 582 DSA_free(dsa); 583 return 0; 584 } 585 586 static int 587 old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) 588 { 589 return i2d_DSAPrivateKey(pkey->pkey.dsa, pder); 590 } 591 592 static int 593 dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig, 594 int indent, ASN1_PCTX *pctx) 595 { 596 DSA_SIG *dsa_sig; 597 const unsigned char *p; 598 599 if (!sig) { 600 if (BIO_puts(bp, "\n") <= 0) 601 return 0; 602 else 603 return 1; 604 } 605 p = sig->data; 606 dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); 607 if (dsa_sig) { 608 int rv = 0; 609 size_t buf_len = 0; 610 unsigned char *m = NULL; 611 612 update_buflen(dsa_sig->r, &buf_len); 613 update_buflen(dsa_sig->s, &buf_len); 614 m = malloc(buf_len + 10); 615 if (m == NULL) { 616 DSAerror(ERR_R_MALLOC_FAILURE); 617 goto err; 618 } 619 620 if (BIO_write(bp, "\n", 1) != 1) 621 goto err; 622 623 if (!ASN1_bn_print(bp, "r: ", dsa_sig->r, m, indent)) 624 goto err; 625 if (!ASN1_bn_print(bp, "s: ", dsa_sig->s, m, indent)) 626 goto err; 627 rv = 1; 628 err: 629 free(m); 630 DSA_SIG_free(dsa_sig); 631 return rv; 632 } 633 return X509_signature_dump(bp, sig, indent); 634 } 635 636 static int 637 dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) 638 { 639 switch (op) { 640 case ASN1_PKEY_CTRL_PKCS7_SIGN: 641 if (arg1 == 0) { 642 int snid, hnid; 643 X509_ALGOR *alg1, *alg2; 644 645 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); 646 if (alg1 == NULL || alg1->algorithm == NULL) 647 return -1; 648 hnid = OBJ_obj2nid(alg1->algorithm); 649 if (hnid == NID_undef) 650 return -1; 651 if (!OBJ_find_sigid_by_algs(&snid, hnid, 652 EVP_PKEY_id(pkey))) 653 return -1; 654 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 655 0); 656 } 657 return 1; 658 659 #ifndef OPENSSL_NO_CMS 660 case ASN1_PKEY_CTRL_CMS_SIGN: 661 if (arg1 == 0) { 662 int snid, hnid; 663 X509_ALGOR *alg1, *alg2; 664 665 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); 666 if (alg1 == NULL || alg1->algorithm == NULL) 667 return -1; 668 hnid = OBJ_obj2nid(alg1->algorithm); 669 if (hnid == NID_undef) 670 return -1; 671 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) 672 return -1; 673 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); 674 } 675 return 1; 676 677 case ASN1_PKEY_CTRL_CMS_RI_TYPE: 678 *(int *)arg2 = CMS_RECIPINFO_NONE; 679 return 1; 680 #endif 681 682 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: 683 *(int *)arg2 = NID_sha1; 684 return 2; 685 686 default: 687 return -2; 688 } 689 } 690 691 /* NB these are sorted in pkey_id order, lowest first */ 692 693 const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = { 694 { 695 .pkey_id = EVP_PKEY_DSA2, 696 .pkey_base_id = EVP_PKEY_DSA, 697 .pkey_flags = ASN1_PKEY_ALIAS 698 }, 699 700 { 701 .pkey_id = EVP_PKEY_DSA1, 702 .pkey_base_id = EVP_PKEY_DSA, 703 .pkey_flags = ASN1_PKEY_ALIAS 704 }, 705 706 { 707 .pkey_id = EVP_PKEY_DSA4, 708 .pkey_base_id = EVP_PKEY_DSA, 709 .pkey_flags = ASN1_PKEY_ALIAS 710 }, 711 712 { 713 .pkey_id = EVP_PKEY_DSA3, 714 .pkey_base_id = EVP_PKEY_DSA, 715 .pkey_flags = ASN1_PKEY_ALIAS 716 }, 717 718 { 719 .pkey_id = EVP_PKEY_DSA, 720 .pkey_base_id = EVP_PKEY_DSA, 721 722 .pem_str = "DSA", 723 .info = "OpenSSL DSA method", 724 725 .pub_decode = dsa_pub_decode, 726 .pub_encode = dsa_pub_encode, 727 .pub_cmp = dsa_pub_cmp, 728 .pub_print = dsa_pub_print, 729 730 .priv_decode = dsa_priv_decode, 731 .priv_encode = dsa_priv_encode, 732 .priv_print = dsa_priv_print, 733 734 .pkey_size = int_dsa_size, 735 .pkey_bits = dsa_bits, 736 .pkey_security_bits = dsa_security_bits, 737 738 .param_decode = dsa_param_decode, 739 .param_encode = dsa_param_encode, 740 .param_missing = dsa_missing_parameters, 741 .param_copy = dsa_copy_parameters, 742 .param_cmp = dsa_cmp_parameters, 743 .param_print = dsa_param_print, 744 .sig_print = dsa_sig_print, 745 746 .pkey_free = int_dsa_free, 747 .pkey_ctrl = dsa_pkey_ctrl, 748 .old_priv_decode = old_dsa_priv_decode, 749 .old_priv_encode = old_dsa_priv_encode 750 } 751 }; 752