diff options
author | Matt Caswell <matt@openssl.org> | 2016-03-31 14:22:39 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-04-03 00:23:56 +0100 |
commit | fbaedfdd4748bec057a39141faff6b396e25eac7 (patch) | |
tree | 130be7d21f430357e9060ce0f57296d832f30533 /doc/crypto/DSA_set_method.pod | |
parent | 6e9fa57c6ddde7df49983251373a05cd663aac22 (diff) |
Document functions added as a result of DSA opacity changes
A number of getters/setters have been added for examining DSA objects, as
well as a whole set of functions for creating and buildingup DSA_METHODs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'doc/crypto/DSA_set_method.pod')
-rw-r--r-- | doc/crypto/DSA_set_method.pod | 47 |
1 files changed, 3 insertions, 44 deletions
diff --git a/doc/crypto/DSA_set_method.pod b/doc/crypto/DSA_set_method.pod index 632aadbfd3..1d56ccaab2 100644 --- a/doc/crypto/DSA_set_method.pod +++ b/doc/crypto/DSA_set_method.pod @@ -47,55 +47,14 @@ be released during the change. It is possible to have DSA keys that only work with certain DSA_METHOD implementations (eg. from an ENGINE module that supports embedded hardware-protected keys), and in such cases attempting to change the DSA_METHOD for the key can have unexpected -results. +results. See L<DSA_meth_new> for information on constructing custom DSA_METHOD +objects; DSA_new_method() allocates and initializes a DSA structure so that B<engine> will be used for the DSA operations. If B<engine> is NULL, the default engine for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD controlled by DSA_set_default_method() is used. -=head1 THE DSA_METHOD STRUCTURE - -struct - { - /* name of the implementation */ - const char *name; - - /* sign */ - DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, - DSA *dsa); - - /* pre-compute k^-1 and r */ - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - - /* verify */ - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - - /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some - implementations) */ - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); - - /* called at DSA_new */ - int (*init)(DSA *DSA); - - /* called at DSA_free */ - int (*finish)(DSA *DSA); - - int flags; - - char *app_data; /* ?? */ - - } DSA_METHOD; - =head1 RETURN VALUES DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective @@ -113,6 +72,6 @@ fails. Otherwise it returns a pointer to the newly allocated structure. =head1 SEE ALSO -L<dsa(3)>, L<DSA_new(3)> +L<dsa(3)>, L<DSA_new(3)>, L<DSA_meth_new(3)> =cut |