From 339abe94df18967525a625d9cb975f5d81331758 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Fri, 14 Jan 2022 08:27:23 +0000
Subject: [PATCH] Make DSA opaque

This moves DSA_SIG, DSA and DSA_METHOD to dsa_locl.h.

ok inoguchi jsing
---
 lib/libcrypto/dsa/dsa.h      | 66 ++----------------------------------
 lib/libcrypto/dsa/dsa_locl.h | 56 +++++++++++++++++++++++++++++-
 2 files changed, 57 insertions(+), 65 deletions(-)

diff --git a/lib/libcrypto/dsa/dsa.h b/lib/libcrypto/dsa/dsa.h
index b0220856cc3..4fafce382d7 100644
--- a/lib/libcrypto/dsa/dsa.h
+++ b/lib/libcrypto/dsa/dsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa.h,v 1.34 2022/01/14 07:49:49 tb Exp $ */
+/* $OpenBSD: dsa.h,v 1.35 2022/01/14 08:27:23 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -109,69 +109,7 @@
 extern "C" {
 #endif
 
-/* Already defined in ossl_typ.h */
-/* typedef struct dsa_st DSA; */
-/* typedef struct dsa_method DSA_METHOD; */
-
-typedef struct DSA_SIG_st
-	{
-	BIGNUM *r;
-	BIGNUM *s;
-	} DSA_SIG;
-
-struct dsa_method
-	{
-	const char *name;
-	DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-								BIGNUM **rp);
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-			     DSA_SIG *sig, DSA *dsa);
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-			BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *in_mont);
-	int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(DSA *dsa);
-	int (*finish)(DSA *dsa);
-	int flags;
-	char *app_data;
-	/* If this is non-NULL, it is used to generate DSA parameters */
-	int (*dsa_paramgen)(DSA *dsa, int bits,
-			const unsigned char *seed, int seed_len,
-			int *counter_ret, unsigned long *h_ret,
-			BN_GENCB *cb);
-	/* If this is non-NULL, it is used to generate DSA keys */
-	int (*dsa_keygen)(DSA *dsa);
-	};
-
-struct dsa_st
-	{
-	/* This first variable is used to pick up errors where
-	 * a DSA is passed instead of of a EVP_PKEY */
-	int pad;
-	long version;
-	int write_params;
-	BIGNUM *p;
-	BIGNUM *q;	/* == 20 */
-	BIGNUM *g;
-
-	BIGNUM *pub_key;  /* y public key */
-	BIGNUM *priv_key; /* x private key */
-
-	BIGNUM *kinv;	/* Signing pre-calc */
-	BIGNUM *r;	/* Signing pre-calc */
-
-	int flags;
-	/* Normally used to cache montgomery values */
-	BN_MONT_CTX *method_mont_p;
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	};
+typedef struct DSA_SIG_st DSA_SIG;
 
 DSA *d2i_DSAparams_bio(BIO *bp, DSA **a);
 int i2d_DSAparams_bio(BIO *bp, DSA *a);
diff --git a/lib/libcrypto/dsa/dsa_locl.h b/lib/libcrypto/dsa/dsa_locl.h
index cdb38e036b7..29a3901dc78 100644
--- a/lib/libcrypto/dsa/dsa_locl.h
+++ b/lib/libcrypto/dsa/dsa_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_locl.h,v 1.3 2016/12/21 15:49:29 jsing Exp $ */
+/* $OpenBSD: dsa_locl.h,v 1.4 2022/01/14 08:27:23 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
  *
@@ -57,6 +57,60 @@
 
 __BEGIN_HIDDEN_DECLS
 
+struct DSA_SIG_st {
+	BIGNUM *r;
+	BIGNUM *s;
+} /* DSA_SIG */;
+
+struct dsa_method {
+	const char *name;
+	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
+	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+	    BIGNUM **rp);
+	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
+	    DSA_SIG *sig, DSA *dsa);
+	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+	    BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+	    BN_MONT_CTX *in_mont);
+	int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+	    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
+	int (*init)(DSA *dsa);
+	int (*finish)(DSA *dsa);
+	int flags;
+	char *app_data;
+	/* If this is non-NULL, it is used to generate DSA parameters */
+	int (*dsa_paramgen)(DSA *dsa, int bits, const unsigned char *seed,
+	    int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+	/* If this is non-NULL, it is used to generate DSA keys */
+	int (*dsa_keygen)(DSA *dsa);
+} /* DSA_METHOD */;
+
+struct dsa_st {
+	/* This first variable is used to pick up errors where
+	 * a DSA is passed instead of of a EVP_PKEY */
+	int pad;
+	long version;
+	int write_params;
+	BIGNUM *p;
+	BIGNUM *q;	/* == 20 */
+	BIGNUM *g;
+
+	BIGNUM *pub_key;  /* y public key */
+	BIGNUM *priv_key; /* x private key */
+
+	BIGNUM *kinv;	/* Signing pre-calc */
+	BIGNUM *r;	/* Signing pre-calc */
+
+	int flags;
+	/* Normally used to cache montgomery values */
+	BN_MONT_CTX *method_mont_p;
+	int references;
+	CRYPTO_EX_DATA ex_data;
+	const DSA_METHOD *meth;
+	/* functional reference if 'meth' is ENGINE-provided */
+	ENGINE *engine;
+} /* DSA */;
+
 int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
 	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
 	unsigned char *seed_out,
-- 
2.20.1