Reviewed-by: NTim Hudson <tjh@openssl.org>

This change updates 8a99cb29 to make the generation of (EC)DSA nonces
using the message digest the default. It also reverts the changes to
(EC)DSA_METHOD structure.

In addition to making it the default, removing the flag from EC_KEY
means that FIPS modules will no longer have an ABI mismatch.

This change adds the option to calculate (EC)DSA nonces by hashing the
message and private key along with entropy to avoid leaking the private
key if the PRNG fails.

and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.

crypto.h if needed.

Modify source tree to handle change.

OpenSSL malloc dependencies.

DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().

possible PRNG state duplication.

of unneeded includes of openssl/engine.h.

PR: 287

ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.

Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.

At the same time, add VMS support for Rijndael.

"Chad C. Mulligan" <mulligan@antipope.org>.

Submitted by:
Reviewed by:
PR:

New functions DSA_do_sign and DSA_do_verify to provide access to
the raw DSA values.