DSA_SET_METHOD(3) Library Functions Manual DSA_SET_METHOD(3)

DSA_set_default_method, DSA_get_default_method, DSA_set_method, DSA_new_method, DSA_OpenSSLselect DSA method

#include <openssl/dsa.h>

DSA_set_default_method(const DSA_METHOD *meth);

const DSA_METHOD *

DSA_set_method(DSA *dsa, const DSA_METHOD *meth);

DSA_new_method(ENGINE *engine);


A DSA_METHOD object contains pointers to the functions used for DSA operations. By default, the internal implementation returned by () is used. By selecting another method, alternative implementations such as hardware accelerators may be used.

() selects meth as the default method for all DSA structures created later.

() returns a pointer to the current default method.

() selects meth to perform all operations using the key dsa. This replaces the DSA_METHOD used by the DSA key. It is possible to have DSA keys that only work with certain DSA_METHOD implementations, and in such cases attempting to change the DSA_METHOD for the key can have unexpected results.

() allocates and initializes a DSA structure. The engine argument is ignored and the default method controlled by DSA_set_default_method() is used.

The DSA_METHOD structure is defined as follows:

     /* name of the implementation */
	const char *name;

     /* sign */
	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
                                 DSA *dsa);

     /* pre-compute k^-1 and r */
	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
                                 BIGNUM **rp);

     /* verify */
	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
                                 DSA_SIG *sig, DSA *dsa);

     /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
                                          implementations) */
	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
                                 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
                                 BN_CTX *ctx, BN_MONT_CTX *in_mont);

     /* compute r = a ^ p mod m (May be NULL for some implementations) */
        int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
                                 const BIGNUM *p, const BIGNUM *m,
                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);

     /* called at DSA_new */
        int (*init)(DSA *DSA);

     /* called at DSA_free */
        int (*finish)(DSA *DSA);

        int flags;

        char *app_data; /* ?? */


DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective DSA_METHOD.

DSA_set_method() returns 1 on success or 0 on failure. Currently, it cannot fail.

DSA_new_method() returns NULL and sets an error code that can be obtained by ERR_get_error(3) if the allocation fails. Otherwise it returns a pointer to the newly allocated structure.

DSA_meth_new(3), DSA_new(3)

DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(), DSA_new_method(), and DSA_OpenSSL() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.

November 19, 2023 OpenBSD 7.5