DSA_set_method.pod 3.9 KB
Newer Older
U
Ulf Möller 已提交
1 2 3 4
=pod

=head1 NAME

5
DSA_set_default_method, DSA_get_default_method,
6
DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method
U
Ulf Möller 已提交
7 8 9

=head1 SYNOPSIS

10
 #include <openssl/dsa.h>
11
 #include <openssl/engine.h>
U
Ulf Möller 已提交
12

13
 void DSA_set_default_method(const DSA_METHOD *meth);
U
Ulf Möller 已提交
14

15
 const DSA_METHOD *DSA_get_default_method(void);
U
Ulf Möller 已提交
16

17
 int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
U
Ulf Möller 已提交
18

19
 DSA *DSA_new_method(ENGINE *engine);
U
Ulf Möller 已提交
20 21 22 23 24 25 26

 DSA_METHOD *DSA_OpenSSL(void);

=head1 DESCRIPTION

A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
operations. By modifying the method, alternative implementations
27 28 29 30 31 32 33 34 35 36 37 38
such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
important information about how these DSA API functions are affected by the use
of B<ENGINE> API calls.

Initially, the default DSA_METHOD is the OpenSSL internal implementation,
as returned by DSA_OpenSSL().

DSA_set_default_method() makes B<meth> the default method for all DSA
structures created later. B<NB>: This is true only whilst no ENGINE has
been set as a default for DSA, so this function is no longer recommended.

DSA_get_default_method() returns a pointer to the current default
39
DSA_METHOD. However, the meaningfulness of this result is dependent on
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
whether the ENGINE API is being used, so this function is no longer 
recommended.

DSA_set_method() selects B<meth> to perform all operations using the key
B<rsa>. This will replace the DSA_METHOD used by the DSA key and if the
previous method was supplied by an ENGINE, the handle to that ENGINE will
be released during the change. It is possible to have DSA keys that only
work with certain DSA_METHOD implementations (eg. from an ENGINE module
that supports embedded hardware-protected keys), and in such cases
attempting to change the DSA_METHOD for the key can have unexpected
results.

DSA_new_method() allocates and initializes a DSA structure so that B<engine>
will be used for the DSA operations. If B<engine> is NULL, the default engine
for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD
controlled by DSA_set_default_method() is used.
U
Ulf Möller 已提交
56 57 58 59 60 61

=head1 THE DSA_METHOD STRUCTURE

struct
 {
     /* name of the implementation */
62
        const char *name;
U
Ulf Möller 已提交
63 64 65 66 67 68 69 70 71 72 73 74 75

     /* sign */
	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
                                 DSA *dsa);

     /* pre-compute k^-1 and r */
	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
                                 BIGNUM **rp);

     /* verify */
	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
                                 DSA_SIG *sig, DSA *dsa);

U
Ulf Möller 已提交
76 77
     /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
                                          implementations) */
U
Ulf Möller 已提交
78 79 80 81
	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
                                 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
                                 BN_CTX *ctx, BN_MONT_CTX *in_mont);

U
Ulf Möller 已提交
82
     /* compute r = a ^ p mod m (May be NULL for some implementations) */
83 84 85
        int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
                                 const BIGNUM *p, const BIGNUM *m,
                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
U
Ulf Möller 已提交
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100

     /* called at DSA_new */
        int (*init)(DSA *DSA);

     /* called at DSA_free */
        int (*finish)(DSA *DSA);

        int flags;

        char *app_data; /* ?? */

 } DSA_METHOD;

=head1 RETURN VALUES

101 102
DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective
B<DSA_METHOD>s.
U
Ulf Möller 已提交
103

104
DSA_set_default_method() returns no value.
U
Ulf Möller 已提交
105

106 107 108
DSA_set_method() returns non-zero if the provided B<meth> was successfully set as
the method for B<dsa> (including unloading the ENGINE handle if the previous
method was supplied by an ENGINE).
U
Ulf Möller 已提交
109

110
DSA_new_method() returns NULL and sets an error code that can be
R
Rich Salz 已提交
111
obtained by L<ERR_get_error(3)> if the allocation
112
fails. Otherwise it returns a pointer to the newly allocated structure.
U
Ulf Möller 已提交
113 114 115

=head1 SEE ALSO

R
Rich Salz 已提交
116
L<dsa(3)>, L<DSA_new(3)>
U
Ulf Möller 已提交
117 118

=cut