1 /*
2 * Copyright 2019-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <string.h>
17
18 #include <openssl/crypto.h>
19 #include <openssl/core_dispatch.h>
20 #include <openssl/core_names.h>
21 #include <openssl/err.h>
22 #include <openssl/dsa.h>
23 #include <openssl/params.h>
24 #include <openssl/evp.h>
25 #include <openssl/proverr.h>
26 #include "internal/nelem.h"
27 #include "internal/sizes.h"
28 #include "internal/cryptlib.h"
29 #include "prov/providercommon.h"
30 #include "prov/implementations.h"
31 #include "prov/provider_ctx.h"
32 #include "prov/securitycheck.h"
33 #include "prov/der_dsa.h"
34 #include "crypto/dsa.h"
35
36 static OSSL_FUNC_signature_newctx_fn dsa_newctx;
37 static OSSL_FUNC_signature_sign_init_fn dsa_sign_init;
38 static OSSL_FUNC_signature_verify_init_fn dsa_verify_init;
39 static OSSL_FUNC_signature_sign_fn dsa_sign;
40 static OSSL_FUNC_signature_sign_message_update_fn dsa_signverify_message_update;
41 static OSSL_FUNC_signature_sign_message_final_fn dsa_sign_message_final;
42 static OSSL_FUNC_signature_verify_fn dsa_verify;
43 static OSSL_FUNC_signature_verify_message_update_fn dsa_signverify_message_update;
44 static OSSL_FUNC_signature_verify_message_final_fn dsa_verify_message_final;
45 static OSSL_FUNC_signature_digest_sign_init_fn dsa_digest_sign_init;
46 static OSSL_FUNC_signature_digest_sign_update_fn dsa_digest_signverify_update;
47 static OSSL_FUNC_signature_digest_sign_final_fn dsa_digest_sign_final;
48 static OSSL_FUNC_signature_digest_verify_init_fn dsa_digest_verify_init;
49 static OSSL_FUNC_signature_digest_verify_update_fn dsa_digest_signverify_update;
50 static OSSL_FUNC_signature_digest_verify_final_fn dsa_digest_verify_final;
51 static OSSL_FUNC_signature_freectx_fn dsa_freectx;
52 static OSSL_FUNC_signature_dupctx_fn dsa_dupctx;
53 static OSSL_FUNC_signature_query_key_types_fn dsa_sigalg_query_key_types;
54 static OSSL_FUNC_signature_get_ctx_params_fn dsa_get_ctx_params;
55 static OSSL_FUNC_signature_gettable_ctx_params_fn dsa_gettable_ctx_params;
56 static OSSL_FUNC_signature_set_ctx_params_fn dsa_set_ctx_params;
57 static OSSL_FUNC_signature_settable_ctx_params_fn dsa_settable_ctx_params;
58 static OSSL_FUNC_signature_get_ctx_md_params_fn dsa_get_ctx_md_params;
59 static OSSL_FUNC_signature_gettable_ctx_md_params_fn dsa_gettable_ctx_md_params;
60 static OSSL_FUNC_signature_set_ctx_md_params_fn dsa_set_ctx_md_params;
61 static OSSL_FUNC_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params;
62 static OSSL_FUNC_signature_set_ctx_params_fn dsa_sigalg_set_ctx_params;
63 static OSSL_FUNC_signature_settable_ctx_params_fn dsa_sigalg_settable_ctx_params;
64
65 /*
66 * What's passed as an actual key is defined by the KEYMGMT interface.
67 * We happen to know that our KEYMGMT simply passes DSA structures, so
68 * we use that here too.
69 */
70
71 typedef struct {
72 OSSL_LIB_CTX *libctx;
73 char *propq;
74 DSA *dsa;
75 /* |operation| reuses EVP's operation bitfield */
76 int operation;
77
78 /*
79 * Flag to determine if a full sigalg is run (1) or if a composable
80 * signature algorithm is run (0).
81 *
82 * When a full sigalg is run (1), this currently affects the following
83 * other flags, which are to remain untouched after their initialization:
84 *
85 * - flag_allow_md (initialized to 0)
86 */
87 unsigned int flag_sigalg : 1;
88 /*
89 * Flag to determine if the hash function can be changed (1) or not (0)
90 * Because it's dangerous to change during a DigestSign or DigestVerify
91 * operation, this flag is cleared by their Init function, and set again
92 * by their Final function.
93 */
94 unsigned int flag_allow_md : 1;
95
96 /* If this is set to 1 then the generated k is not random */
97 unsigned int nonce_type;
98
99 /* The Algorithm Identifier of the combined signature algorithm */
100 unsigned char aid_buf[OSSL_MAX_ALGORITHM_ID_SIZE];
101 size_t aid_len;
102
103 /* main digest */
104 char mdname[OSSL_MAX_NAME_SIZE];
105 EVP_MD *md;
106 EVP_MD_CTX *mdctx;
107
108 /* Signature, for verification */
109 unsigned char *sig;
110 size_t siglen;
111
112 OSSL_FIPS_IND_DECLARE
113 } PROV_DSA_CTX;
114
dsa_get_md_size(const PROV_DSA_CTX * pdsactx)115 static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
116 {
117 int md_size;
118
119 if (pdsactx->md != NULL) {
120 md_size = EVP_MD_get_size(pdsactx->md);
121 if (md_size <= 0)
122 return 0;
123 return (size_t)md_size;
124 }
125 return 0;
126 }
127
dsa_newctx(void * provctx,const char * propq)128 static void *dsa_newctx(void *provctx, const char *propq)
129 {
130 PROV_DSA_CTX *pdsactx;
131
132 if (!ossl_prov_is_running())
133 return NULL;
134
135 pdsactx = OPENSSL_zalloc(sizeof(PROV_DSA_CTX));
136 if (pdsactx == NULL)
137 return NULL;
138
139 pdsactx->libctx = PROV_LIBCTX_OF(provctx);
140 pdsactx->flag_allow_md = 1;
141 OSSL_FIPS_IND_INIT(pdsactx)
142 if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) {
143 OPENSSL_free(pdsactx);
144 pdsactx = NULL;
145 }
146 return pdsactx;
147 }
148
dsa_setup_md(PROV_DSA_CTX * ctx,const char * mdname,const char * mdprops,const char * desc)149 static int dsa_setup_md(PROV_DSA_CTX *ctx,
150 const char *mdname, const char *mdprops,
151 const char *desc)
152 {
153 EVP_MD *md = NULL;
154
155 if (mdprops == NULL)
156 mdprops = ctx->propq;
157
158 if (mdname != NULL) {
159 WPACKET pkt;
160 int md_nid;
161 size_t mdname_len = strlen(mdname);
162 unsigned char *aid = NULL;
163
164 md = EVP_MD_fetch(ctx->libctx, mdname, mdprops);
165 md_nid = ossl_digest_get_approved_nid(md);
166
167 if (md == NULL) {
168 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
169 "%s could not be fetched", mdname);
170 goto err;
171 }
172 if (md_nid == NID_undef) {
173 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
174 "digest=%s", mdname);
175 goto err;
176 }
177 if (mdname_len >= sizeof(ctx->mdname)) {
178 ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_DIGEST,
179 "%s exceeds name buffer length", mdname);
180 goto err;
181 }
182 /* XOF digests don't work */
183 if (EVP_MD_xof(md)) {
184 ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
185 goto err;
186 }
187 #ifdef FIPS_MODULE
188 {
189 int sha1_allowed
190 = ((ctx->operation
191 & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_SIGNMSG)) == 0);
192
193 if (!ossl_fips_ind_digest_sign_check(OSSL_FIPS_IND_GET(ctx),
194 OSSL_FIPS_IND_SETTABLE1,
195 ctx->libctx,
196 md_nid, sha1_allowed, desc,
197 ossl_fips_config_signature_digest_check))
198 goto err;
199 }
200 #endif
201
202 if (!ctx->flag_allow_md) {
203 if (ctx->mdname[0] != '\0'
204 && !EVP_MD_is_a(md, ctx->mdname)) {
205 ERR_raise_data(ERR_LIB_PROV, PROV_R_DIGEST_NOT_ALLOWED,
206 "digest %s != %s", mdname, ctx->mdname);
207 goto err;
208 }
209 EVP_MD_free(md);
210 return 1;
211 }
212
213 EVP_MD_CTX_free(ctx->mdctx);
214 EVP_MD_free(ctx->md);
215
216 /*
217 * We do not care about DER writing errors.
218 * All it really means is that for some reason, there's no
219 * AlgorithmIdentifier to be had, but the operation itself is
220 * still valid, just as long as it's not used to construct
221 * anything that needs an AlgorithmIdentifier.
222 */
223 ctx->aid_len = 0;
224 if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf))
225 && ossl_DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa,
226 md_nid)
227 && WPACKET_finish(&pkt)) {
228 WPACKET_get_total_written(&pkt, &ctx->aid_len);
229 aid = WPACKET_get_curr(&pkt);
230 }
231 WPACKET_cleanup(&pkt);
232 if (aid != NULL && ctx->aid_len != 0)
233 memmove(ctx->aid_buf, aid, ctx->aid_len);
234
235 ctx->mdctx = NULL;
236 ctx->md = md;
237 OPENSSL_strlcpy(ctx->mdname, mdname, sizeof(ctx->mdname));
238 }
239
240 return 1;
241 err:
242 EVP_MD_free(md);
243 return 0;
244 }
245
246 #ifdef FIPS_MODULE
247
dsa_sign_check_approved(PROV_DSA_CTX * ctx,int signing,const char * desc)248 static int dsa_sign_check_approved(PROV_DSA_CTX *ctx, int signing,
249 const char *desc)
250 {
251 /* DSA Signing is not approved in FIPS 140-3 */
252 if (signing
253 && !OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE2,
254 ctx->libctx, desc, "DSA",
255 ossl_fips_config_dsa_sign_disallowed))
256 return 0;
257 return 1;
258 }
259
dsa_check_key(PROV_DSA_CTX * ctx,int sign,const char * desc)260 static int dsa_check_key(PROV_DSA_CTX *ctx, int sign, const char *desc)
261 {
262 int approved = ossl_dsa_check_key(ctx->dsa, sign);
263
264 if (!approved) {
265 if (!OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE0,
266 ctx->libctx, desc, "DSA Key",
267 ossl_fips_config_signature_digest_check)) {
268 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
269 return 0;
270 }
271 }
272 return 1;
273 }
274 #endif
275
276 static int
dsa_signverify_init(void * vpdsactx,void * vdsa,OSSL_FUNC_signature_set_ctx_params_fn * set_ctx_params,const OSSL_PARAM params[],int operation,const char * desc)277 dsa_signverify_init(void *vpdsactx, void *vdsa,
278 OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params,
279 const OSSL_PARAM params[], int operation,
280 const char *desc)
281 {
282 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
283
284 if (!ossl_prov_is_running()
285 || pdsactx == NULL)
286 return 0;
287
288 if (vdsa == NULL && pdsactx->dsa == NULL) {
289 ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
290 return 0;
291 }
292
293 if (vdsa != NULL) {
294 if (!DSA_up_ref(vdsa))
295 return 0;
296 DSA_free(pdsactx->dsa);
297 pdsactx->dsa = vdsa;
298 }
299
300 pdsactx->operation = operation;
301
302 OSSL_FIPS_IND_SET_APPROVED(pdsactx)
303 if (!set_ctx_params(pdsactx, params))
304 return 0;
305 #ifdef FIPS_MODULE
306 {
307 int operation_is_sign
308 = (operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_SIGNMSG)) != 0;
309
310 if (!dsa_sign_check_approved(pdsactx, operation_is_sign, desc))
311 return 0;
312 if (!dsa_check_key(pdsactx, operation_is_sign, desc))
313 return 0;
314 }
315 #endif
316 return 1;
317 }
318
dsa_sign_init(void * vpdsactx,void * vdsa,const OSSL_PARAM params[])319 static int dsa_sign_init(void *vpdsactx, void *vdsa, const OSSL_PARAM params[])
320 {
321 return dsa_signverify_init(vpdsactx, vdsa, dsa_set_ctx_params, params,
322 EVP_PKEY_OP_SIGN, "DSA Sign Init");
323 }
324
325 /*
326 * Sign tbs without digesting it first. This is suitable for "primitive"
327 * signing and signing the digest of a message, i.e. should be used with
328 * implementations of the keytype related algorithms.
329 */
dsa_sign_directly(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)330 static int dsa_sign_directly(void *vpdsactx,
331 unsigned char *sig, size_t *siglen, size_t sigsize,
332 const unsigned char *tbs, size_t tbslen)
333 {
334 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
335 int ret;
336 unsigned int sltmp;
337 size_t dsasize = DSA_size(pdsactx->dsa);
338 size_t mdsize = dsa_get_md_size(pdsactx);
339
340 if (!ossl_prov_is_running())
341 return 0;
342
343 #ifdef FIPS_MODULE
344 if (!dsa_sign_check_approved(pdsactx, 1, "Sign"))
345 return 0;
346 #endif
347
348 if (sig == NULL) {
349 *siglen = dsasize;
350 return 1;
351 }
352
353 if (sigsize < dsasize)
354 return 0;
355
356 if (mdsize != 0 && tbslen != mdsize)
357 return 0;
358
359 ret = ossl_dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa,
360 pdsactx->nonce_type, pdsactx->mdname,
361 pdsactx->libctx, pdsactx->propq);
362 if (ret <= 0)
363 return 0;
364
365 *siglen = sltmp;
366 return 1;
367 }
368
dsa_signverify_message_update(void * vpdsactx,const unsigned char * data,size_t datalen)369 static int dsa_signverify_message_update(void *vpdsactx,
370 const unsigned char *data,
371 size_t datalen)
372 {
373 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
374
375 if (pdsactx == NULL)
376 return 0;
377
378 return EVP_DigestUpdate(pdsactx->mdctx, data, datalen);
379 }
380
dsa_sign_message_final(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize)381 static int dsa_sign_message_final(void *vpdsactx, unsigned char *sig,
382 size_t *siglen, size_t sigsize)
383 {
384 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
385 unsigned char digest[EVP_MAX_MD_SIZE];
386 unsigned int dlen = 0;
387
388 if (!ossl_prov_is_running() || pdsactx == NULL || pdsactx->mdctx == NULL)
389 return 0;
390 /*
391 * If sig is NULL then we're just finding out the sig size. Other fields
392 * are ignored. Defer to dsa_sign.
393 */
394 if (sig != NULL) {
395 /*
396 * When this function is used through dsa_digest_sign_final(),
397 * there is the possibility that some externally provided digests
398 * exceed EVP_MAX_MD_SIZE. We should probably handle that
399 * somehow but that problem is much larger than just in DSA.
400 */
401 if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen))
402 return 0;
403 }
404
405 return dsa_sign_directly(vpdsactx, sig, siglen, sigsize, digest, dlen);
406 }
407
408 /*
409 * If signing a message, digest tbs and sign the result.
410 * Otherwise, sign tbs directly.
411 */
dsa_sign(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize,const unsigned char * tbs,size_t tbslen)412 static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen,
413 size_t sigsize, const unsigned char *tbs, size_t tbslen)
414 {
415 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
416
417 if (pdsactx->operation == EVP_PKEY_OP_SIGNMSG) {
418 /*
419 * If |sig| is NULL, the caller is only looking for the sig length.
420 * DO NOT update the input in this case.
421 */
422 if (sig == NULL)
423 return dsa_sign_message_final(pdsactx, sig, siglen, sigsize);
424
425 if (dsa_signverify_message_update(pdsactx, tbs, tbslen) <= 0)
426 return 0;
427 return dsa_sign_message_final(pdsactx, sig, siglen, sigsize);
428 }
429 return dsa_sign_directly(pdsactx, sig, siglen, sigsize, tbs, tbslen);
430 }
431
dsa_verify_init(void * vpdsactx,void * vdsa,const OSSL_PARAM params[])432 static int dsa_verify_init(void *vpdsactx, void *vdsa,
433 const OSSL_PARAM params[])
434 {
435 return dsa_signverify_init(vpdsactx, vdsa, dsa_set_ctx_params, params,
436 EVP_PKEY_OP_VERIFY, "DSA Verify Init");
437 }
438
dsa_verify_directly(void * vpdsactx,const unsigned char * sig,size_t siglen,const unsigned char * tbs,size_t tbslen)439 static int dsa_verify_directly(void *vpdsactx,
440 const unsigned char *sig, size_t siglen,
441 const unsigned char *tbs, size_t tbslen)
442 {
443 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
444 size_t mdsize = dsa_get_md_size(pdsactx);
445
446 if (!ossl_prov_is_running() || (mdsize != 0 && tbslen != mdsize))
447 return 0;
448
449 return DSA_verify(0, tbs, tbslen, sig, siglen, pdsactx->dsa);
450 }
451
dsa_verify_set_sig(void * vpdsactx,const unsigned char * sig,size_t siglen)452 static int dsa_verify_set_sig(void *vpdsactx,
453 const unsigned char *sig, size_t siglen)
454 {
455 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
456 OSSL_PARAM params[2];
457
458 params[0] =
459 OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE,
460 (unsigned char *)sig, siglen);
461 params[1] = OSSL_PARAM_construct_end();
462 return dsa_sigalg_set_ctx_params(pdsactx, params);
463 }
464
dsa_verify_message_final(void * vpdsactx)465 static int dsa_verify_message_final(void *vpdsactx)
466 {
467 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
468 unsigned char digest[EVP_MAX_MD_SIZE];
469 unsigned int dlen = 0;
470
471 if (!ossl_prov_is_running())
472 return 0;
473
474 if (pdsactx == NULL || pdsactx->mdctx == NULL)
475 return 0;
476
477 /*
478 * The digests used here are all known (see dsa_get_md_nid()), so they
479 * should not exceed the internal buffer size of EVP_MAX_MD_SIZE.
480 */
481 if (!EVP_DigestFinal_ex(pdsactx->mdctx, digest, &dlen))
482 return 0;
483
484 return dsa_verify_directly(vpdsactx, pdsactx->sig, pdsactx->siglen,
485 digest, dlen);
486 }
487
488 /*
489 * If verifying a message, digest tbs and verify the result.
490 * Otherwise, verify tbs directly.
491 */
dsa_verify(void * vpdsactx,const unsigned char * sig,size_t siglen,const unsigned char * tbs,size_t tbslen)492 static int dsa_verify(void *vpdsactx,
493 const unsigned char *sig, size_t siglen,
494 const unsigned char *tbs, size_t tbslen)
495 {
496 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
497
498 if (pdsactx->operation == EVP_PKEY_OP_VERIFYMSG) {
499 if (dsa_verify_set_sig(pdsactx, sig, siglen) <= 0)
500 return 0;
501 if (dsa_signverify_message_update(pdsactx, tbs, tbslen) <= 0)
502 return 0;
503 return dsa_verify_message_final(pdsactx);
504 }
505 return dsa_verify_directly(pdsactx, sig, siglen, tbs, tbslen);
506 }
507
508 /* DigestSign/DigestVerify wrappers */
509
dsa_digest_signverify_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[],int operation,const char * desc)510 static int dsa_digest_signverify_init(void *vpdsactx, const char *mdname,
511 void *vdsa, const OSSL_PARAM params[],
512 int operation, const char *desc)
513 {
514 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
515
516 if (!ossl_prov_is_running())
517 return 0;
518
519 if (!dsa_signverify_init(vpdsactx, vdsa, dsa_set_ctx_params, params,
520 operation, desc))
521 return 0;
522
523 if (mdname != NULL
524 /* was dsa_setup_md already called in dsa_signverify_init()? */
525 && (mdname[0] == '\0' || OPENSSL_strcasecmp(pdsactx->mdname, mdname) != 0)
526 && !dsa_setup_md(pdsactx, mdname, NULL, desc))
527 return 0;
528
529 pdsactx->flag_allow_md = 0;
530
531 if (pdsactx->mdctx == NULL) {
532 pdsactx->mdctx = EVP_MD_CTX_new();
533 if (pdsactx->mdctx == NULL)
534 goto error;
535 }
536
537 if (!EVP_DigestInit_ex2(pdsactx->mdctx, pdsactx->md, params))
538 goto error;
539
540 return 1;
541
542 error:
543 EVP_MD_CTX_free(pdsactx->mdctx);
544 pdsactx->mdctx = NULL;
545 return 0;
546 }
547
dsa_digest_sign_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[])548 static int dsa_digest_sign_init(void *vpdsactx, const char *mdname,
549 void *vdsa, const OSSL_PARAM params[])
550 {
551 return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params,
552 EVP_PKEY_OP_SIGNMSG,
553 "DSA Digest Sign Init");
554 }
555
dsa_digest_signverify_update(void * vpdsactx,const unsigned char * data,size_t datalen)556 static int dsa_digest_signverify_update(void *vpdsactx, const unsigned char *data,
557 size_t datalen)
558 {
559 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
560
561 if (pdsactx == NULL)
562 return 0;
563 /* Sigalg implementations shouldn't do digest_sign */
564 if (pdsactx->flag_sigalg)
565 return 0;
566
567 return dsa_signverify_message_update(vpdsactx, data, datalen);
568 }
569
dsa_digest_sign_final(void * vpdsactx,unsigned char * sig,size_t * siglen,size_t sigsize)570 static int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig,
571 size_t *siglen, size_t sigsize)
572 {
573 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
574 int ok = 0;
575
576 if (pdsactx == NULL)
577 return 0;
578 /* Sigalg implementations shouldn't do digest_sign */
579 if (pdsactx->flag_sigalg)
580 return 0;
581
582 ok = dsa_sign_message_final(pdsactx, sig, siglen, sigsize);
583
584 pdsactx->flag_allow_md = 1;
585
586 return ok;
587 }
588
dsa_digest_verify_init(void * vpdsactx,const char * mdname,void * vdsa,const OSSL_PARAM params[])589 static int dsa_digest_verify_init(void *vpdsactx, const char *mdname,
590 void *vdsa, const OSSL_PARAM params[])
591 {
592 return dsa_digest_signverify_init(vpdsactx, mdname, vdsa, params,
593 EVP_PKEY_OP_VERIFYMSG,
594 "DSA Digest Verify Init");
595 }
596
dsa_digest_verify_final(void * vpdsactx,const unsigned char * sig,size_t siglen)597 int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig,
598 size_t siglen)
599 {
600 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
601 int ok = 0;
602
603 if (pdsactx == NULL)
604 return 0;
605 /* Sigalg implementations shouldn't do digest_verify */
606 if (pdsactx->flag_sigalg)
607 return 0;
608
609 if (dsa_verify_set_sig(pdsactx, sig, siglen))
610 ok = dsa_verify_message_final(vpdsactx);
611
612 pdsactx->flag_allow_md = 1;
613
614 return ok;
615 }
616
dsa_freectx(void * vpdsactx)617 static void dsa_freectx(void *vpdsactx)
618 {
619 PROV_DSA_CTX *ctx = (PROV_DSA_CTX *)vpdsactx;
620
621 EVP_MD_CTX_free(ctx->mdctx);
622 EVP_MD_free(ctx->md);
623 OPENSSL_free(ctx->sig);
624 OPENSSL_free(ctx->propq);
625 DSA_free(ctx->dsa);
626 OPENSSL_free(ctx);
627 }
628
dsa_dupctx(void * vpdsactx)629 static void *dsa_dupctx(void *vpdsactx)
630 {
631 PROV_DSA_CTX *srcctx = (PROV_DSA_CTX *)vpdsactx;
632 PROV_DSA_CTX *dstctx;
633
634 if (!ossl_prov_is_running())
635 return NULL;
636
637 dstctx = OPENSSL_zalloc(sizeof(*srcctx));
638 if (dstctx == NULL)
639 return NULL;
640
641 *dstctx = *srcctx;
642 dstctx->dsa = NULL;
643 dstctx->propq = NULL;
644
645 if (srcctx->dsa != NULL && !DSA_up_ref(srcctx->dsa))
646 goto err;
647 dstctx->dsa = srcctx->dsa;
648
649 if (srcctx->md != NULL && !EVP_MD_up_ref(srcctx->md))
650 goto err;
651 dstctx->md = srcctx->md;
652
653 if (srcctx->mdctx != NULL) {
654 dstctx->mdctx = EVP_MD_CTX_new();
655 if (dstctx->mdctx == NULL
656 || !EVP_MD_CTX_copy_ex(dstctx->mdctx, srcctx->mdctx))
657 goto err;
658 }
659
660 if (srcctx->propq != NULL) {
661 dstctx->propq = OPENSSL_strdup(srcctx->propq);
662 if (dstctx->propq == NULL)
663 goto err;
664 }
665
666 return dstctx;
667 err:
668 dsa_freectx(dstctx);
669 return NULL;
670 }
671
dsa_get_ctx_params(void * vpdsactx,OSSL_PARAM * params)672 static int dsa_get_ctx_params(void *vpdsactx, OSSL_PARAM *params)
673 {
674 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
675 OSSL_PARAM *p;
676
677 if (pdsactx == NULL)
678 return 0;
679
680 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_ALGORITHM_ID);
681 if (p != NULL
682 && !OSSL_PARAM_set_octet_string(p,
683 pdsactx->aid_len == 0 ? NULL : pdsactx->aid_buf,
684 pdsactx->aid_len))
685 return 0;
686
687 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_DIGEST);
688 if (p != NULL && !OSSL_PARAM_set_utf8_string(p, pdsactx->mdname))
689 return 0;
690
691 p = OSSL_PARAM_locate(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE);
692 if (p != NULL && !OSSL_PARAM_set_uint(p, pdsactx->nonce_type))
693 return 0;
694 if (!OSSL_FIPS_IND_GET_CTX_PARAM(pdsactx, params))
695 return 0;
696
697 return 1;
698 }
699
700 static const OSSL_PARAM known_gettable_ctx_params[] = {
701 OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_ALGORITHM_ID, NULL, 0),
702 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
703 OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL),
704 OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
705 OSSL_PARAM_END
706 };
707
dsa_gettable_ctx_params(ossl_unused void * ctx,ossl_unused void * provctx)708 static const OSSL_PARAM *dsa_gettable_ctx_params(ossl_unused void *ctx,
709 ossl_unused void *provctx)
710 {
711 return known_gettable_ctx_params;
712 }
713
714 /**
715 * @brief Setup common params for dsa_set_ctx_params and dsa_sigalg_set_ctx_params
716 * The caller is responsible for checking |vpdsactx| is not NULL and |params|
717 * is not empty.
718 */
dsa_common_set_ctx_params(void * vpdsactx,const OSSL_PARAM params[])719 static int dsa_common_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
720 {
721 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
722 const OSSL_PARAM *p;
723
724 if (!OSSL_FIPS_IND_SET_CTX_PARAM(pdsactx, OSSL_FIPS_IND_SETTABLE0, params,
725 OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK))
726 return 0;
727 if (!OSSL_FIPS_IND_SET_CTX_PARAM(pdsactx, OSSL_FIPS_IND_SETTABLE1, params,
728 OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK))
729 return 0;
730 if (!OSSL_FIPS_IND_SET_CTX_PARAM(pdsactx, OSSL_FIPS_IND_SETTABLE2, params,
731 OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK))
732 return 0;
733
734 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_NONCE_TYPE);
735 if (p != NULL
736 && !OSSL_PARAM_get_uint(p, &pdsactx->nonce_type))
737 return 0;
738 return 1;
739 }
740
741 #define DSA_COMMON_SETTABLE_CTX_PARAMS \
742 OSSL_PARAM_uint(OSSL_SIGNATURE_PARAM_NONCE_TYPE, NULL), \
743 OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK) \
744 OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK) \
745 OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK) \
746 OSSL_PARAM_END
747
dsa_set_ctx_params(void * vpdsactx,const OSSL_PARAM params[])748 static int dsa_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
749 {
750 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
751 const OSSL_PARAM *p;
752 int ret;
753
754 if (pdsactx == NULL)
755 return 0;
756 if (ossl_param_is_empty(params))
757 return 1;
758
759 if ((ret = dsa_common_set_ctx_params(pdsactx, params)) <= 0)
760 return ret;
761
762 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_DIGEST);
763 if (p != NULL) {
764 char mdname[OSSL_MAX_NAME_SIZE] = "", *pmdname = mdname;
765 char mdprops[OSSL_MAX_PROPQUERY_SIZE] = "", *pmdprops = mdprops;
766 const OSSL_PARAM *propsp =
767 OSSL_PARAM_locate_const(params,
768 OSSL_SIGNATURE_PARAM_PROPERTIES);
769
770 if (!OSSL_PARAM_get_utf8_string(p, &pmdname, sizeof(mdname)))
771 return 0;
772 if (propsp != NULL
773 && !OSSL_PARAM_get_utf8_string(propsp, &pmdprops, sizeof(mdprops)))
774 return 0;
775 if (!dsa_setup_md(pdsactx, mdname, mdprops, "DSA Set Ctx"))
776 return 0;
777 }
778 return 1;
779 }
780
781 static const OSSL_PARAM settable_ctx_params[] = {
782 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, NULL, 0),
783 OSSL_PARAM_utf8_string(OSSL_SIGNATURE_PARAM_PROPERTIES, NULL, 0),
784 DSA_COMMON_SETTABLE_CTX_PARAMS
785 };
786
787 static const OSSL_PARAM settable_ctx_params_no_digest[] = {
788 OSSL_PARAM_END
789 };
790
dsa_settable_ctx_params(void * vpdsactx,ossl_unused void * provctx)791 static const OSSL_PARAM *dsa_settable_ctx_params(void *vpdsactx,
792 ossl_unused void *provctx)
793 {
794 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
795
796 if (pdsactx != NULL && !pdsactx->flag_allow_md)
797 return settable_ctx_params_no_digest;
798 return settable_ctx_params;
799 }
800
dsa_get_ctx_md_params(void * vpdsactx,OSSL_PARAM * params)801 static int dsa_get_ctx_md_params(void *vpdsactx, OSSL_PARAM *params)
802 {
803 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
804
805 if (pdsactx->mdctx == NULL)
806 return 0;
807
808 return EVP_MD_CTX_get_params(pdsactx->mdctx, params);
809 }
810
dsa_gettable_ctx_md_params(void * vpdsactx)811 static const OSSL_PARAM *dsa_gettable_ctx_md_params(void *vpdsactx)
812 {
813 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
814
815 if (pdsactx->md == NULL)
816 return 0;
817
818 return EVP_MD_gettable_ctx_params(pdsactx->md);
819 }
820
dsa_set_ctx_md_params(void * vpdsactx,const OSSL_PARAM params[])821 static int dsa_set_ctx_md_params(void *vpdsactx, const OSSL_PARAM params[])
822 {
823 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
824
825 if (pdsactx->mdctx == NULL)
826 return 0;
827
828 return EVP_MD_CTX_set_params(pdsactx->mdctx, params);
829 }
830
dsa_settable_ctx_md_params(void * vpdsactx)831 static const OSSL_PARAM *dsa_settable_ctx_md_params(void *vpdsactx)
832 {
833 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
834
835 if (pdsactx->md == NULL)
836 return 0;
837
838 return EVP_MD_settable_ctx_params(pdsactx->md);
839 }
840
841 const OSSL_DISPATCH ossl_dsa_signature_functions[] = {
842 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx },
843 { OSSL_FUNC_SIGNATURE_SIGN_INIT, (void (*)(void))dsa_sign_init },
844 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign },
845 { OSSL_FUNC_SIGNATURE_VERIFY_INIT, (void (*)(void))dsa_verify_init },
846 { OSSL_FUNC_SIGNATURE_VERIFY, (void (*)(void))dsa_verify },
847 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_INIT,
848 (void (*)(void))dsa_digest_sign_init },
849 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_UPDATE,
850 (void (*)(void))dsa_digest_signverify_update },
851 { OSSL_FUNC_SIGNATURE_DIGEST_SIGN_FINAL,
852 (void (*)(void))dsa_digest_sign_final },
853 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_INIT,
854 (void (*)(void))dsa_digest_verify_init },
855 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_UPDATE,
856 (void (*)(void))dsa_digest_signverify_update },
857 { OSSL_FUNC_SIGNATURE_DIGEST_VERIFY_FINAL,
858 (void (*)(void))dsa_digest_verify_final },
859 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx },
860 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx },
861 { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, (void (*)(void))dsa_get_ctx_params },
862 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS,
863 (void (*)(void))dsa_gettable_ctx_params },
864 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, (void (*)(void))dsa_set_ctx_params },
865 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS,
866 (void (*)(void))dsa_settable_ctx_params },
867 { OSSL_FUNC_SIGNATURE_GET_CTX_MD_PARAMS,
868 (void (*)(void))dsa_get_ctx_md_params },
869 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_MD_PARAMS,
870 (void (*)(void))dsa_gettable_ctx_md_params },
871 { OSSL_FUNC_SIGNATURE_SET_CTX_MD_PARAMS,
872 (void (*)(void))dsa_set_ctx_md_params },
873 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_MD_PARAMS,
874 (void (*)(void))dsa_settable_ctx_md_params },
875 OSSL_DISPATCH_END
876 };
877
878 /* ------------------------------------------------------------------ */
879
880 /*
881 * So called sigalgs (composite DSA+hash) implemented below. They
882 * are pretty much hard coded.
883 */
884
885 static OSSL_FUNC_signature_query_key_types_fn dsa_sigalg_query_key_types;
886 static OSSL_FUNC_signature_settable_ctx_params_fn dsa_sigalg_settable_ctx_params;
887 static OSSL_FUNC_signature_set_ctx_params_fn dsa_sigalg_set_ctx_params;
888
889 /*
890 * dsa_sigalg_signverify_init() is almost like dsa_digest_signverify_init(),
891 * just doesn't allow fetching an MD from whatever the user chooses.
892 */
dsa_sigalg_signverify_init(void * vpdsactx,void * vdsa,OSSL_FUNC_signature_set_ctx_params_fn * set_ctx_params,const OSSL_PARAM params[],const char * mdname,int operation,const char * desc)893 static int dsa_sigalg_signverify_init(void *vpdsactx, void *vdsa,
894 OSSL_FUNC_signature_set_ctx_params_fn *set_ctx_params,
895 const OSSL_PARAM params[],
896 const char *mdname,
897 int operation, const char *desc)
898 {
899 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
900
901 if (!ossl_prov_is_running())
902 return 0;
903
904 if (!dsa_signverify_init(vpdsactx, vdsa, set_ctx_params, params, operation,
905 desc))
906 return 0;
907
908 if (!dsa_setup_md(pdsactx, mdname, NULL, desc))
909 return 0;
910
911 pdsactx->flag_sigalg = 1;
912 pdsactx->flag_allow_md = 0;
913
914 if (pdsactx->mdctx == NULL) {
915 pdsactx->mdctx = EVP_MD_CTX_new();
916 if (pdsactx->mdctx == NULL)
917 goto error;
918 }
919
920 if (!EVP_DigestInit_ex2(pdsactx->mdctx, pdsactx->md, params))
921 goto error;
922
923 return 1;
924
925 error:
926 EVP_MD_CTX_free(pdsactx->mdctx);
927 pdsactx->mdctx = NULL;
928 return 0;
929 }
930
dsa_sigalg_query_key_types(void)931 static const char **dsa_sigalg_query_key_types(void)
932 {
933 static const char *keytypes[] = { "DSA", NULL };
934
935 return keytypes;
936 }
937
938 static const OSSL_PARAM settable_sigalg_ctx_params[] = {
939 OSSL_PARAM_octet_string(OSSL_SIGNATURE_PARAM_SIGNATURE, NULL, 0),
940 DSA_COMMON_SETTABLE_CTX_PARAMS
941 };
942
dsa_sigalg_settable_ctx_params(void * vpdsactx,ossl_unused void * provctx)943 static const OSSL_PARAM *dsa_sigalg_settable_ctx_params(void *vpdsactx,
944 ossl_unused void *provctx)
945 {
946 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
947
948 if (pdsactx != NULL && pdsactx->operation == EVP_PKEY_OP_VERIFYMSG)
949 return settable_sigalg_ctx_params;
950 return NULL;
951 }
952
dsa_sigalg_set_ctx_params(void * vpdsactx,const OSSL_PARAM params[])953 static int dsa_sigalg_set_ctx_params(void *vpdsactx, const OSSL_PARAM params[])
954 {
955 PROV_DSA_CTX *pdsactx = (PROV_DSA_CTX *)vpdsactx;
956 const OSSL_PARAM *p;
957 int ret;
958
959 if (pdsactx == NULL)
960 return 0;
961 if (ossl_param_is_empty(params))
962 return 1;
963
964 if ((ret = dsa_common_set_ctx_params(pdsactx, params)) <= 0)
965 return ret;
966
967 if (pdsactx->operation == EVP_PKEY_OP_VERIFYMSG) {
968 p = OSSL_PARAM_locate_const(params, OSSL_SIGNATURE_PARAM_SIGNATURE);
969 if (p != NULL) {
970 OPENSSL_free(pdsactx->sig);
971 pdsactx->sig = NULL;
972 pdsactx->siglen = 0;
973 if (!OSSL_PARAM_get_octet_string(p, (void **)&pdsactx->sig,
974 0, &pdsactx->siglen))
975 return 0;
976 }
977 }
978 return 1;
979 }
980
981 #define IMPL_DSA_SIGALG(md, MD) \
982 static OSSL_FUNC_signature_sign_init_fn dsa_##md##_sign_init; \
983 static OSSL_FUNC_signature_sign_message_init_fn \
984 dsa_##md##_sign_message_init; \
985 static OSSL_FUNC_signature_verify_init_fn dsa_##md##_verify_init; \
986 static OSSL_FUNC_signature_verify_message_init_fn \
987 dsa_##md##_verify_message_init; \
988 \
989 static int \
990 dsa_##md##_sign_init(void *vpdsactx, void *vdsa, \
991 const OSSL_PARAM params[]) \
992 { \
993 static const char desc[] = "DSA-" #MD " Sign Init"; \
994 \
995 return dsa_sigalg_signverify_init(vpdsactx, vdsa, \
996 dsa_sigalg_set_ctx_params, \
997 params, #MD, \
998 EVP_PKEY_OP_SIGN, \
999 desc); \
1000 } \
1001 \
1002 static int \
1003 dsa_##md##_sign_message_init(void *vpdsactx, void *vdsa, \
1004 const OSSL_PARAM params[]) \
1005 { \
1006 static const char desc[] = "DSA-" #MD " Sign Message Init"; \
1007 \
1008 return dsa_sigalg_signverify_init(vpdsactx, vdsa, \
1009 dsa_sigalg_set_ctx_params, \
1010 params, #MD, \
1011 EVP_PKEY_OP_SIGNMSG, \
1012 desc); \
1013 } \
1014 \
1015 static int \
1016 dsa_##md##_verify_init(void *vpdsactx, void *vdsa, \
1017 const OSSL_PARAM params[]) \
1018 { \
1019 static const char desc[] = "DSA-" #MD " Verify Init"; \
1020 \
1021 return dsa_sigalg_signverify_init(vpdsactx, vdsa, \
1022 dsa_sigalg_set_ctx_params, \
1023 params, #MD, \
1024 EVP_PKEY_OP_VERIFY, \
1025 desc); \
1026 } \
1027 \
1028 static int \
1029 dsa_##md##_verify_message_init(void *vpdsactx, void *vdsa, \
1030 const OSSL_PARAM params[]) \
1031 { \
1032 static const char desc[] = "DSA-" #MD " Verify Message Init"; \
1033 \
1034 return dsa_sigalg_signverify_init(vpdsactx, vdsa, \
1035 dsa_sigalg_set_ctx_params, \
1036 params, #MD, \
1037 EVP_PKEY_OP_VERIFYMSG, \
1038 desc); \
1039 } \
1040 \
1041 const OSSL_DISPATCH ossl_dsa_##md##_signature_functions[] = { \
1042 { OSSL_FUNC_SIGNATURE_NEWCTX, (void (*)(void))dsa_newctx }, \
1043 { OSSL_FUNC_SIGNATURE_SIGN_INIT, \
1044 (void (*)(void))dsa_##md##_sign_init }, \
1045 { OSSL_FUNC_SIGNATURE_SIGN, (void (*)(void))dsa_sign }, \
1046 { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_INIT, \
1047 (void (*)(void))dsa_##md##_sign_message_init }, \
1048 { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_UPDATE, \
1049 (void (*)(void))dsa_signverify_message_update }, \
1050 { OSSL_FUNC_SIGNATURE_SIGN_MESSAGE_FINAL, \
1051 (void (*)(void))dsa_sign_message_final }, \
1052 { OSSL_FUNC_SIGNATURE_VERIFY_INIT, \
1053 (void (*)(void))dsa_##md##_verify_init }, \
1054 { OSSL_FUNC_SIGNATURE_VERIFY, \
1055 (void (*)(void))dsa_verify }, \
1056 { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_INIT, \
1057 (void (*)(void))dsa_##md##_verify_message_init }, \
1058 { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_UPDATE, \
1059 (void (*)(void))dsa_signverify_message_update }, \
1060 { OSSL_FUNC_SIGNATURE_VERIFY_MESSAGE_FINAL, \
1061 (void (*)(void))dsa_verify_message_final }, \
1062 { OSSL_FUNC_SIGNATURE_FREECTX, (void (*)(void))dsa_freectx }, \
1063 { OSSL_FUNC_SIGNATURE_DUPCTX, (void (*)(void))dsa_dupctx }, \
1064 { OSSL_FUNC_SIGNATURE_QUERY_KEY_TYPES, \
1065 (void (*)(void))dsa_sigalg_query_key_types }, \
1066 { OSSL_FUNC_SIGNATURE_GET_CTX_PARAMS, \
1067 (void (*)(void))dsa_get_ctx_params }, \
1068 { OSSL_FUNC_SIGNATURE_GETTABLE_CTX_PARAMS, \
1069 (void (*)(void))dsa_gettable_ctx_params }, \
1070 { OSSL_FUNC_SIGNATURE_SET_CTX_PARAMS, \
1071 (void (*)(void))dsa_sigalg_set_ctx_params }, \
1072 { OSSL_FUNC_SIGNATURE_SETTABLE_CTX_PARAMS, \
1073 (void (*)(void))dsa_sigalg_settable_ctx_params }, \
1074 OSSL_DISPATCH_END \
1075 }
1076
1077 IMPL_DSA_SIGALG(sha1, SHA1);
1078 IMPL_DSA_SIGALG(sha224, SHA2-224);
1079 IMPL_DSA_SIGALG(sha256, SHA2-256);
1080 IMPL_DSA_SIGALG(sha384, SHA2-384);
1081 IMPL_DSA_SIGALG(sha512, SHA2-512);
1082 IMPL_DSA_SIGALG(sha3_224, SHA3-224);
1083 IMPL_DSA_SIGALG(sha3_256, SHA3-256);
1084 IMPL_DSA_SIGALG(sha3_384, SHA3-384);
1085 IMPL_DSA_SIGALG(sha3_512, SHA3-512);
1086