Tie DSA into the engine framework as with RSA and DH so far. I've verified

this integration with a web-server using CryptoSwift engine code with RSA and DSA certificates (and with EDH cipher suites).
2000-05-29 11:07:38 +00:00
parent a26f2b5e62
commit 835475a2d6
6 changed files with 85 additions and 19 deletions
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -64,6 +64,7 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
+#include <openssl/engine.h>

 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
@@ -195,7 +196,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		}

 	/* Compute r = (g^k mod p) mod q */
-	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+	if (!ENGINE_get_DSA(dsa->handle)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
 		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;

@@ -273,7 +274,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
 #else
 	{
-	if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
+	if (!ENGINE_get_DSA(dsa->handle)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
 						dsa->p,ctx,mont)) goto err;
 	/* BN_copy(&u1,&t1); */
 	/* let u1 = u1 mod q */