2
0

dsa_ameth.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634
  1. /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
  2. * project 2006.
  3. */
  4. /* ====================================================================
  5. * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
  6. *
  7. * Redistribution and use in source and binary forms, with or without
  8. * modification, are permitted provided that the following conditions
  9. * are met:
  10. *
  11. * 1. Redistributions of source code must retain the above copyright
  12. * notice, this list of conditions and the following disclaimer.
  13. *
  14. * 2. Redistributions in binary form must reproduce the above copyright
  15. * notice, this list of conditions and the following disclaimer in
  16. * the documentation and/or other materials provided with the
  17. * distribution.
  18. *
  19. * 3. All advertising materials mentioning features or use of this
  20. * software must display the following acknowledgment:
  21. * "This product includes software developed by the OpenSSL Project
  22. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  23. *
  24. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  25. * endorse or promote products derived from this software without
  26. * prior written permission. For written permission, please contact
  27. * licensing@OpenSSL.org.
  28. *
  29. * 5. Products derived from this software may not be called "OpenSSL"
  30. * nor may "OpenSSL" appear in their names without prior written
  31. * permission of the OpenSSL Project.
  32. *
  33. * 6. Redistributions of any form whatsoever must retain the following
  34. * acknowledgment:
  35. * "This product includes software developed by the OpenSSL Project
  36. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  37. *
  38. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  39. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  40. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  41. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  42. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  43. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  44. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  45. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  46. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  47. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  48. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  49. * OF THE POSSIBILITY OF SUCH DAMAGE.
  50. * ====================================================================
  51. *
  52. * This product includes cryptographic software written by Eric Young
  53. * (eay@cryptsoft.com). This product includes software written by Tim
  54. * Hudson (tjh@cryptsoft.com).
  55. *
  56. */
  57. #include <stdio.h>
  58. #include "cryptlib.h"
  59. #include <openssl/x509.h>
  60. #include <openssl/asn1.h>
  61. #include <openssl/dsa.h>
  62. #include "asn1_locl.h"
  63. static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
  64. {
  65. const unsigned char *p, *pm;
  66. int pklen, pmlen;
  67. int ptype;
  68. void *pval;
  69. ASN1_STRING *pstr;
  70. X509_ALGOR *palg;
  71. ASN1_INTEGER *public_key = NULL;
  72. DSA *dsa = NULL;
  73. if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
  74. return 0;
  75. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  76. if (ptype == V_ASN1_SEQUENCE)
  77. {
  78. pstr = pval;
  79. pm = pstr->data;
  80. pmlen = pstr->length;
  81. if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
  82. {
  83. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
  84. goto err;
  85. }
  86. }
  87. else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF))
  88. {
  89. if (!(dsa = DSA_new()))
  90. {
  91. DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
  92. goto err;
  93. }
  94. }
  95. else
  96. {
  97. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
  98. goto err;
  99. }
  100. if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen)))
  101. {
  102. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
  103. goto err;
  104. }
  105. if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)))
  106. {
  107. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
  108. goto err;
  109. }
  110. ASN1_INTEGER_free(public_key);
  111. EVP_PKEY_assign_DSA(pkey, dsa);
  112. return 1;
  113. err:
  114. if (pubkey)
  115. ASN1_INTEGER_free(public_key);
  116. if (dsa)
  117. DSA_free(dsa);
  118. return 0;
  119. }
  120. static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
  121. {
  122. DSA *dsa;
  123. void *pval = NULL;
  124. int ptype;
  125. unsigned char *penc = NULL;
  126. int penclen;
  127. dsa=pkey->pkey.dsa;
  128. if (pkey->save_parameters && dsa->p && dsa->q && dsa->g)
  129. {
  130. ASN1_STRING *str;
  131. str = ASN1_STRING_new();
  132. str->length = i2d_DSAparams(dsa, &str->data);
  133. if (str->length <= 0)
  134. {
  135. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  136. goto err;
  137. }
  138. pval = str;
  139. ptype = V_ASN1_SEQUENCE;
  140. }
  141. else
  142. ptype = V_ASN1_UNDEF;
  143. dsa->write_params=0;
  144. penclen = i2d_DSAPublicKey(dsa, &penc);
  145. if (penclen <= 0)
  146. {
  147. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  148. goto err;
  149. }
  150. if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
  151. ptype, pval, penc, penclen))
  152. return 1;
  153. err:
  154. if (penc)
  155. OPENSSL_free(penc);
  156. if (pval)
  157. ASN1_STRING_free(pval);
  158. return 0;
  159. }
  160. /* In PKCS#8 DSA: you just get a private key integer and parameters in the
  161. * AlgorithmIdentifier the pubkey must be recalculated.
  162. */
  163. static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
  164. {
  165. const unsigned char *p, *pm;
  166. int pklen, pmlen;
  167. int ptype;
  168. void *pval;
  169. ASN1_STRING *pstr;
  170. X509_ALGOR *palg;
  171. ASN1_INTEGER *privkey = NULL;
  172. BN_CTX *ctx = NULL;
  173. STACK_OF(ASN1_TYPE) *ndsa = NULL;
  174. DSA *dsa = NULL;
  175. if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
  176. return 0;
  177. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  178. /* Check for broken DSA PKCS#8, UGH! */
  179. if (*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED))
  180. {
  181. ASN1_TYPE *t1, *t2;
  182. if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pklen,
  183. d2i_ASN1_TYPE,
  184. ASN1_TYPE_free)))
  185. goto decerr;
  186. if (sk_ASN1_TYPE_num(ndsa) != 2)
  187. goto decerr;
  188. /* Handle Two broken types:
  189. * SEQUENCE {parameters, priv_key}
  190. * SEQUENCE {pub_key, priv_key}
  191. */
  192. t1 = sk_ASN1_TYPE_value(ndsa, 0);
  193. t2 = sk_ASN1_TYPE_value(ndsa, 1);
  194. if (t1->type == V_ASN1_SEQUENCE)
  195. {
  196. p8->broken = PKCS8_EMBEDDED_PARAM;
  197. pval = t1->value.ptr;
  198. }
  199. else if (ptype == V_ASN1_SEQUENCE)
  200. p8->broken = PKCS8_NS_DB;
  201. else
  202. goto decerr;
  203. if (t2->type != V_ASN1_INTEGER)
  204. goto decerr;
  205. privkey = t2->value.integer;
  206. }
  207. else
  208. {
  209. if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
  210. goto decerr;
  211. if (ptype != V_ASN1_SEQUENCE)
  212. goto decerr;
  213. }
  214. pstr = pval;
  215. pm = pstr->data;
  216. pmlen = pstr->length;
  217. if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
  218. goto decerr;
  219. /* We have parameters now set private key */
  220. if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)))
  221. {
  222. DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
  223. goto dsaerr;
  224. }
  225. /* Calculate public key */
  226. if (!(dsa->pub_key = BN_new()))
  227. {
  228. DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
  229. goto dsaerr;
  230. }
  231. if (!(ctx = BN_CTX_new()))
  232. {
  233. DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
  234. goto dsaerr;
  235. }
  236. if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
  237. {
  238. DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
  239. goto dsaerr;
  240. }
  241. EVP_PKEY_assign_DSA(pkey, dsa);
  242. BN_CTX_free (ctx);
  243. if(ndsa)
  244. sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
  245. else
  246. ASN1_INTEGER_free(privkey);
  247. return 1;
  248. decerr:
  249. DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
  250. dsaerr:
  251. BN_CTX_free (ctx);
  252. if (privkey)
  253. ASN1_INTEGER_free(privkey);
  254. sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
  255. DSA_free(dsa);
  256. return 0;
  257. }
  258. static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
  259. {
  260. ASN1_STRING *params = NULL;
  261. ASN1_INTEGER *prkey = NULL;
  262. unsigned char *dp = NULL;
  263. int dplen;
  264. params = ASN1_STRING_new();
  265. if (!params)
  266. {
  267. DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
  268. goto err;
  269. }
  270. params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
  271. if (params->length <= 0)
  272. {
  273. DSAerr(DSA_F_DSA_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
  274. goto err;
  275. }
  276. params->type = V_ASN1_SEQUENCE;
  277. /* Get private key into integer */
  278. prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
  279. if (!prkey)
  280. {
  281. DSAerr(DSA_F_DSA_PRIV_ENCODE,DSA_R_BN_ERROR);
  282. goto err;
  283. }
  284. dplen = i2d_ASN1_INTEGER(prkey, &dp);
  285. ASN1_INTEGER_free(prkey);
  286. if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
  287. V_ASN1_SEQUENCE, params, dp, dplen))
  288. goto err;
  289. return 1;
  290. err:
  291. if (dp != NULL)
  292. OPENSSL_free(dp);
  293. if (params != NULL)
  294. ASN1_STRING_free(params);
  295. if (prkey != NULL)
  296. ASN1_INTEGER_free(prkey);
  297. return 0;
  298. }
  299. static int int_dsa_size(const EVP_PKEY *pkey)
  300. {
  301. return(DSA_size(pkey->pkey.dsa));
  302. }
  303. static int dsa_bits(const EVP_PKEY *pkey)
  304. {
  305. return BN_num_bits(pkey->pkey.dsa->p);
  306. }
  307. static int dsa_missing_parameters(const EVP_PKEY *pkey)
  308. {
  309. DSA *dsa;
  310. dsa=pkey->pkey.dsa;
  311. if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
  312. return 1;
  313. return 0;
  314. }
  315. static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
  316. {
  317. BIGNUM *a;
  318. if ((a=BN_dup(from->pkey.dsa->p)) == NULL)
  319. return 0;
  320. if (to->pkey.dsa->p != NULL)
  321. BN_free(to->pkey.dsa->p);
  322. to->pkey.dsa->p=a;
  323. if ((a=BN_dup(from->pkey.dsa->q)) == NULL)
  324. return 0;
  325. if (to->pkey.dsa->q != NULL)
  326. BN_free(to->pkey.dsa->q);
  327. to->pkey.dsa->q=a;
  328. if ((a=BN_dup(from->pkey.dsa->g)) == NULL)
  329. return 0;
  330. if (to->pkey.dsa->g != NULL)
  331. BN_free(to->pkey.dsa->g);
  332. to->pkey.dsa->g=a;
  333. return 1;
  334. }
  335. static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
  336. {
  337. if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
  338. BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
  339. BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
  340. return 0;
  341. else
  342. return 1;
  343. }
  344. static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
  345. {
  346. if (dsa_cmp_parameters(a, b) == 0)
  347. return 0;
  348. if (BN_cmp(b->pkey.dsa->pub_key,a->pkey.dsa->pub_key) != 0)
  349. return 0;
  350. else
  351. return 1;
  352. }
  353. static void int_dsa_free(EVP_PKEY *pkey)
  354. {
  355. DSA_free(pkey->pkey.dsa);
  356. }
  357. static void update_buflen(const BIGNUM *b, size_t *pbuflen)
  358. {
  359. size_t i;
  360. if (!b)
  361. return;
  362. if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
  363. *pbuflen = i;
  364. }
  365. int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
  366. {
  367. unsigned char *m=NULL;
  368. int ret=0;
  369. size_t buf_len=0;
  370. const char *ktype = NULL;
  371. const BIGNUM *priv_key, *pub_key;
  372. if (ptype == 2)
  373. priv_key = x->priv_key;
  374. else
  375. priv_key = NULL;
  376. if (ptype > 0)
  377. pub_key = x->pub_key;
  378. else
  379. pub_key = NULL;
  380. if (ptype == 2)
  381. ktype = "Private-Key";
  382. else if (ptype == 1)
  383. ktype = "Public-Key";
  384. else
  385. ktype = "DSA-Parameters";
  386. #if 0
  387. if (x->p == NULL)
  388. {
  389. DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS);
  390. goto err;
  391. }
  392. #endif
  393. update_buflen(x->p, &buf_len);
  394. update_buflen(x->q, &buf_len);
  395. update_buflen(x->g, &buf_len);
  396. update_buflen(priv_key, &buf_len);
  397. update_buflen(pub_key, &buf_len);
  398. m=(unsigned char *)OPENSSL_malloc(buf_len+10);
  399. if (m == NULL)
  400. {
  401. DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
  402. goto err;
  403. }
  404. if (priv_key)
  405. {
  406. if(!BIO_indent(bp,off,128))
  407. goto err;
  408. if (BIO_printf(bp,"%s: (%d bit)\n",ktype, BN_num_bits(x->p))
  409. <= 0) goto err;
  410. }
  411. if (!ASN1_bn_print(bp,"priv:",priv_key,m,off))
  412. goto err;
  413. if (!ASN1_bn_print(bp,"pub: ",pub_key,m,off))
  414. goto err;
  415. if (!ASN1_bn_print(bp,"P: ",x->p,m,off)) goto err;
  416. if (!ASN1_bn_print(bp,"Q: ",x->q,m,off)) goto err;
  417. if (!ASN1_bn_print(bp,"G: ",x->g,m,off)) goto err;
  418. ret=1;
  419. err:
  420. if (m != NULL) OPENSSL_free(m);
  421. return(ret);
  422. }
  423. static int dsa_param_decode(EVP_PKEY *pkey,
  424. const unsigned char **pder, int derlen)
  425. {
  426. DSA *dsa;
  427. if (!(dsa = d2i_DSAparams(NULL, pder, derlen)))
  428. {
  429. DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
  430. return 0;
  431. }
  432. EVP_PKEY_assign_DSA(pkey, dsa);
  433. return 1;
  434. }
  435. static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
  436. {
  437. return i2d_DSAparams(pkey->pkey.dsa, pder);
  438. }
  439. static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  440. ASN1_PCTX *ctx)
  441. {
  442. return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
  443. }
  444. static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  445. ASN1_PCTX *ctx)
  446. {
  447. return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
  448. }
  449. static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  450. ASN1_PCTX *ctx)
  451. {
  452. return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
  453. }
  454. static int old_dsa_priv_decode(EVP_PKEY *pkey,
  455. const unsigned char **pder, int derlen)
  456. {
  457. DSA *dsa;
  458. if (!(dsa = d2i_DSAPrivateKey (NULL, pder, derlen)))
  459. {
  460. DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
  461. return 0;
  462. }
  463. EVP_PKEY_assign_DSA(pkey, dsa);
  464. return 1;
  465. }
  466. static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
  467. {
  468. return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
  469. }
  470. static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
  471. {
  472. switch (op)
  473. {
  474. case ASN1_PKEY_CTRL_PKCS7_SIGN:
  475. if (arg1 == 0)
  476. {
  477. X509_ALGOR *alg1, *alg2;
  478. PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
  479. X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_sha1),
  480. V_ASN1_NULL, 0);
  481. X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_dsaWithSHA1),
  482. V_ASN1_UNDEF, 0);
  483. }
  484. return 1;
  485. case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
  486. *(int *)arg2 = NID_sha1;
  487. return 2;
  488. default:
  489. return -2;
  490. }
  491. }
  492. /* NB these are sorted in pkey_id order, lowest first */
  493. const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] =
  494. {
  495. {
  496. EVP_PKEY_DSA2,
  497. EVP_PKEY_DSA,
  498. ASN1_PKEY_ALIAS
  499. },
  500. {
  501. EVP_PKEY_DSA1,
  502. EVP_PKEY_DSA,
  503. ASN1_PKEY_ALIAS
  504. },
  505. {
  506. EVP_PKEY_DSA4,
  507. EVP_PKEY_DSA,
  508. ASN1_PKEY_ALIAS
  509. },
  510. {
  511. EVP_PKEY_DSA3,
  512. EVP_PKEY_DSA,
  513. ASN1_PKEY_ALIAS
  514. },
  515. {
  516. EVP_PKEY_DSA,
  517. EVP_PKEY_DSA,
  518. 0,
  519. "DSA",
  520. "OpenSSL DSA method",
  521. dsa_pub_decode,
  522. dsa_pub_encode,
  523. dsa_pub_cmp,
  524. dsa_pub_print,
  525. dsa_priv_decode,
  526. dsa_priv_encode,
  527. dsa_priv_print,
  528. int_dsa_size,
  529. dsa_bits,
  530. dsa_param_decode,
  531. dsa_param_encode,
  532. dsa_missing_parameters,
  533. dsa_copy_parameters,
  534. dsa_cmp_parameters,
  535. dsa_param_print,
  536. int_dsa_free,
  537. dsa_pkey_ctrl,
  538. old_dsa_priv_decode,
  539. old_dsa_priv_encode
  540. }
  541. };