DH keys have an (until now) unused 'q' parameter. When creating from DSA copy

[oweals/openssl.git] / crypto / dsa / dsa_pmeth.c

diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 646ef3f0939d6afc76c609f37d1311da5f2a8729..715d8d675bb766994d06d8ee2339bb71246a5a9a 100644 (file)
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -1,4 +1,4 @@
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
 /* ====================================================================
@@ -60,6 +60,7 @@
 #include <openssl/asn1t.h>
 #include <openssl/x509.h>
 #include <openssl/evp.h>
+#include <openssl/bn.h>
 #include "evp_locl.h"
 #include "dsa_locl.h"
 
@@ -131,7 +132,7 @@ static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 
        ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
 
-       if (ret < 0)
+       if (ret <= 0)
                return ret;
        *siglen = sltmp;
        return 1;
@@ -185,8 +186,12 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_MD:
                if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1   &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_dsa    &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA    &&
                    EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
-                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256)
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
                        {
                        DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
                        return 0;
@@ -194,7 +199,9 @@ static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                dctx->md = p2;
                return 1;
 
+               case EVP_PKEY_CTRL_DIGESTINIT:
                case EVP_PKEY_CTRL_PKCS7_SIGN:
+               case EVP_PKEY_CTRL_CMS_SIGN:
                return 1;
                
                case EVP_PKEY_CTRL_PEER_KEY:
@@ -248,7 +255,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
        if (!dsa)
                return 0;
        ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
-                                  NULL, 0, NULL, NULL, pcb);
+                                  NULL, 0, NULL, NULL, NULL, pcb);
        if (ret)
                EVP_PKEY_assign_DSA(pkey, dsa);
        else