2
0

dsa_ameth.c 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665
  1. /*
  2. * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * DSA low level APIs are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <stdio.h>
  15. #include <openssl/x509.h>
  16. #include <openssl/asn1.h>
  17. #include <openssl/bn.h>
  18. #include <openssl/cms.h>
  19. #include <openssl/core_names.h>
  20. #include <openssl/param_build.h>
  21. #include "internal/cryptlib.h"
  22. #include "crypto/asn1.h"
  23. #include "crypto/dsa.h"
  24. #include "crypto/evp.h"
  25. #include "internal/ffc.h"
  26. #include "dsa_local.h"
  27. static int dsa_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey)
  28. {
  29. const unsigned char *p, *pm;
  30. int pklen, pmlen;
  31. int ptype;
  32. const void *pval;
  33. const ASN1_STRING *pstr;
  34. X509_ALGOR *palg;
  35. ASN1_INTEGER *public_key = NULL;
  36. DSA *dsa = NULL;
  37. if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
  38. return 0;
  39. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  40. if (ptype == V_ASN1_SEQUENCE) {
  41. pstr = pval;
  42. pm = pstr->data;
  43. pmlen = pstr->length;
  44. if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL) {
  45. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
  46. goto err;
  47. }
  48. } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
  49. if ((dsa = DSA_new()) == NULL) {
  50. DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
  51. goto err;
  52. }
  53. } else {
  54. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
  55. goto err;
  56. }
  57. if ((public_key = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL) {
  58. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
  59. goto err;
  60. }
  61. if ((dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) {
  62. DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
  63. goto err;
  64. }
  65. dsa->dirty_cnt++;
  66. ASN1_INTEGER_free(public_key);
  67. EVP_PKEY_assign_DSA(pkey, dsa);
  68. return 1;
  69. err:
  70. ASN1_INTEGER_free(public_key);
  71. DSA_free(dsa);
  72. return 0;
  73. }
  74. static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
  75. {
  76. DSA *dsa;
  77. int ptype;
  78. unsigned char *penc = NULL;
  79. int penclen;
  80. ASN1_STRING *str = NULL;
  81. ASN1_INTEGER *pubint = NULL;
  82. ASN1_OBJECT *aobj;
  83. dsa = pkey->pkey.dsa;
  84. if (pkey->save_parameters
  85. && dsa->params.p != NULL
  86. && dsa->params.q != NULL
  87. && dsa->params.g != NULL) {
  88. str = ASN1_STRING_new();
  89. if (str == NULL) {
  90. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  91. goto err;
  92. }
  93. str->length = i2d_DSAparams(dsa, &str->data);
  94. if (str->length <= 0) {
  95. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  96. goto err;
  97. }
  98. ptype = V_ASN1_SEQUENCE;
  99. } else
  100. ptype = V_ASN1_UNDEF;
  101. pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL);
  102. if (pubint == NULL) {
  103. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  104. goto err;
  105. }
  106. penclen = i2d_ASN1_INTEGER(pubint, &penc);
  107. ASN1_INTEGER_free(pubint);
  108. if (penclen <= 0) {
  109. DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
  110. goto err;
  111. }
  112. aobj = OBJ_nid2obj(EVP_PKEY_DSA);
  113. if (aobj == NULL)
  114. goto err;
  115. if (X509_PUBKEY_set0_param(pk, aobj, ptype, str, penc, penclen))
  116. return 1;
  117. err:
  118. OPENSSL_free(penc);
  119. ASN1_STRING_free(str);
  120. return 0;
  121. }
  122. /*
  123. * In PKCS#8 DSA: you just get a private key integer and parameters in the
  124. * AlgorithmIdentifier the pubkey must be recalculated.
  125. */
  126. static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
  127. {
  128. const unsigned char *p, *pm;
  129. int pklen, pmlen;
  130. int ptype;
  131. const void *pval;
  132. const ASN1_STRING *pstr;
  133. const X509_ALGOR *palg;
  134. ASN1_INTEGER *privkey = NULL;
  135. BN_CTX *ctx = NULL;
  136. DSA *dsa = NULL;
  137. int ret = 0;
  138. if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
  139. return 0;
  140. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  141. if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
  142. goto decerr;
  143. if (privkey->type == V_ASN1_NEG_INTEGER || ptype != V_ASN1_SEQUENCE)
  144. goto decerr;
  145. pstr = pval;
  146. pm = pstr->data;
  147. pmlen = pstr->length;
  148. if ((dsa = d2i_DSAparams(NULL, &pm, pmlen)) == NULL)
  149. goto decerr;
  150. /* We have parameters now set private key */
  151. if ((dsa->priv_key = BN_secure_new()) == NULL
  152. || !ASN1_INTEGER_to_BN(privkey, dsa->priv_key)) {
  153. DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
  154. goto dsaerr;
  155. }
  156. /* Calculate public key */
  157. if ((dsa->pub_key = BN_new()) == NULL) {
  158. DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
  159. goto dsaerr;
  160. }
  161. if ((ctx = BN_CTX_new()) == NULL) {
  162. DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
  163. goto dsaerr;
  164. }
  165. BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
  166. if (!BN_mod_exp(dsa->pub_key, dsa->params.g, dsa->priv_key, dsa->params.p,
  167. ctx)) {
  168. DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
  169. goto dsaerr;
  170. }
  171. dsa->dirty_cnt++;
  172. EVP_PKEY_assign_DSA(pkey, dsa);
  173. ret = 1;
  174. goto done;
  175. decerr:
  176. DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
  177. dsaerr:
  178. DSA_free(dsa);
  179. done:
  180. BN_CTX_free(ctx);
  181. ASN1_STRING_clear_free(privkey);
  182. return ret;
  183. }
  184. static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
  185. {
  186. ASN1_STRING *params = NULL;
  187. ASN1_INTEGER *prkey = NULL;
  188. unsigned char *dp = NULL;
  189. int dplen;
  190. if (pkey->pkey.dsa == NULL|| pkey->pkey.dsa->priv_key == NULL) {
  191. DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
  192. goto err;
  193. }
  194. params = ASN1_STRING_new();
  195. if (params == NULL) {
  196. DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
  197. goto err;
  198. }
  199. params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
  200. if (params->length <= 0) {
  201. DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
  202. goto err;
  203. }
  204. params->type = V_ASN1_SEQUENCE;
  205. /* Get private key into integer */
  206. prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
  207. if (prkey == NULL) {
  208. DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
  209. goto err;
  210. }
  211. dplen = i2d_ASN1_INTEGER(prkey, &dp);
  212. ASN1_STRING_clear_free(prkey);
  213. prkey = NULL;
  214. if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
  215. V_ASN1_SEQUENCE, params, dp, dplen))
  216. goto err;
  217. return 1;
  218. err:
  219. OPENSSL_free(dp);
  220. ASN1_STRING_free(params);
  221. ASN1_STRING_clear_free(prkey);
  222. return 0;
  223. }
  224. static int int_dsa_size(const EVP_PKEY *pkey)
  225. {
  226. return DSA_size(pkey->pkey.dsa);
  227. }
  228. static int dsa_bits(const EVP_PKEY *pkey)
  229. {
  230. return DSA_bits(pkey->pkey.dsa);
  231. }
  232. static int dsa_security_bits(const EVP_PKEY *pkey)
  233. {
  234. return DSA_security_bits(pkey->pkey.dsa);
  235. }
  236. static int dsa_missing_parameters(const EVP_PKEY *pkey)
  237. {
  238. DSA *dsa;
  239. dsa = pkey->pkey.dsa;
  240. return dsa == NULL
  241. || dsa->params.p == NULL
  242. || dsa->params.q == NULL
  243. || dsa->params.g == NULL;
  244. }
  245. static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
  246. {
  247. if (to->pkey.dsa == NULL) {
  248. to->pkey.dsa = DSA_new();
  249. if (to->pkey.dsa == NULL)
  250. return 0;
  251. }
  252. if (!ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params))
  253. return 0;
  254. to->pkey.dsa->dirty_cnt++;
  255. return 1;
  256. }
  257. static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
  258. {
  259. return ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1);
  260. }
  261. static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
  262. {
  263. return BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) == 0;
  264. }
  265. static void int_dsa_free(EVP_PKEY *pkey)
  266. {
  267. DSA_free(pkey->pkey.dsa);
  268. }
  269. static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
  270. {
  271. int ret = 0;
  272. const char *ktype = NULL;
  273. const BIGNUM *priv_key, *pub_key;
  274. int mod_len = 0;
  275. if (x->params.p != NULL)
  276. mod_len = DSA_bits(x);
  277. if (ptype == 2)
  278. priv_key = x->priv_key;
  279. else
  280. priv_key = NULL;
  281. if (ptype > 0)
  282. pub_key = x->pub_key;
  283. else
  284. pub_key = NULL;
  285. if (ptype == 2)
  286. ktype = "Private-Key";
  287. else if (ptype == 1)
  288. ktype = "Public-Key";
  289. else
  290. ktype = "DSA-Parameters";
  291. if (priv_key != NULL) {
  292. if (!BIO_indent(bp, off, 128))
  293. goto err;
  294. if (BIO_printf(bp, "%s: (%d bit)\n", ktype, mod_len) <= 0)
  295. goto err;
  296. } else {
  297. if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len) <= 0)
  298. goto err;
  299. }
  300. if (!ASN1_bn_print(bp, "priv:", priv_key, NULL, off))
  301. goto err;
  302. if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off))
  303. goto err;
  304. if (!ffc_params_print(bp, &x->params, off))
  305. goto err;
  306. ret = 1;
  307. err:
  308. return ret;
  309. }
  310. static int dsa_param_decode(EVP_PKEY *pkey,
  311. const unsigned char **pder, int derlen)
  312. {
  313. DSA *dsa;
  314. if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) {
  315. DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
  316. return 0;
  317. }
  318. dsa->dirty_cnt++;
  319. EVP_PKEY_assign_DSA(pkey, dsa);
  320. return 1;
  321. }
  322. static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
  323. {
  324. return i2d_DSAparams(pkey->pkey.dsa, pder);
  325. }
  326. static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  327. ASN1_PCTX *ctx)
  328. {
  329. return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
  330. }
  331. static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  332. ASN1_PCTX *ctx)
  333. {
  334. return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
  335. }
  336. static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  337. ASN1_PCTX *ctx)
  338. {
  339. return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
  340. }
  341. static int old_dsa_priv_decode(EVP_PKEY *pkey,
  342. const unsigned char **pder, int derlen)
  343. {
  344. DSA *dsa;
  345. if ((dsa = d2i_DSAPrivateKey(NULL, pder, derlen)) == NULL) {
  346. DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
  347. return 0;
  348. }
  349. dsa->dirty_cnt++;
  350. EVP_PKEY_assign_DSA(pkey, dsa);
  351. return 1;
  352. }
  353. static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
  354. {
  355. return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
  356. }
  357. static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
  358. const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
  359. {
  360. DSA_SIG *dsa_sig;
  361. const unsigned char *p;
  362. if (sig == NULL) {
  363. if (BIO_puts(bp, "\n") <= 0)
  364. return 0;
  365. else
  366. return 1;
  367. }
  368. p = sig->data;
  369. dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
  370. if (dsa_sig != NULL) {
  371. int rv = 0;
  372. const BIGNUM *r, *s;
  373. DSA_SIG_get0(dsa_sig, &r, &s);
  374. if (BIO_write(bp, "\n", 1) != 1)
  375. goto err;
  376. if (!ASN1_bn_print(bp, "r: ", r, NULL, indent))
  377. goto err;
  378. if (!ASN1_bn_print(bp, "s: ", s, NULL, indent))
  379. goto err;
  380. rv = 1;
  381. err:
  382. DSA_SIG_free(dsa_sig);
  383. return rv;
  384. }
  385. if (BIO_puts(bp, "\n") <= 0)
  386. return 0;
  387. return X509_signature_dump(bp, sig, indent);
  388. }
  389. static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
  390. {
  391. switch (op) {
  392. case ASN1_PKEY_CTRL_PKCS7_SIGN:
  393. if (arg1 == 0) {
  394. int snid, hnid;
  395. X509_ALGOR *alg1, *alg2;
  396. PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
  397. if (alg1 == NULL || alg1->algorithm == NULL)
  398. return -1;
  399. hnid = OBJ_obj2nid(alg1->algorithm);
  400. if (hnid == NID_undef)
  401. return -1;
  402. if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
  403. return -1;
  404. X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
  405. }
  406. return 1;
  407. #ifndef OPENSSL_NO_CMS
  408. case ASN1_PKEY_CTRL_CMS_SIGN:
  409. if (arg1 == 0) {
  410. int snid, hnid;
  411. X509_ALGOR *alg1, *alg2;
  412. CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
  413. if (alg1 == NULL || alg1->algorithm == NULL)
  414. return -1;
  415. hnid = OBJ_obj2nid(alg1->algorithm);
  416. if (hnid == NID_undef)
  417. return -1;
  418. if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
  419. return -1;
  420. X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
  421. }
  422. return 1;
  423. case ASN1_PKEY_CTRL_CMS_RI_TYPE:
  424. *(int *)arg2 = CMS_RECIPINFO_NONE;
  425. return 1;
  426. #endif
  427. case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
  428. *(int *)arg2 = NID_sha256;
  429. return 1;
  430. default:
  431. return -2;
  432. }
  433. }
  434. static size_t dsa_pkey_dirty_cnt(const EVP_PKEY *pkey)
  435. {
  436. return pkey->pkey.dsa->dirty_cnt;
  437. }
  438. static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
  439. EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
  440. const char *propq)
  441. {
  442. DSA *dsa = from->pkey.dsa;
  443. OSSL_PARAM_BLD *tmpl;
  444. const BIGNUM *p = DSA_get0_p(dsa), *g = DSA_get0_g(dsa);
  445. const BIGNUM *q = DSA_get0_q(dsa), *pub_key = DSA_get0_pub_key(dsa);
  446. const BIGNUM *priv_key = DSA_get0_priv_key(dsa);
  447. OSSL_PARAM *params;
  448. int selection = 0;
  449. int rv = 0;
  450. /*
  451. * If the DSA method is foreign, then we can't be sure of anything, and
  452. * can therefore not export or pretend to export.
  453. */
  454. if (DSA_get_method(dsa) != DSA_OpenSSL())
  455. return 0;
  456. if (p == NULL || q == NULL || g == NULL)
  457. return 0;
  458. tmpl = OSSL_PARAM_BLD_new();
  459. if (tmpl == NULL)
  460. return 0;
  461. if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_P, p)
  462. || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_Q, q)
  463. || !OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_FFC_G, g))
  464. goto err;
  465. selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  466. if (pub_key != NULL) {
  467. if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY,
  468. pub_key))
  469. goto err;
  470. selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
  471. }
  472. if (priv_key != NULL) {
  473. if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PRIV_KEY,
  474. priv_key))
  475. goto err;
  476. selection |= OSSL_KEYMGMT_SELECT_PRIVATE_KEY;
  477. }
  478. if ((params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
  479. goto err;
  480. /* We export, the provider imports */
  481. rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
  482. OSSL_PARAM_BLD_free_params(params);
  483. err:
  484. OSSL_PARAM_BLD_free(tmpl);
  485. return rv;
  486. }
  487. static int dsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
  488. {
  489. EVP_PKEY_CTX *pctx = vpctx;
  490. EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
  491. DSA *dsa = dsa_new_with_ctx(pctx->libctx);
  492. if (dsa == NULL) {
  493. ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
  494. return 0;
  495. }
  496. if (!dsa_ffc_params_fromdata(dsa, params)
  497. || !dsa_key_fromdata(dsa, params)
  498. || !EVP_PKEY_assign_DSA(pkey, dsa)) {
  499. DSA_free(dsa);
  500. return 0;
  501. }
  502. return 1;
  503. }
  504. /* NB these are sorted in pkey_id order, lowest first */
  505. const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[5] = {
  506. {
  507. EVP_PKEY_DSA2,
  508. EVP_PKEY_DSA,
  509. ASN1_PKEY_ALIAS},
  510. {
  511. EVP_PKEY_DSA1,
  512. EVP_PKEY_DSA,
  513. ASN1_PKEY_ALIAS},
  514. {
  515. EVP_PKEY_DSA4,
  516. EVP_PKEY_DSA,
  517. ASN1_PKEY_ALIAS},
  518. {
  519. EVP_PKEY_DSA3,
  520. EVP_PKEY_DSA,
  521. ASN1_PKEY_ALIAS},
  522. {
  523. EVP_PKEY_DSA,
  524. EVP_PKEY_DSA,
  525. 0,
  526. "DSA",
  527. "OpenSSL DSA method",
  528. dsa_pub_decode,
  529. dsa_pub_encode,
  530. dsa_pub_cmp,
  531. dsa_pub_print,
  532. dsa_priv_decode,
  533. dsa_priv_encode,
  534. dsa_priv_print,
  535. int_dsa_size,
  536. dsa_bits,
  537. dsa_security_bits,
  538. dsa_param_decode,
  539. dsa_param_encode,
  540. dsa_missing_parameters,
  541. dsa_copy_parameters,
  542. dsa_cmp_parameters,
  543. dsa_param_print,
  544. dsa_sig_print,
  545. int_dsa_free,
  546. dsa_pkey_ctrl,
  547. old_dsa_priv_decode,
  548. old_dsa_priv_encode,
  549. NULL, NULL, NULL,
  550. NULL, NULL, NULL,
  551. NULL, NULL, NULL, NULL,
  552. dsa_pkey_dirty_cnt,
  553. dsa_pkey_export_to,
  554. dsa_pkey_import_from
  555. }
  556. };