| Index: openssl/crypto/dsa/dsa.h
|
| ===================================================================
|
| --- openssl/crypto/dsa/dsa.h (revision 105093)
|
| +++ openssl/crypto/dsa/dsa.h (working copy)
|
| @@ -88,8 +88,6 @@
|
| # define OPENSSL_DSA_MAX_MODULUS_BITS 10000
|
| #endif
|
|
|
| -#define OPENSSL_DSA_FIPS_MIN_MODULUS_BITS 1024
|
| -
|
| #define DSA_FLAG_CACHE_MONT_P 0x01
|
| #define DSA_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DSA
|
| * implementation now uses constant time
|
| @@ -99,25 +97,6 @@
|
| * be used for all exponents.
|
| */
|
|
|
| -/* If this flag is set the DSA method is FIPS compliant and can be used
|
| - * in FIPS mode. This is set in the validated module method. If an
|
| - * application sets this flag in its own methods it is its reposibility
|
| - * to ensure the result is compliant.
|
| - */
|
| -
|
| -#define DSA_FLAG_FIPS_METHOD 0x0400
|
| -
|
| -/* If this flag is set the operations normally disabled in FIPS mode are
|
| - * permitted it is then the applications responsibility to ensure that the
|
| - * usage is compliant.
|
| - */
|
| -
|
| -#define DSA_FLAG_NON_FIPS_ALLOW 0x0400
|
| -
|
| -#ifdef OPENSSL_FIPS
|
| -#define FIPS_DSA_SIZE_T int
|
| -#endif
|
| -
|
| #ifdef __cplusplus
|
| extern "C" {
|
| #endif
|
| @@ -139,7 +118,7 @@
|
| int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
|
| BIGNUM **rp);
|
| int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
|
| - DSA_SIG *sig, DSA *dsa);
|
| + DSA_SIG *sig, DSA *dsa);
|
| int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
|
| BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
|
| BN_MONT_CTX *in_mont);
|
| @@ -152,7 +131,7 @@
|
| char *app_data;
|
| /* If this is non-NULL, it is used to generate DSA parameters */
|
| int (*dsa_paramgen)(DSA *dsa, int bits,
|
| - unsigned char *seed, int seed_len,
|
| + const unsigned char *seed, int seed_len,
|
| int *counter_ret, unsigned long *h_ret,
|
| BN_GENCB *cb);
|
| /* If this is non-NULL, it is used to generate DSA keys */
|
| @@ -186,7 +165,6 @@
|
| ENGINE *engine;
|
| };
|
|
|
| -#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
|
| #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
|
| (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
|
| #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
|
| @@ -195,6 +173,7 @@
|
| #define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
|
|
|
|
|
| +DSA *DSAparams_dup(DSA *x);
|
| DSA_SIG * DSA_SIG_new(void);
|
| void DSA_SIG_free(DSA_SIG *a);
|
| int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
|
| @@ -210,11 +189,6 @@
|
| const DSA_METHOD *DSA_get_default_method(void);
|
| int DSA_set_method(DSA *dsa, const DSA_METHOD *);
|
|
|
| -#ifdef OPENSSL_FIPS
|
| -DSA * FIPS_dsa_new(void);
|
| -void FIPS_dsa_free (DSA *r);
|
| -#endif
|
| -
|
| DSA * DSA_new(void);
|
| DSA * DSA_new_method(ENGINE *engine);
|
| void DSA_free (DSA *r);
|
| @@ -246,7 +220,7 @@
|
|
|
| /* New version */
|
| int DSA_generate_parameters_ex(DSA *dsa, int bits,
|
| - unsigned char *seed,int seed_len,
|
| + const unsigned char *seed,int seed_len,
|
| int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
|
|
|
| int DSA_generate_key(DSA *a);
|
| @@ -275,11 +249,14 @@
|
| DH *DSA_dup_DH(const DSA *r);
|
| #endif
|
|
|
| -#ifdef OPENSSL_FIPS
|
| -int FIPS_dsa_sig_encode(unsigned char *out, DSA_SIG *sig);
|
| -int FIPS_dsa_sig_decode(DSA_SIG *sig, const unsigned char *in, int inlen);
|
| -#endif
|
| +#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
|
| + EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
|
| + EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
|
|
|
| +#define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS (EVP_PKEY_ALG_CTRL + 1)
|
| +#define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS (EVP_PKEY_ALG_CTRL + 2)
|
| +#define EVP_PKEY_CTRL_DSA_PARAMGEN_MD (EVP_PKEY_ALG_CTRL + 3)
|
| +
|
| /* BEGIN ERROR CODES */
|
| /* The following lines are auto generated by the script mkerr.pl. Any changes
|
| * made after this point may be overwritten when the script is next run.
|
| @@ -290,33 +267,39 @@
|
|
|
| /* Function codes. */
|
| #define DSA_F_D2I_DSA_SIG 110
|
| +#define DSA_F_DO_DSA_PRINT 104
|
| #define DSA_F_DSAPARAMS_PRINT 100
|
| #define DSA_F_DSAPARAMS_PRINT_FP 101
|
| -#define DSA_F_DSA_BUILTIN_KEYGEN 119
|
| -#define DSA_F_DSA_BUILTIN_PARAMGEN 118
|
| #define DSA_F_DSA_DO_SIGN 112
|
| #define DSA_F_DSA_DO_VERIFY 113
|
| -#define DSA_F_DSA_GENERATE_PARAMETERS 117
|
| #define DSA_F_DSA_NEW_METHOD 103
|
| -#define DSA_F_DSA_PRINT 104
|
| +#define DSA_F_DSA_PARAM_DECODE 119
|
| #define DSA_F_DSA_PRINT_FP 105
|
| -#define DSA_F_DSA_SET_DEFAULT_METHOD 115
|
| -#define DSA_F_DSA_SET_METHOD 116
|
| +#define DSA_F_DSA_PRIV_DECODE 115
|
| +#define DSA_F_DSA_PRIV_ENCODE 116
|
| +#define DSA_F_DSA_PUB_DECODE 117
|
| +#define DSA_F_DSA_PUB_ENCODE 118
|
| #define DSA_F_DSA_SIGN 106
|
| #define DSA_F_DSA_SIGN_SETUP 107
|
| #define DSA_F_DSA_SIG_NEW 109
|
| #define DSA_F_DSA_VERIFY 108
|
| #define DSA_F_I2D_DSA_SIG 111
|
| +#define DSA_F_OLD_DSA_PRIV_DECODE 122
|
| +#define DSA_F_PKEY_DSA_CTRL 120
|
| +#define DSA_F_PKEY_DSA_KEYGEN 121
|
| #define DSA_F_SIG_CB 114
|
|
|
| /* Reason codes. */
|
| #define DSA_R_BAD_Q_VALUE 102
|
| +#define DSA_R_BN_DECODE_ERROR 108
|
| +#define DSA_R_BN_ERROR 109
|
| #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
|
| -#define DSA_R_KEY_SIZE_TOO_SMALL 106
|
| +#define DSA_R_DECODE_ERROR 104
|
| +#define DSA_R_INVALID_DIGEST_TYPE 106
|
| #define DSA_R_MISSING_PARAMETERS 101
|
| #define DSA_R_MODULUS_TOO_LARGE 103
|
| -#define DSA_R_NON_FIPS_METHOD 104
|
| -#define DSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE 105
|
| +#define DSA_R_NO_PARAMETERS_SET 107
|
| +#define DSA_R_PARAMETER_ENCODING_ERROR 105
|
|
|
| #ifdef __cplusplus
|
| }
|
|
|
Chromium Code Reviews
Issue 9254031:
Upgrade chrome's OpenSSL to same version Android ships with. (Closed)
Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/