1 /*
2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <string.h>
17
18 #include <openssl/crypto.h>
19 #include <openssl/core_dispatch.h>
20 #include <openssl/core_names.h>
21 #include <openssl/err.h>
22 #include <openssl/dsa.h>
23 #include <openssl/params.h>
24 #include <openssl/evp.h>
25 #include <openssl/proverr.h>
26 #include "internal/nelem.h"
27 #include "internal/sizes.h"
28 #include "internal/cryptlib.h"
29 #include "prov/providercommon.h"
30 #include "prov/implementations.h"
31 #include "prov/provider_ctx.h"
32 #include "prov/securitycheck.h"
33 #include "crypto/dsa.h"
34 #include "prov/der_dsa.h"
35
36 static OSSL_FUNC_signature_newctx_fn dsa_newctx;
37 static OSSL_FUNC_signature_sign_init_fn dsa_sign_init;
38 static OSSL_FUNC_signature_verify_init_fn dsa_verify_init;
39 static OSSL_FUNC_signature_sign_fn dsa_sign;
40 static OSSL_FUNC_signature_verify_fn dsa_verify;
41 static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_sign_init;
42 static OSSL_FUNC_signature_digest_sign_update_fn dsa_digest_signverify_update;
43 static OSSL_FUNC_signature_digest_sign_final_fn dsa_digest_sign_final;
44 static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_verify_init;
45 static OSSL_FUNC_signature_digest_verify_update_fn dsa_digest_signverify_update;
46 static OSSL_FUNC_signature_digest_verify_final_fn dsa_digest_verify_final;
47 static OSSL_FUNC_signature_freectx_fn dsa_freectx;
48 static OSSL_FUNC_signature_dupctx_fn dsa_dupctx;
49 static OSSL_FUNC_signature_get_ctx_params_fn dsa_get_ctx_params;
50 static OSSL_FUNC_signature_gettable_ctx_params_fn dsa_gettable_ctx_params;
51 static OSSL_FUNC_signature_set_ctx_params_fn dsa_set_ctx_params;
52 static OSSL_FUNC_signature_settable_ctx_params_fn dsa_settable_ctx_params;
53 static OSSL_FUNC_signature_get_ctx_md_params_fn dsa_get_ctx_md_params;
54 static OSSL_FUNC_signature_gettable_ctx_md_params_fn dsa_gettable_ctx_md_params;
55 static OSSL_FUNC_signature_set_ctx_md_params_fn dsa_set_ctx_md_params;
56 static OSSL_FUNC_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params;
57
58 /*
59 * What's passed as an actual key is defined by the KEYMGMT interface.
60 * We happen to know that our KEYMGMT simply passes DSA structures, so
61 * we use that here too.
62 */
63
64 typedef struct {
65 OSSL_LIB_CTX *libctx;
66 char *propq;
67 DSA *dsa;
68
69 /*
70 * Flag to determine if the hash function can be changed (1) or not (0)
71 * Because it's dangerous to change during a DigestSign or DigestVerify
72 * operation, this flag is cleared by their Init function, and set again
73 * by their Final function.
74 */
75 unsigned int flag_allow_md : 1;
76
77 char mdname[OSSL_MAX_NAME_SIZE];
78
79 /* The Algorithm Identifier of the combined signature algorithm */
80 unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
81 unsigned char *aid;
82 size_t aid_len;
83
84 /* main digest */
85 EVP_MD *md;
86 EVP_MD_CTX *mdctx;
87 int operation;
88 } PROV_DSA_CTX;
89
90
dsa_get_md_size(const PROV_DSA_CTX * pdsactx)91 static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
92 {
93 if (pdsactx->md != NULL)
94 return EVP_MD_get_size(pdsactx->md);
95 return 0;
96 }
97
dsa_newctx(void * provctx,const char * propq)98 static void *dsa_newctx(void *provctx, const char *propq)
99 {
100 PROV_DSA_CTX *pdsactx;
101
102 if (!ossl_prov_is_running())
103 return NULL;
104
105 pdsactx = OPENSSL_zalloc(sizeof(PROV_DSA_CTX));
106 if (pdsactx == NULL)
107 return NULL;
108
109 pdsactx->libctx = PROV_LIBCTX_OF(provctx);
110 pdsactx->flag_allow_md = 1;
111 if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) {
112 OPENSSL_free(pdsactx);
113 pdsactx = NULL;
114 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
115 }
116 return pdsactx;
117 }
118
dsa_setup_md(PROV_DSA_CTX * ctx,const char * mdname,const char * mdprops)119 static int dsa_setup_md(PROV_DSA_CTX *ctx,
120 const char *mdname, const char *mdprops)
121 {
122 if (mdprops == NULL)
123 mdprops = ctx->propq;
124
125 if (mdname != NULL) {
126 int sha1_allowed = (ctx->operation != EVP_PKEY_OP_SIGN);
127 WPACKET pkt;
128 EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
129 int md_nid = ossl_digest_get_approved_nid_with_sha1(ctx->libctx, md,
130 sha1_allowed);
131 size_t mdname_len = strlen(mdname);
132
133 if (md == NULL || md_nid < 0) {
134 if (md == NULL)
135 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
136 "%s could not be fetched", mdname);
137 if (md_nid < 0)
138 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
139 "digest=%s", mdname);
140 if (mdname_len >= sizeof(ctx->mdname))
141 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
142 "%s exceeds name buffer length", mdname);
143 EVP_MD_free(md);
144 return 0;
145 }
146
147 if (!ctx->flag_allow_md) {
148 if (ctx->mdname[0] != '\0' && !EVP_MD_is_a(md, ctx->mdname)) {
149 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
150 "digest %s != %s", mdname, ctx->mdname);
151 EVP_MD_free(md);
152 return 0;
153 }
154 EVP_MD_free(md);
155 return 1;
156 }
157
158 EVP_MD_CTX_free(ctx->mdctx);
159 EVP_MD_free(ctx->md);
160
161 /*
162 * We do not care about DER writing errors.
163 * All it really means is that for some reason, there's no
164 * AlgorithmIdentifier to be had, but the operation itself is
165 * still valid, just as long as it's not used to construct
166 * anything that needs an AlgorithmIdentifier.
167 */
168 ctx->aid_len = 0;
169 if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
170 && ossl_DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa,
171 md_nid)
172 && WPACKET_finish(&pkt)) {
173 WPACKET_get_total_written(&pkt, &ctx->aid_len);
174 ctx->aid = WPACKET_get_curr(&pkt);
175 }
176 WPACKET_cleanup(&pkt);
177
178 ctx->mdctx = NULL;
179 ctx->md = md;
180 OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
181 }
182 return 1;
183 }
184
dsa_signverify_init(void * vpdsactx,void * vdsa,const OSSL_PARAM params[],int operation)185 static int dsa_signverify_init(void *vpdsactx, void *vdsa,
186 const OSSL_PARAM params[], int operation)
187 {
188 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
189
190 if (!ossl_prov_is_running()
191 || pdsactx == NULL)
192 return 0;
193
194 if (vdsa == NULL && pdsactx->dsa == NULL) {
195 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
196 return 0;
197 }
198
199 if (vdsa != NULL) {
200 if (!ossl_dsa_check_key(pdsactx->libctx, vdsa,
201 operation == EVP_PKEY_OP_SIGN)) {
202 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
203 return 0;
204 }
205 if (!DSA_up_ref(vdsa))
206 return 0;
207 DSA_free(pdsactx->dsa);
208 pdsactx->dsa = vdsa;
209 }
210
211 pdsactx->operation = operation;
212
213 if (!dsa_set_ctx_params(pdsactx, params))
214 return 0;
215
216 return 1;
217 }
218
dsa_sign_init(void * vpdsactx,void * vdsa,const OSSL_PARAM params[])219 static int dsa_sign_init(void *vpdsactx, void *vdsa, const OSSL_PARAM params[])
220 {
221 return dsa_signverify_init(vpdsactx, vdsa, params, EVP_PKEY_OP_SIGN);
222 }
223
dsa_verify_init(void * vpdsactx,void * vdsa,const OSSL_PARAM params[])224 static int dsa_verify_init(void *vpdsactx, void *vdsa,
225 const OSSL_PARAM params[])
226 {
227 return dsa_signverify_init(vpdsactx, vdsa, params, EVP_PKEY_OP_VERIFY);
228 }
229
dsa_sign(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)230 static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen,
231 size_t sigsize, const unsigned char *tbs, size_t tbslen)
232 {
233 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
234 int ret;
235 unsigned int sltmp;
236 size_t dsasize = DSA_size(pdsactx->dsa);
237 size_t mdsize = dsa_get_md_size(pdsactx);
238
239 if (!ossl_prov_is_running())
240 return 0;
241
242 if (sig == NULL) {
243 *siglen = dsasize;
244 return 1;
245 }
246
247 if (sigsize < (size_t)dsasize)
248 return 0;
249
250 if (mdsize != 0 && tbslen != mdsize)
251 return 0;
252
253 ret = ossl_dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa);
254 if (ret <= 0)
255 return 0;
256
257 *siglen = sltmp;
258 return 1;
259 }
260
dsa_verify(void * vpdsactx,const unsigned char * sig,size_t siglen,const unsigned char * tbs,size_t tbslen)261 static int dsa_verify(void *vpdsactx, const unsigned char *sig, size_t siglen,
262 const unsigned char *tbs, size_t tbslen)
263 {
264 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
265 size_t mdsize = dsa_get_md_size(pdsactx);
266
267 if (!ossl_prov_is_running() || (mdsize != 0 && tbslen != mdsize))
268 return 0;
269
270 return DSA_verify(0, tbs, tbslen, sig, siglen, pdsactx->dsa);
271 }
272
dsa_digest_signverify_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[],int operation)273 static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
274 void *vdsa, const OSSL_PARAM params[],
275 int operation)
276 {
277 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
278
279 if (!ossl_prov_is_running())
280 return 0;
281
282 if (!dsa_signverify_init(vpdsactx, vdsa, params, operation))
283 return 0;
284
285 if (!dsa_setup_md(pdsactx, mdname, NULL))
286 return 0;
287
288 pdsactx->flag_allow_md = 0;
289
290 if (pdsactx->mdctx == NULL) {
291 pdsactx->mdctx = EVP_MD_CTX_new();
292 if (pdsactx->mdctx == NULL)
293 goto error;
294 }
295
296 if (!EVP_DigestInit_ex2(pdsactx->mdctx, pdsactx->md, params))
297 goto error;
298
299 return 1;
300
301 error:
302 EVP_MD_CTX_free(pdsactx->mdctx);
303 pdsactx->mdctx = NULL;
304 return 0;
305 }
306
dsa_digest_sign_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[])307 static int dsa_digest_sign_init(void *vpdsactx, const char *mdname,
308 void *vdsa, const OSSL_PARAM params[])
309 {
310 return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params,
311 EVP_PKEY_OP_SIGN);
312 }
313
dsa_digest_verify_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[])314 static int dsa_digest_verify_init(void *vpdsactx, const char *mdname,
315 void *vdsa, const OSSL_PARAM params[])
316 {
317 return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params,
318 EVP_PKEY_OP_VERIFY);
319 }
320
dsa_digest_signverify_update(void * vpdsactx,const unsigned char * data,size_t datalen)321 int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data,
322 size_t datalen)
323 {
324 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
325
326 if (pdsactx == NULL || pdsactx->mdctx == NULL)
327 return 0;
328
329 return EVP_DigestUpdate(pdsactx->mdctx, data, datalen);
330 }
331
dsa_digest_sign_final(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize)332 int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen,
333 size_t sigsize)
334 {
335 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
336 unsigned char digest[EVP_MAX_MD_SIZE];
337 unsigned int dlen = 0;
338
339 if (!ossl_prov_is_running() || pdsactx == NULL || pdsactx->mdctx == NULL)
340 return 0;
341
342 /*
343 * If sig is NULL then we're just finding out the sig size. Other fields
344 * are ignored. Defer to dsa_sign.
345 */
346 if (sig != NULL) {
347 /*
348 * There is the possibility that some externally provided
349 * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow -
350 * but that problem is much larger than just in DSA.
351 */
352 if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen))
353 return 0;
354 }
355
356 pdsactx->flag_allow_md = 1;
357
358 return dsa_sign(vpdsactx, sig, siglen, sigsize, digest, (size_t)dlen);
359 }
360
361
dsa_digest_verify_final(void * vpdsactx,const unsigned char * sig,size_t siglen)362 int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig,
363 size_t siglen)
364 {
365 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
366 unsigned char digest[EVP_MAX_MD_SIZE];
367 unsigned int dlen = 0;
368
369 if (!ossl_prov_is_running() || pdsactx == NULL || pdsactx->mdctx == NULL)
370 return 0;
371
372 /*
373 * There is the possibility that some externally provided
374 * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow -
375 * but that problem is much larger than just in DSA.
376 */
377 if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen))
378 return 0;
379
380 pdsactx->flag_allow_md = 1;
381
382 return dsa_verify(vpdsactx, sig, siglen, digest, (size_t)dlen);
383 }
384
dsa_freectx(void * vpdsactx)385 static void dsa_freectx(void *vpdsactx)
386 {
387 PROV_DSA_CTX *ctx = (PROV_DSA_CTX *)vpdsactx;
388
389 OPENSSL_free(ctx->propq);
390 EVP_MD_CTX_free(ctx->mdctx);
391 EVP_MD_free(ctx->md);
392 ctx->propq = NULL;
393 ctx->mdctx = NULL;
394 ctx->md = NULL;
395 DSA_free(ctx->dsa);
396 OPENSSL_free(ctx);
397 }
398
dsa_dupctx(void * vpdsactx)399 static void *dsa_dupctx(void *vpdsactx)
400 {
401 PROV_DSA_CTX *srcctx = (PROV_DSA_CTX *)vpdsactx;
402 PROV_DSA_CTX *dstctx;
403
404 if (!ossl_prov_is_running())
405 return NULL;
406
407 dstctx = OPENSSL_zalloc(sizeof(*srcctx));
408 if (dstctx == NULL)
409 return NULL;
410
411 *dstctx = *srcctx;
412 dstctx->dsa = NULL;
413 dstctx->md = NULL;
414 dstctx->mdctx = NULL;
415 dstctx->propq = NULL;
416
417 if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa))
418 goto err;
419 dstctx->dsa = srcctx->dsa;
420
421 if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
422 goto err;
423 dstctx->md = srcctx->md;
424
425 if (srcctx->mdctx != NULL) {
426 dstctx->mdctx = EVP_MD_CTX_new();
427 if (dstctx->mdctx == NULL
428 || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
429 goto err;
430 }
431 if (srcctx->propq != NULL) {
432 dstctx->propq = OPENSSL_strdup(srcctx->propq);
433 if (dstctx->propq == NULL)
434 goto err;
435 }
436
437 return dstctx;
438 err:
439 dsa_freectx(dstctx);
440 return NULL;
441 }
442
dsa_get_ctx_params(void * vpdsactx,OSSL_PARAM * params)443 static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params)
444 {
445 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
446 OSSL_PARAM *p;
447
448 if (pdsactx == NULL)
449 return 0;
450
451 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
452 if (p != NULL
453 && !OSSL_PARAM_set_octet_string(p, pdsactx->aid, pdsactx->aid_len))
454 return 0;
455
456 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
457 if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->mdname))
458 return 0;
459
460 return 1;
461 }
462
463 static const OSSL_PARAM known_gettable_ctx_params[] = {
464 OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
465 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
466 OSSL_PARAM_END
467 };
468
dsa_gettable_ctx_params(ossl_unused void * ctx,ossl_unused void * provctx)469 static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *ctx,
470 ossl_unused void *provctx)
471 {
472 return known_gettable_ctx_params;
473 }
474
dsa_set_ctx_params(void * vpdsactx,const OSSL_PARAM params[])475 static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
476 {
477 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
478 const OSSL_PARAM *p;
479
480 if (pdsactx == NULL)
481 return 0;
482 if (params == NULL)
483 return 1;
484
485 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
486 if (p != NULL) {
487 char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
488 char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
489 const OSSL_PARAM *propsp =
490 OSSL_PARAM_locate_const(params,
491 OSSL_SIGNATURE_PARAM_PROPERTIES);
492
493 if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
494 return 0;
495 if (propsp != NULL
496 && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops)))
497 return 0;
498 if (!dsa_setup_md(pdsactx, mdname, mdprops))
499 return 0;
500 }
501
502 return 1;
503 }
504
505 static const OSSL_PARAM settable_ctx_params[] = {
506 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
507 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
508 OSSL_PARAM_END
509 };
510
511 static const OSSL_PARAM settable_ctx_params_no_digest[] = {
512 OSSL_PARAM_END
513 };
514
dsa_settable_ctx_params(void * vpdsactx,ossl_unused void * provctx)515 static const OSSL_PARAM *dsa_settable_ctx_params(void *vpdsactx,
516 ossl_unused void *provctx)
517 {
518 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
519
520 if (pdsactx != NULL && !pdsactx->flag_allow_md)
521 return settable_ctx_params_no_digest;
522 return settable_ctx_params;
523 }
524
dsa_get_ctx_md_params(void * vpdsactx,OSSL_PARAM * params)525 static int dsa_get_ctx_md_params(void *vpdsactx, OSSL_PARAM *params)
526 {
527 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
528
529 if (pdsactx->mdctx == NULL)
530 return 0;
531
532 return EVP_MD_CTX_get_params(pdsactx->mdctx, params);
533 }
534
dsa_gettable_ctx_md_params(void * vpdsactx)535 static const OSSL_PARAM *dsa_gettable_ctx_md_params(void *vpdsactx)
536 {
537 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
538
539 if (pdsactx->md == NULL)
540 return 0;
541
542 return EVP_MD_gettable_ctx_params(pdsactx->md);
543 }
544
dsa_set_ctx_md_params(void * vpdsactx,const OSSL_PARAM params[])545 static int dsa_set_ctx_md_params(void *vpdsactx, const OSSL_PARAM params[])
546 {
547 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
548
549 if (pdsactx->mdctx == NULL)
550 return 0;
551
552 return EVP_MD_CTX_set_params(pdsactx->mdctx, params);
553 }
554
dsa_settable_ctx_md_params(void * vpdsactx)555 static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx)
556 {
557 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
558
559 if (pdsactx->md == NULL)
560 return 0;
561
562 return EVP_MD_settable_ctx_params(pdsactx->md);
563 }
564
565 const OSSL_DISPATCH ossl_dsa_signature_functions[] = {
566 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx },
567 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_sign_init },
568 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign },
569 { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_verify_init },
570 { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify },
571 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
572 (void (*)(void))dsa_digest_sign_init },
573 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
574 (void (*)(void))dsa_digest_signverify_update },
575 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
576 (void (*)(void))dsa_digest_sign_final },
577 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
578 (void (*)(void))dsa_digest_verify_init },
579 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
580 (void (*)(void))dsa_digest_signverify_update },
581 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
582 (void (*)(void))dsa_digest_verify_final },
583 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx },
584 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx },
585 { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))dsa_get_ctx_params },
586 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,
587 (void (*)(void))dsa_gettable_ctx_params },
588 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))dsa_set_ctx_params },
589 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,
590 (void (*)(void))dsa_settable_ctx_params },
591 { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS,
592 (void (*)(void))dsa_get_ctx_md_params },
593 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS,
594 (void (*)(void))dsa_gettable_ctx_md_params },
595 { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS,
596 (void (*)(void))dsa_set_ctx_md_params },
597 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS,
598 (void (*)(void))dsa_settable_ctx_md_params },
599 { 0, NULL }
600 };
601