This patch specifies a new option, NO_DSA_ASN1, which can be used to
enable DSA support without ASN1. This means that DSA_do_sign and
DSA_do_verify can be used to perform DSA computations without ASN1
functions compiled into the library.
This basically does the following things:
- moves a few functions around in crypto/dsa - DSA_size moved to
dsa_asn1.c, DSA_sig_new/_free moved to dsa_lib.c. The ASN1 code was
ifdef-ed out with NO_DSA_ASN1
- replaces
#ifndef NO_DSA
with
#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
all over the place, since all code in the ssl and apps directories use the
ASN1 enabled DSA routines. I doubt if it would be of any value to modify
these functions to use DSA_do_* instead.
Any chance that this could make it in?
Brian
diff -ur openssl-SNAP-19990702-old/apps/ca.c openssl-SNAP-19990702/apps/ca.c
--- openssl-SNAP-19990702-old/apps/ca.c Sun Jun 20 19:00:05 1999
+++ openssl-SNAP-19990702/apps/ca.c Fri Jul 2 16:17:34 1999
@@ -1097,7 +1097,7 @@
}
else
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
dgst=EVP_dss1();
else
@@ -1803,7 +1803,7 @@
}
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA) dgst=EVP_dss1();
pktmp=X509_get_pubkey(ret);
if (EVP_PKEY_missing_parameters(pktmp) &&
diff -ur openssl-SNAP-19990702-old/apps/dsa.c openssl-SNAP-19990702/apps/dsa.c
--- openssl-SNAP-19990702-old/apps/dsa.c Mon Apr 26 22:00:04 1999
+++ openssl-SNAP-19990702/apps/dsa.c Fri Jul 2 16:17:47 1999
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff -ur openssl-SNAP-19990702-old/apps/dsaparam.c
openssl-SNAP-19990702/apps/dsaparam.c
--- openssl-SNAP-19990702-old/apps/dsaparam.c Thu Jun 10 13:00:04 1999
+++ openssl-SNAP-19990702/apps/dsaparam.c Fri Jul 2 16:17:50 1999
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
diff -ur openssl-SNAP-19990702-old/apps/eay.c openssl-SNAP-19990702/apps/eay.c
--- openssl-SNAP-19990702-old/apps/eay.c Fri May 21 08:00:06 1999
+++ openssl-SNAP-19990702/apps/eay.c Fri Jul 2 16:17:53 1999
@@ -123,7 +123,7 @@
#include "ciphers.c"
#include "sess_id.c"
#include "pkcs7.c"
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include "dsaparam.c"
#include "dsa.c"
#include "gendsa.c"
diff -ur openssl-SNAP-19990702-old/apps/gendsa.c openssl-SNAP-19990702/apps/gendsa.c
--- openssl-SNAP-19990702-old/apps/gendsa.c Mon Apr 26 22:00:04 1999
+++ openssl-SNAP-19990702/apps/gendsa.c Fri Jul 2 16:18:01 1999
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
diff -ur openssl-SNAP-19990702-old/apps/progs.h openssl-SNAP-19990702/apps/progs.h
--- openssl-SNAP-19990702-old/apps/progs.h Fri Jun 4 21:00:06 1999
+++ openssl-SNAP-19990702/apps/progs.h Fri Jul 2 16:34:11 1999
@@ -59,17 +59,17 @@
#ifndef NO_RSA
{FUNC_TYPE_GENERAL,"rsa",rsa_main},
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
{FUNC_TYPE_GENERAL,"dsa",dsa_main},
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
#endif
{FUNC_TYPE_GENERAL,"x509",x509_main},
#ifndef NO_RSA
{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
#endif
#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
diff -ur openssl-SNAP-19990702-old/apps/progs.pl openssl-SNAP-19990702/apps/progs.pl
--- openssl-SNAP-19990702-old/apps/progs.pl Tue Apr 27 08:00:03 1999
+++ openssl-SNAP-19990702/apps/progs.pl Fri Jul 2 16:35:22 1999
@@ -33,7 +33,7 @@
elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) )
{ print "#ifndef NO_RSA\n${str}#endif\n"; }
elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
- { print "#ifndef NO_DSA\n${str}#endif\n"; }
+ { print "#if !defined(NO_DSA) &&
+!defined(NO_DSA_ASN1)\n${str}#endif\n"; }
elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
{ print "#ifndef NO_DH\n${str}#endif\n"; }
else
diff -ur openssl-SNAP-19990702-old/apps/req.c openssl-SNAP-19990702/apps/req.c
--- openssl-SNAP-19990702-old/apps/req.c Sun Jun 20 19:00:06 1999
+++ openssl-SNAP-19990702/apps/req.c Fri Jul 2 16:20:48 1999
@@ -129,7 +129,7 @@
int MAIN(int argc, char **argv)
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
DSA *dsa_params=NULL;
#endif
int ex=1,x509=0,days=30;
@@ -229,7 +229,7 @@
newkey= atoi(p);
}
else
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (strncmp("dsa:",p,4) == 0)
{
X509 *xtmp=NULL;
@@ -518,7 +518,7 @@
}
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey_type == TYPE_DSA)
{
if (!DSA_generate_key(dsa_params)) goto end;
@@ -609,7 +609,7 @@
if (newreq || x509)
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
digest=EVP_dss1();
#endif
@@ -809,7 +809,7 @@
X509_free(x509ss);
X509V3_EXT_cleanup();
OBJ_cleanup();
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (dsa_params != NULL) DSA_free(dsa_params);
#endif
EXIT(ex);
diff -ur openssl-SNAP-19990702-old/apps/speed.c openssl-SNAP-19990702/apps/speed.c
--- openssl-SNAP-19990702-old/apps/speed.c Tue Jun 29 21:00:08 1999
+++ openssl-SNAP-19990702/apps/speed.c Fri Jul 2 16:18:34 1999
@@ -157,7 +157,7 @@
#include "./testrsa.h"
#endif
#include <openssl/x509.h>
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include "./testdsa.h"
#endif
@@ -332,7 +332,7 @@
sizeof(test512),sizeof(test1024),
sizeof(test2048),sizeof(test4096)};
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
DSA *dsa_key[DSA_NUM];
long dsa_c[DSA_NUM][2];
double dsa_results[DSA_NUM][2];
@@ -344,7 +344,7 @@
int pr_header=0;
apps_startup();
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
memset(dsa_key,0,sizeof(dsa_key));
#endif
@@ -495,7 +495,7 @@
}
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (strcmp(*argv,"dsa") == 0)
{
dsa_doit[R_DSA_512]=1;
@@ -528,7 +528,7 @@
#ifndef NO_RSA
BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n");
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n");
#endif
BIO_printf(bio_err,"idea rc2 des rsa
blowfish\n");
@@ -579,7 +579,7 @@
}
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
dsa_key[0]=get_dsa512();
dsa_key[1]=get_dsa1024();
dsa_key[2]=get_dsa2048();
@@ -1019,7 +1019,7 @@
#endif
RAND_bytes(buf,20);
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
for (j=0; j<DSA_NUM; j++)
{
unsigned int kk;
@@ -1140,7 +1140,7 @@
fprintf(stdout,"\n");
}
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
j=1;
for (k=0; k<DSA_NUM; k++)
{
@@ -1164,7 +1164,7 @@
if (rsa_key[i] != NULL)
RSA_free(rsa_key[i]);
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
for (i=0; i<DSA_NUM; i++)
if (dsa_key[i] != NULL)
DSA_free(dsa_key[i]);
diff -ur openssl-SNAP-19990702-old/apps/x509.c openssl-SNAP-19990702/apps/x509.c
--- openssl-SNAP-19990702-old/apps/x509.c Tue May 25 18:00:08 1999
+++ openssl-SNAP-19990702/apps/x509.c Fri Jul 2 16:18:43 1999
@@ -512,7 +512,7 @@
BN_print(STDout,pkey->pkey.rsa->n);
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
BN_print(STDout,pkey->pkey.dsa->pub_key);
else
@@ -621,7 +621,7 @@
Upkey=load_key(keyfile,keyformat);
if (Upkey == NULL) goto end;
}
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (Upkey->type == EVP_PKEY_DSA)
digest=EVP_dss1();
#endif
@@ -637,7 +637,7 @@
CApkey=load_key(CAkeyfile,CAkeyformat);
if (CApkey == NULL) goto end;
}
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (CApkey->type == EVP_PKEY_DSA)
digest=EVP_dss1();
#endif
diff -ur openssl-SNAP-19990702-old/crypto/dsa/dsa_asn1.c
openssl-SNAP-19990702/crypto/dsa/dsa_asn1.c
--- openssl-SNAP-19990702-old/crypto/dsa/dsa_asn1.c Fri Apr 23 19:00:30 1999
+++ openssl-SNAP-19990702/crypto/dsa/dsa_asn1.c Fri Jul 2 16:02:48 1999
@@ -1,34 +1,13 @@
/* crypto/dsa/dsa_asn1.c */
+#ifndef NO_DSA_ASN1
+
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/dsa.h>
#include <openssl/asn1.h>
#include <openssl/asn1_mac.h>
-DSA_SIG *DSA_SIG_new(void)
-{
- DSA_SIG *ret;
-
- ret = Malloc(sizeof(DSA_SIG));
- if (ret == NULL)
- {
- DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->r = NULL;
- ret->s = NULL;
- return(ret);
-}
-
-void DSA_SIG_free(DSA_SIG *r)
-{
- if (r == NULL) return;
- if (r->r) BN_clear_free(r->r);
- if (r->s) BN_clear_free(r->s);
- Free(r);
-}
-
int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp)
{
int t=0,len;
@@ -94,3 +73,24 @@
if (bs != NULL) ASN1_BIT_STRING_free(bs);
return(NULL);
}
+
+int DSA_size(DSA *r)
+ {
+ int ret,i;
+ ASN1_INTEGER bs;
+ unsigned char buf[4];
+
+ i=BN_num_bits(r->q);
+ bs.length=(i+7)/8;
+ bs.data=buf;
+ bs.type=V_ASN1_INTEGER;
+ /* If the top bit is set the asn1 encoding is 1 larger. */
+ buf[0]=0xff;
+
+ i=i2d_ASN1_INTEGER(&bs,NULL);
+ i+=i; /* r and s */
+ ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+ return(ret);
+ }
+
+#endif /* NO_DSA_ASN1 */
diff -ur openssl-SNAP-19990702-old/crypto/dsa/dsa_lib.c
openssl-SNAP-19990702/crypto/dsa/dsa_lib.c
--- openssl-SNAP-19990702-old/crypto/dsa/dsa_lib.c Fri Apr 23 19:00:30 1999
+++ openssl-SNAP-19990702/crypto/dsa/dsa_lib.c Fri Jul 2 15:49:38 1999
@@ -62,7 +62,6 @@
#include "cryptlib.h"
#include <openssl/bn.h>
#include <openssl/dsa.h>
-#include <openssl/asn1.h>
const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
@@ -126,22 +125,26 @@
Free(r);
}
-int DSA_size(DSA *r)
- {
- int ret,i;
- ASN1_INTEGER bs;
- unsigned char buf[4];
-
- i=BN_num_bits(r->q);
- bs.length=(i+7)/8;
- bs.data=buf;
- bs.type=V_ASN1_INTEGER;
- /* If the top bit is set the asn1 encoding is 1 larger. */
- buf[0]=0xff;
-
- i=i2d_ASN1_INTEGER(&bs,NULL);
- i+=i; /* r and s */
- ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+DSA_SIG *DSA_SIG_new(void)
+{
+ DSA_SIG *ret;
+
+ ret = Malloc(sizeof(DSA_SIG));
+ if (ret == NULL)
+ {
+ DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->r = NULL;
+ ret->s = NULL;
return(ret);
- }
+}
+
+void DSA_SIG_free(DSA_SIG *r)
+{
+ if (r == NULL) return;
+ if (r->r) BN_clear_free(r->r);
+ if (r->s) BN_clear_free(r->s);
+ Free(r);
+}
diff -ur openssl-SNAP-19990702-old/crypto/dsa/dsa_sign.c
openssl-SNAP-19990702/crypto/dsa/dsa_sign.c
--- openssl-SNAP-19990702-old/crypto/dsa/dsa_sign.c Fri Jun 25 10:00:14 1999
+++ openssl-SNAP-19990702/crypto/dsa/dsa_sign.c Fri Jul 2 15:49:38 1999
@@ -63,7 +63,10 @@
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
+
+#ifndef NO_DSA_ASN1
#include <openssl/asn1.h>
+#endif
DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
@@ -132,6 +135,8 @@
/* data has already been hashed (probably with SHA or SHA-1). */
+#ifndef NO_DSA_ASN1
+
/* unsigned char *sig: out */
/* unsigned int *siglen: out */
int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
@@ -148,6 +153,8 @@
DSA_SIG_free(s);
return(1);
}
+
+#endif /* NO_DSA_ASN1 */
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
diff -ur openssl-SNAP-19990702-old/crypto/dsa/dsa_vrf.c
openssl-SNAP-19990702/crypto/dsa/dsa_vrf.c
--- openssl-SNAP-19990702-old/crypto/dsa/dsa_vrf.c Fri Apr 23 19:00:30 1999
+++ openssl-SNAP-19990702/crypto/dsa/dsa_vrf.c Fri Jul 2 15:49:38 1999
@@ -63,8 +63,11 @@
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
+
+#ifndef NO_DSA_ASN1
#include <openssl/asn1.h>
#include <openssl/asn1_mac.h>
+#endif
int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
DSA *dsa)
@@ -138,6 +141,7 @@
return(ret);
}
+#ifndef NO_DSA_ASN1
/* data has already been hashed (probably with SHA or SHA-1). */
/* returns
* 1: correct signature
@@ -158,3 +162,4 @@
DSA_SIG_free(s);
return(ret);
}
+#endif /* NO_DSA_ASN1 */
diff -ur openssl-SNAP-19990702-old/crypto/dsa/dsatest.c
openssl-SNAP-19990702/crypto/dsa/dsatest.c
--- openssl-SNAP-19990702-old/crypto/dsa/dsatest.c Fri Jun 25 10:00:14 1999
+++ openssl-SNAP-19990702/crypto/dsa/dsatest.c Fri Jul 2 16:39:12 1999
@@ -69,7 +69,7 @@
#include "../bio/bss_file.c"
#endif
-#ifdef NO_DSA
+#if defined(NO_DSA) || defined(NO_DSA_ASN1)
int main(int argc, char *argv[])
{
printf("No DSA support\n");
diff -ur openssl-SNAP-19990702-old/crypto/evp/c_all.c
openssl-SNAP-19990702/crypto/evp/c_all.c
--- openssl-SNAP-19990702-old/crypto/evp/c_all.c Fri Jun 4 21:00:22 1999
+++ openssl-SNAP-19990702/crypto/evp/c_all.c Fri Jul 2 16:22:49 1999
@@ -165,7 +165,7 @@
#endif
#ifndef NO_SHA
EVP_add_digest(EVP_sha());
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
EVP_add_digest(EVP_dss());
#endif
#endif
@@ -173,7 +173,7 @@
EVP_add_digest(EVP_sha1());
EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA);
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
EVP_add_digest(EVP_dss1());
EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
EVP_add_digest_alias(SN_dsaWithSHA1,"DSS1");
diff -ur openssl-SNAP-19990702-old/crypto/evp/e_dsa.c
openssl-SNAP-19990702/crypto/evp/e_dsa.c
--- openssl-SNAP-19990702-old/crypto/evp/e_dsa.c Fri Apr 23 19:00:32 1999
+++ openssl-SNAP-19990702/crypto/evp/e_dsa.c Fri Jul 2 16:02:34 1999
@@ -56,6 +56,8 @@
* [including the GNU Public Licence.]
*/
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
+
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
@@ -69,3 +71,4 @@
{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
};
+#endif
diff -ur openssl-SNAP-19990702-old/crypto/evp/evp_pkey.c
openssl-SNAP-19990702/crypto/evp/evp_pkey.c
--- openssl-SNAP-19990702-old/crypto/evp/evp_pkey.c Mon Apr 26 22:00:13 1999
+++ openssl-SNAP-19990702/crypto/evp/evp_pkey.c Fri Jul 2 16:24:34 1999
@@ -70,7 +70,7 @@
#ifndef NO_RSA
RSA *rsa;
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
DSA *dsa;
ASN1_INTEGER *dsapriv;
STACK *ndsa;
@@ -114,7 +114,7 @@
EVP_PKEY_assign_RSA (pkey, rsa);
break;
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
case NID_dsa:
/* PKCS#8 DSA is weird: you just get a private key integer
* and parameters in the AlgorithmIdentifier the pubkey must
@@ -198,7 +198,7 @@
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
{
PKCS8_PRIV_KEY_INFO *p8;
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
ASN1_INTEGER *dpkey;
unsigned char *p, *q;
int len;
@@ -227,7 +227,7 @@
}
break;
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
case EVP_PKEY_DSA:
p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa);
diff -ur openssl-SNAP-19990702-old/crypto/evp/m_dss.c
openssl-SNAP-19990702/crypto/evp/m_dss.c
--- openssl-SNAP-19990702-old/crypto/evp/m_dss.c Tue Apr 27 01:00:20 1999
+++ openssl-SNAP-19990702/crypto/evp/m_dss.c Fri Jul 2 16:14:36 1999
@@ -62,7 +62,7 @@
#include <openssl/objects.h>
#include <openssl/x509.h>
-#ifndef NO_SHA
+#if !defined(NO_SHA) && !defined(NO_DSA) && !defined(NO_DSA_ASN1)
static EVP_MD dsa_md=
{
NID_dsaWithSHA,
diff -ur openssl-SNAP-19990702-old/crypto/evp/m_dss1.c
openssl-SNAP-19990702/crypto/evp/m_dss1.c
--- openssl-SNAP-19990702-old/crypto/evp/m_dss1.c Tue Apr 27 01:00:20 1999
+++ openssl-SNAP-19990702/crypto/evp/m_dss1.c Fri Jul 2 16:14:43 1999
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
-#ifndef NO_SHA
+#if !defined(NO_SHA) && !defined(NO_DSA) && !defined(NO_DSA_ASN1)
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
diff -ur openssl-SNAP-19990702-old/crypto/evp/p_lib.c
openssl-SNAP-19990702/crypto/evp/p_lib.c
--- openssl-SNAP-19990702-old/crypto/evp/p_lib.c Mon Apr 26 13:00:21 1999
+++ openssl-SNAP-19990702/crypto/evp/p_lib.c Fri Jul 2 16:24:42 1999
@@ -71,7 +71,7 @@
return(BN_num_bits(pkey->pkey.rsa->n));
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
return(BN_num_bits(pkey->pkey.dsa->p));
#endif
@@ -87,7 +87,7 @@
return(RSA_size(pkey->pkey.rsa));
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
return(DSA_size(pkey->pkey.dsa));
#endif
@@ -96,7 +96,7 @@
int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
int ret=pkey->save_parameters=mode;
@@ -122,7 +122,7 @@
EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
goto err;
}
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (to->type == EVP_PKEY_DSA)
{
BIGNUM *a;
@@ -147,7 +147,7 @@
int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
DSA *dsa;
@@ -162,7 +162,7 @@
int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b)
{
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
{
if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
@@ -257,7 +257,7 @@
RSA_free(x->pkey.rsa);
break;
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
case EVP_PKEY_DSA:
case EVP_PKEY_DSA2:
case EVP_PKEY_DSA3:
diff -ur openssl-SNAP-19990702-old/ssl/s3_clnt.c openssl-SNAP-19990702/ssl/s3_clnt.c
--- openssl-SNAP-19990702-old/ssl/s3_clnt.c Fri Jun 11 22:00:24 1999
+++ openssl-SNAP-19990702/ssl/s3_clnt.c Fri Jul 2 16:06:30 1999
@@ -992,7 +992,7 @@
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (alg & SSL_aDSS)
pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509);
#endif
@@ -1070,7 +1070,7 @@
}
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
/* lets do DSS */
@@ -1453,7 +1453,7 @@
int i=0;
#endif
unsigned long n;
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
int j;
#endif
@@ -1485,7 +1485,7 @@
}
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
if (!DSA_sign(pkey->save_type,
@@ -1643,7 +1643,7 @@
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
goto f_err;
}
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
{
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
diff -ur openssl-SNAP-19990702-old/ssl/s3_srvr.c openssl-SNAP-19990702/ssl/s3_srvr.c
--- openssl-SNAP-19990702-old/ssl/s3_srvr.c Sun May 23 10:00:18 1999
+++ openssl-SNAP-19990702/ssl/s3_srvr.c Fri Jul 2 16:06:56 1999
@@ -1039,7 +1039,7 @@
}
else
#endif
-#if !defined(NO_DSA)
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
/* lets do DSS */
@@ -1468,7 +1468,7 @@
}
else
#endif
-#ifndef NO_DSA
+#if !defined(NO_DSA) && !defined(NO_DSA_ASN1)
if (pkey->type == EVP_PKEY_DSA)
{
j=DSA_verify(pkey->save_type,
diff -ur openssl-SNAP-19990702-old/ssl/ssl_algs.c openssl-SNAP-19990702/ssl/ssl_algs.c
--- openssl-SNAP-19990702-old/ssl/ssl_algs.c Mon Jun 7 17:00:56 1999
+++ openssl-SNAP-19990702/ssl/ssl_algs.c Fri Jul 2 16:21:40 1999
@@ -89,7 +89,7 @@
EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
EVP_add_digest_alias(SN_sha1,"ssl3-sha1");
#endif
-#if !defined(NO_SHA) && !defined(NO_DSA)
+#if !defined(NO_SHA) && !defined(NO_DSA) && !defined(NO_DSA_ASN1)
EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
#endif
