resolve conflicts

9 files changed, 195 insertions, 170 deletions

diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h
index aa0669eb7a9..c0791546259 100644
--- a/lib/libcrypto/dsa/dsa.h
+++ b/lib/libcrypto/dsa/dsa.h
@@ -65,6 +65,8 @@
 #ifndef HEADER_DSA_H
 #define HEADER_DSA_H
 
+#include <openssl/e_os2.h>
+
 #ifdef OPENSSL_NO_DSA
 #error DSA is disabled.
 #endif
@@ -72,12 +74,19 @@
 #ifndef OPENSSL_NO_BIO
 #include <openssl/bio.h>
 #endif
-#include <openssl/bn.h>
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
+
+#ifndef OPENSSL_NO_DEPRECATED
+#include <openssl/bn.h>
 #ifndef OPENSSL_NO_DH
 # include <openssl/dh.h>
 #endif
+#endif
+
+#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+# define OPENSSL_DSA_MAX_MODULUS_BITS	10000
+#endif
 
 #define OPENSSL_DSA_MAX_MODULUS_BITS	3072
 
@@ -90,22 +99,13 @@
                                               * be used for all exponents.
                                               */
 
-/* If this flag is set external DSA_METHOD callbacks are allowed in FIPS mode
- * it is then the applications responsibility to ensure the external method
- * is compliant.
- */
-
-#define DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW	0x04
-
-#if defined(OPENSSL_FIPS)
-#define FIPS_DSA_SIZE_T	int
-#endif
-
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-typedef struct dsa_st DSA;
+/* Already defined in ossl_typ.h */
+/* typedef struct dsa_st DSA; */
+/* typedef struct dsa_method DSA_METHOD; */
 
 typedef struct DSA_SIG_st
 	{
@@ -113,7 +113,8 @@ typedef struct DSA_SIG_st
 	BIGNUM *s;
 	} DSA_SIG;
 
-typedef struct dsa_method {
+struct dsa_method
+	{
 	const char *name;
 	DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
 	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
@@ -130,7 +131,14 @@ typedef struct dsa_method {
 	int (*finish)(DSA *dsa);
 	int flags;
 	char *app_data;
-} DSA_METHOD;
+	/* If this is non-NULL, it is used to generate DSA parameters */
+	int (*dsa_paramgen)(DSA *dsa, int bits,
+			unsigned char *seed, int seed_len,
+			int *counter_ret, unsigned long *h_ret,
+			BN_GENCB *cb);
+	/* If this is non-NULL, it is used to generate DSA keys */
+	int (*dsa_keygen)(DSA *dsa);
+	};
 
 struct dsa_st
 	{
@@ -151,7 +159,7 @@ struct dsa_st
 
 	int flags;
 	/* Normally used to cache montgomery values */
-	char *method_mont_p;
+	BN_MONT_CTX *method_mont_p;
 	int references;
 	CRYPTO_EX_DATA ex_data;
 	const DSA_METHOD *meth;
@@ -159,16 +167,13 @@ struct dsa_st
 	ENGINE *engine;
 	};
 
-#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
-		(char *(*)())d2i_DSAparams,(char *)(x))
+#define DSAparams_dup(x) ASN1_dup_of_const(DSA,i2d_DSAparams,d2i_DSAparams,x)
 #define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
 		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
 #define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
 		(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
-		(unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
 
 
 DSA_SIG * DSA_SIG_new(void);
@@ -206,10 +211,20 @@ void *DSA_get_ex_data(DSA *d, int idx);
 DSA *	d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
 DSA *	d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
 DSA * 	d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+
+/* Deprecated version */
+#ifndef OPENSSL_NO_DEPRECATED
 DSA *	DSA_generate_parameters(int bits,
 		unsigned char *seed,int seed_len,
 		int *counter_ret, unsigned long *h_ret,void
 		(*callback)(int, int, void *),void *cb_arg);
+#endif /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int	DSA_generate_parameters_ex(DSA *dsa, int bits,
+		unsigned char *seed,int seed_len,
+		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
 int	DSA_generate_key(DSA *a);
 int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
 int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
diff --git a/lib/libcrypto/dsa/dsa_err.c b/lib/libcrypto/dsa/dsa_err.c
index d7fac691546..768711994b9 100644
--- a/lib/libcrypto/dsa/dsa_err.c
+++ b/lib/libcrypto/dsa/dsa_err.c
@@ -100,15 +100,12 @@ static ERR_STRING_DATA DSA_str_reasons[]=
 
 void ERR_load_DSA_strings(void)
 	{
-	static int init=1;
+#ifndef OPENSSL_NO_ERR
 
-	if (init)
+	if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
 		{
-		init=0;
-#ifndef OPENSSL_NO_ERR
 		ERR_load_strings(0,DSA_str_functs);
 		ERR_load_strings(0,DSA_str_reasons);
-#endif
-
 		}
+#endif
 	}
diff --git a/lib/libcrypto/dsa/dsa_gen.c b/lib/libcrypto/dsa/dsa_gen.c
index e40afeea516..ca0b86a6cfc 100644
--- a/lib/libcrypto/dsa/dsa_gen.c
+++ b/lib/libcrypto/dsa/dsa_gen.c
@@ -69,6 +69,8 @@
 #define HASH    EVP_sha1()
 #endif 
 
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
+
 #ifndef OPENSSL_NO_SHA
 
 #include <stdio.h>
@@ -80,12 +82,24 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-#ifndef OPENSSL_FIPS
-DSA *DSA_generate_parameters(int bits,
+static int dsa_builtin_paramgen(DSA *ret, int bits,
+		unsigned char *seed_in, int seed_len,
+		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+int DSA_generate_parameters_ex(DSA *ret, int bits,
+		unsigned char *seed_in, int seed_len,
+		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+	{
+	if(ret->meth->dsa_paramgen)
+		return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
+				counter_ret, h_ret, cb);
+	return dsa_builtin_paramgen(ret, bits, seed_in, seed_len,
+			counter_ret, h_ret, cb);
+	}
+
+static int dsa_builtin_paramgen(DSA *ret, int bits,
 		unsigned char *seed_in, int seed_len,
-		int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *),
-		void *cb_arg)
+		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
 	{
 	int ok=0;
 	unsigned char seed[SHA_DIGEST_LENGTH];
@@ -97,40 +111,43 @@ DSA *DSA_generate_parameters(int bits,
 	int k,n=0,i,b,m=0;
 	int counter=0;
 	int r=0;
-	BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL;
+	BN_CTX *ctx=NULL;
 	unsigned int h=2;
-	DSA *ret=NULL;
 
 	if (bits < 512) bits=512;
 	bits=(bits+63)/64*64;
 
-	if (seed_len < 20)
+	/* NB: seed_len == 0 is special case: copy generated seed to
+ 	 * seed_in if it is not NULL.
+ 	 */
+	if (seed_len && (seed_len < 20))
 		seed_in = NULL; /* seed buffer too small -- ignore */
 	if (seed_len > 20) 
 		seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED,
 		                * but our internal buffers are restricted to 160 bits*/
 	if ((seed_in != NULL) && (seed_len == 20))
+		{
 		memcpy(seed,seed_in,seed_len);
+		/* set seed_in to NULL to avoid it being copied back */
+		seed_in = NULL;
+		}
 
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
-	if ((ctx2=BN_CTX_new()) == NULL) goto err;
-	if ((ctx3=BN_CTX_new()) == NULL) goto err;
-	if ((ret=DSA_new()) == NULL) goto err;
 
 	if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
 
-	BN_CTX_start(ctx2);
-	r0 = BN_CTX_get(ctx2);
-	g = BN_CTX_get(ctx2);
-	W = BN_CTX_get(ctx2);
-	q = BN_CTX_get(ctx2);
-	X = BN_CTX_get(ctx2);
-	c = BN_CTX_get(ctx2);
-	p = BN_CTX_get(ctx2);
-	test = BN_CTX_get(ctx2);
-	if (test == NULL) goto err;
+	BN_CTX_start(ctx);
+	r0 = BN_CTX_get(ctx);
+	g = BN_CTX_get(ctx);
+	W = BN_CTX_get(ctx);
+	q = BN_CTX_get(ctx);
+	X = BN_CTX_get(ctx);
+	c = BN_CTX_get(ctx);
+	p = BN_CTX_get(ctx);
+	test = BN_CTX_get(ctx);
 
-	if (!BN_lshift(test,BN_value_one(),bits-1)) goto err;
+	if (!BN_lshift(test,BN_value_one(),bits-1))
+		goto err;
 
 	for (;;)
 		{
@@ -139,7 +156,8 @@ DSA *DSA_generate_parameters(int bits,
 			int seed_is_random;
 
 			/* step 1 */
-			if (callback != NULL) callback(0,m++,cb_arg);
+			if(!BN_GENCB_call(cb, 0, m++))
+				goto err;
 
 			if (!seed_len)
 				{
@@ -172,7 +190,8 @@ DSA *DSA_generate_parameters(int bits,
 			if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) goto err;
 
 			/* step 4 */
-			r = BN_is_prime_fasttest(q, DSS_prime_checks, callback, ctx3, cb_arg, seed_is_random);
+			r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
+					seed_is_random, cb);
 			if (r > 0)
 				break;
 			if (r != 0)
@@ -182,8 +201,8 @@ DSA *DSA_generate_parameters(int bits,
 			/* step 5 */
 			}
 
-		if (callback != NULL) callback(2,0,cb_arg);
-		if (callback != NULL) callback(3,0,cb_arg);
+		if(!BN_GENCB_call(cb, 2, 0)) goto err;
+		if(!BN_GENCB_call(cb, 3, 0)) goto err;
 
 		/* step 6 */
 		counter=0;
@@ -194,11 +213,11 @@ DSA *DSA_generate_parameters(int bits,
 
 		for (;;)
 			{
-			if (callback != NULL && counter != 0)
-				callback(0,counter,cb_arg);
+			if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
+				goto err;
 
 			/* step 7 */
-			if (!BN_zero(W)) goto err;
+			BN_zero(W);
 			/* now 'buf' contains "SEED + offset - 1" */
 			for (k=0; k<=n; k++)
 				{
@@ -233,7 +252,8 @@ DSA *DSA_generate_parameters(int bits,
 			if (BN_cmp(p,test) >= 0)
 				{
 				/* step 11 */
-				r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1);
+				r = BN_is_prime_fasttest_ex(p, DSS_prime_checks,
+						ctx, 1, cb);
 				if (r > 0)
 						goto end; /* found it */
 				if (r != 0)
@@ -249,7 +269,8 @@ DSA *DSA_generate_parameters(int bits,
 			}
 		}
 end:
-	if (callback != NULL) callback(2,1,cb_arg);
+	if(!BN_GENCB_call(cb, 2, 1))
+		goto err;
 
 	/* We now need to generate g */
 	/* Set r0=(p-1)/q */
@@ -268,16 +289,16 @@ end:
 		h++;
 		}
 
-	if (callback != NULL) callback(3,1,cb_arg);
+	if(!BN_GENCB_call(cb, 3, 1))
+		goto err;
 
 	ok=1;
 err:
-	if (!ok)
-		{
-		if (ret != NULL) DSA_free(ret);
-		}
-	else
+	if (ok)
 		{
+		if(ret->p) BN_free(ret->p);
+		if(ret->q) BN_free(ret->q);
+		if(ret->g) BN_free(ret->g);
 		ret->p=BN_dup(p);
 		ret->q=BN_dup(q);
 		ret->g=BN_dup(g);
@@ -286,20 +307,16 @@ err:
 			ok=0;
 			goto err;
 			}
-		if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
+		if (seed_in != NULL) memcpy(seed_in,seed,20);
 		if (counter_ret != NULL) *counter_ret=counter;
 		if (h_ret != NULL) *h_ret=h;
 		}
-	if (ctx != NULL) BN_CTX_free(ctx);
-	if (ctx2 != NULL)
+	if(ctx)
 		{
-		BN_CTX_end(ctx2);
-		BN_CTX_free(ctx2);
+		BN_CTX_end(ctx);
+		BN_CTX_free(ctx);
 		}
-	if (ctx3 != NULL) BN_CTX_free(ctx3);
 	if (mont != NULL) BN_MONT_CTX_free(mont);
-	return(ok?ret:NULL);
+	return ok;
 	}
-#endif /* ndef OPENSSL_FIPS */
-#endif /* ndef OPENSSL_NO_SHA */
-
+#endif
diff --git a/lib/libcrypto/dsa/dsa_key.c b/lib/libcrypto/dsa/dsa_key.c
index 980b6dc2d30..c4aa86bc6dc 100644
--- a/lib/libcrypto/dsa/dsa_key.c
+++ b/lib/libcrypto/dsa/dsa_key.c
@@ -56,17 +56,25 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
+#ifndef OPENSSL_NO_SHA
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 
-#ifndef OPENSSL_FIPS
+static int dsa_builtin_keygen(DSA *dsa);
+
 int DSA_generate_key(DSA *dsa)
 	{
+	if(dsa->meth->dsa_keygen)
+		return dsa->meth->dsa_keygen(dsa);
+	return dsa_builtin_keygen(dsa);
+	}
+
+static int dsa_builtin_keygen(DSA *dsa)
+	{
 	int ok=0;
 	BN_CTX *ctx=NULL;
 	BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -99,7 +107,7 @@ int DSA_generate_key(DSA *dsa)
 			{
 			BN_init(&local_prk);
 			prk = &local_prk;
-			BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 			}
 		else
 			prk = priv_key;
@@ -118,4 +126,3 @@ err:
 	return(ok);
 	}
 #endif
-#endif
diff --git a/lib/libcrypto/dsa/dsa_lib.c b/lib/libcrypto/dsa/dsa_lib.c
index 4171af24c6c..e9b75902dbc 100644
--- a/lib/libcrypto/dsa/dsa_lib.c
+++ b/lib/libcrypto/dsa/dsa_lib.c
@@ -66,8 +66,11 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
-const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;
+const char DSA_version[]="DSA" OPENSSL_VERSION_PTEXT;
 
 static const DSA_METHOD *default_DSA_method = NULL;
 
diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c
index 5de5fc7e91a..75ff7cc4afa 100644
--- a/lib/libcrypto/dsa/dsa_ossl.c
+++ b/lib/libcrypto/dsa/dsa_ossl.c
@@ -65,33 +65,63 @@
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
 
-#ifndef OPENSSL_FIPS
 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
 static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		  DSA *dsa);
 static int dsa_init(DSA *dsa);
 static int dsa_finish(DSA *dsa);
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-		BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *in_mont);
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx);
 
 static DSA_METHOD openssl_dsa_meth = {
 "OpenSSL DSA method",
 dsa_do_sign,
 dsa_sign_setup,
 dsa_do_verify,
-dsa_mod_exp,
-dsa_bn_mod_exp,
+NULL, /* dsa_mod_exp, */
+NULL, /* dsa_bn_mod_exp, */
 dsa_init,
 dsa_finish,
 0,
+NULL,
+NULL,
 NULL
 };
 
+/* These macro wrappers replace attempts to use the dsa_mod_exp() and
+ * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
+ * having a the macro work as an expression by bundling an "err_instr". So;
+ * 
+ *     if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+ *                 dsa->method_mont_p)) goto err;
+ *
+ * can be replaced by;
+ *
+ *     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
+ *                 dsa->method_mont_p);
+ */
+
+#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
+	do { \
+	int _tmp_res53; \
+	if((dsa)->meth->dsa_mod_exp) \
+		_tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
+				(a2), (p2), (m), (ctx), (in_mont)); \
+	else \
+		_tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
+				(m), (ctx), (in_mont)); \
+	if(!_tmp_res53) err_instr; \
+	} while(0)
+#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
+	do { \
+	int _tmp_res53; \
+	if((dsa)->meth->bn_mod_exp) \
+		_tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
+				(m), (ctx), (m_ctx)); \
+	else \
+		_tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
+	if(!_tmp_res53) err_instr; \
+	} while(0)
+
 const DSA_METHOD *DSA_OpenSSL(void)
 {
 	return &openssl_dsa_meth;
@@ -199,12 +229,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	while (BN_is_zero(&k));
 	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
 		{
-		BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
+		BN_set_flags(&k, BN_FLG_CONSTTIME);
 		}
 
 	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
 		{
-		if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
+		if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
 						CRYPTO_LOCK_DSA,
 						dsa->p, ctx))
 			goto err;
@@ -234,8 +264,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		{
 		K = &k;
 		}
-	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,K,dsa->p,ctx,
-		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
+	DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+			dsa->method_mont_p);
 	if (!BN_mod(r,r,dsa->q,ctx)) goto err;
 
 	/* Compute  part of 's = inv(k) (m + xr) mod q' */
@@ -292,12 +322,14 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 
 	if ((ctx=BN_CTX_new()) == NULL) goto err;
 
-	if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, dsa->q) >= 0)
+	if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
+	    BN_ucmp(sig->r, dsa->q) >= 0)
 		{
 		ret = 0;
 		goto err;
 		}
-	if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, dsa->q) >= 0)
+	if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
+	    BN_ucmp(sig->s, dsa->q) >= 0)
 		{
 		ret = 0;
 		goto err;
@@ -319,43 +351,25 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 
 	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
 		{
-		mont = BN_MONT_CTX_set_locked(
-					(BN_MONT_CTX **)&dsa->method_mont_p,
+		mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
 					CRYPTO_LOCK_DSA, dsa->p, ctx);
 		if (!mont)
 			goto err;
 		}
 
-#if 0
-	{
-	BIGNUM t2;
-
-	BN_init(&t2);
-	/* v = ( g^u1 * y^u2 mod p ) mod q */
-	/* let t1 = g ^ u1 mod p */
-	if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err;
-	/* let t2 = y ^ u2 mod p */
-	if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err;
-	/* let u1 = t1 * t2 mod p */
-	if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn;
-	BN_free(&t2);
-	}
-	/* let u1 = u1 mod q */
-	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;
-#else
-	{
-	if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,
-						dsa->p,ctx,mont)) goto err;
+
+	DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);
 	/* BN_copy(&u1,&t1); */
 	/* let u1 = u1 mod q */
 	if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err;
-	}
-#endif
+
 	/* V is now in u1.  If the signature is correct, it will be
 	 * equal to R. */
 	ret=(BN_ucmp(&u1, sig->r) == 0);
 
 	err:
+	/* XXX: surely this is wrong - if ret is 0, it just didn't verify;
+	   there is no error in BN. Test should be ret == -1 (Ben) */
 	if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB);
 	if (ctx != NULL) BN_CTX_free(ctx);
 	BN_free(&u1);
@@ -373,21 +387,7 @@ static int dsa_init(DSA *dsa)
 static int dsa_finish(DSA *dsa)
 {
 	if(dsa->method_mont_p)
-		BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p);
+		BN_MONT_CTX_free(dsa->method_mont_p);
 	return(1);
 }
 
-static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-		BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-		BN_MONT_CTX *in_mont)
-{
-	return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
-}
-	
-static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx)
-{
-	return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
-#endif
diff --git a/lib/libcrypto/dsa/dsa_sign.c b/lib/libcrypto/dsa/dsa_sign.c
index 37c65efb20e..89205026f01 100644
--- a/lib/libcrypto/dsa/dsa_sign.c
+++ b/lib/libcrypto/dsa/dsa_sign.c
@@ -64,18 +64,9 @@
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/fips.h>
 
 DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
 	{
-#ifdef OPENSSL_FIPS
-	if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-		&& !FIPS_dsa_check(dsa))
-		return NULL;
-#endif
 	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
 	}
 
@@ -96,11 +87,6 @@ int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
 
 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	{
-#ifdef OPENSSL_FIPS
-	if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-		&& !FIPS_dsa_check(dsa))
-		return 0;
-#endif
 	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
 	}
 
diff --git a/lib/libcrypto/dsa/dsa_vrf.c b/lib/libcrypto/dsa/dsa_vrf.c
index c9784bed48e..c4aeddd0560 100644
--- a/lib/libcrypto/dsa/dsa_vrf.c
+++ b/lib/libcrypto/dsa/dsa_vrf.c
@@ -65,19 +65,10 @@
 #include <openssl/rand.h>
 #include <openssl/asn1.h>
 #include <openssl/asn1_mac.h>
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/fips.h>
 
 int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
 		  DSA *dsa)
 	{
-#ifdef OPENSSL_FIPS
-	if(FIPS_mode() && !(dsa->flags & DSA_FLAG_FIPS_EXTERNAL_METHOD_ALLOW)
-		&& !FIPS_dsa_check(dsa))
-		return -1;
-#endif
 	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
 	}
 
diff --git a/lib/libcrypto/dsa/dsatest.c b/lib/libcrypto/dsa/dsatest.c
index 55a3756affb..912317bb443 100644
--- a/lib/libcrypto/dsa/dsatest.c
+++ b/lib/libcrypto/dsa/dsatest.c
@@ -56,6 +56,12 @@
  * [including the GNU Public Licence.]
  */
 
+/* Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code */
+#ifdef OPENSSL_NO_DEPRECATED
+#undef OPENSSL_NO_DEPRECATED
+#endif
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -68,6 +74,7 @@
 #include <openssl/rand.h>
 #include <openssl/bio.h>
 #include <openssl/err.h>
+#include <openssl/bn.h>
 
 #ifdef OPENSSL_NO_DSA
 int main(int argc, char *argv[])
@@ -84,7 +91,7 @@ int main(int argc, char *argv[])
 #define MS_CALLBACK
 #endif
 
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg);
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg);
 
 /* seed, out_p, out_q, out_g are taken from the updated Appendix 5 to
  * FIPS PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1 */
@@ -129,6 +136,7 @@ static BIO *bio_err=NULL;
 
 int main(int argc, char **argv)
 	{
+	BN_GENCB cb;
 	DSA *dsa=NULL;
 	int counter,ret=0,i,j;
 	unsigned char buf[256];
@@ -148,7 +156,10 @@ int main(int argc, char **argv)
 
 	BIO_printf(bio_err,"test generation of DSA parameters\n");
 
-	dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,bio_err);
+	BN_GENCB_set(&cb, dsa_cb, bio_err);
+	if(((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
+				seed, 20, &counter, &h, &cb))
+		goto end;
 
 	BIO_printf(bio_err,"seed\n");
 	for (i=0; i<20; i+=4)
@@ -156,7 +167,7 @@ int main(int argc, char **argv)
 		BIO_printf(bio_err,"%02X%02X%02X%02X ",
 			seed[i],seed[i+1],seed[i+2],seed[i+3]);
 		}
-	BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
+	BIO_printf(bio_err,"\ncounter=%d h=%ld\n",counter,h);
 		
 	if (dsa == NULL) goto end;
 	DSA_print(bio_err,dsa,0);
@@ -220,17 +231,14 @@ end:
 		BIO_free(bio_err);
 		bio_err = NULL;
 		}
+#ifdef OPENSSL_SYS_NETWARE
+    if (!ret) printf("ERROR\n");
+#endif
 	EXIT(!ret);
 	return(0);
 	}
 
-static int cb_exit(int ec)
-	{
-	EXIT(ec);
-	return(0);		/* To keep some compilers quiet */
-	}
-
-static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
 	{
 	char c='*';
 	static int ok=0,num=0;
@@ -239,13 +247,14 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg)
 	if (p == 1) c='+';
 	if (p == 2) { c='*'; ok++; }
 	if (p == 3) c='\n';
-	BIO_write(arg,&c,1);
-	(void)BIO_flush(arg);
+	BIO_write(arg->arg,&c,1);
+	(void)BIO_flush(arg->arg);
 
 	if (!ok && (p == 0) && (num > 1))
 		{
 		BIO_printf((BIO *)arg,"error in dsatest\n");
-		cb_exit(1);
+		return 0;
 		}
+	return 1;
 	}
 #endif