Tie DSA into the engine framework as with RSA and DH so far. I've verified

	char *method_mont_p;

	int references;

	CRYPTO_EX_DATA ex_data;

#if 0

	DSA_METHOD *meth;

#else

	struct engine_st *handle;

#endif

	};

#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \

DSA_METHOD *DSA_OpenSSL(void);

void        DSA_set_default_method(DSA_METHOD *);

DSA_METHOD *DSA_get_default_method(void);

void        DSA_set_default_openssl_method(DSA_METHOD *);

DSA_METHOD *DSA_get_default_openssl_method(void);

#if 0

DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *);

#else

int DSA_set_method(DSA *dsa, struct engine_st *);

#endif

DSA *	DSA_new(void);

#if 0

DSA *	DSA_new_method(DSA_METHOD *meth);

#else

DSA *	DSA_new_method(struct engine_st *handle);

#endif

int	DSA_size(DSA *);

	/* next 4 return -1 on error */

int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);

#include <openssl/bn.h>

#include <openssl/dsa.h>

#include <openssl/asn1.h>

#include <openssl/engine.h>

const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT;

static int dsa_meth_num = 0;

static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;

void DSA_set_default_method(DSA_METHOD *meth)

void DSA_set_default_openssl_method(DSA_METHOD *meth)

{

	ENGINE *e;

	/* We'll need to notify the "openssl" ENGINE of this

	 * change too. We won't bother locking things down at

	 * our end as there was never any locking in these

	 * functions! */

	if(default_DSA_method != meth)

		{

		default_DSA_method = meth;

		e = ENGINE_by_id("openssl");

		if(e)

			{

			ENGINE_set_DSA(e, meth);

			ENGINE_free(e);

			}

		}

}

DSA_METHOD *DSA_get_default_method(void)

DSA_METHOD *DSA_get_default_openssl_method(void)

{

	if(!default_DSA_method) default_DSA_method = DSA_OpenSSL();

	return default_DSA_method;

	return DSA_new_method(NULL);

}

#if 0

DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth)

{

        DSA_METHOD *mtmp;

        if (meth->init) meth->init(dsa);

        return mtmp;

}

#else

int DSA_set_method(DSA *dsa, ENGINE *h)

	{

	ENGINE *mtmp;

	DSA_METHOD *meth;

	mtmp = dsa->handle;

	meth = ENGINE_get_DSA(mtmp);

	if (!ENGINE_init(h))

		return 0;

	if (meth->finish) meth->finish(dsa);

	dsa->handle = h;

	meth = ENGINE_get_DSA(h);

	if (meth->init) meth->init(dsa);

	/* SHOULD ERROR CHECK THIS!!! */

	ENGINE_finish(mtmp);

	return 1;

	}

#endif

#if 0

DSA *DSA_new_method(DSA_METHOD *meth)

#else

DSA *DSA_new_method(ENGINE *handle)

#endif

	{

	DSA_METHOD *meth;

	DSA *ret;

	ret=(DSA *)Malloc(sizeof(DSA));

		DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);

		return(NULL);

		}

	if(meth) ret->meth = meth;

	else ret->meth = DSA_get_default_method();

	if(handle)

		ret->handle = handle;

	else

		{

		if((ret->handle=ENGINE_get_default_DSA()) == NULL)

			{

			Free(ret);

			return NULL;

			}

		}

	meth = ENGINE_get_DSA(ret->handle);

	ret->pad=0;

	ret->version=0;

	ret->write_params=1;

	ret->method_mont_p=NULL;

	ret->references=1;

	ret->flags=ret->meth->flags;

	if ((ret->meth->init != NULL) && !ret->meth->init(ret))

	ret->flags=meth->flags;

	if ((meth->init != NULL) && !meth->init(ret))

		{

		Free(ret);

		ret=NULL;

void DSA_free(DSA *r)

	{

	DSA_METHOD *meth;

	int i;

	if (r == NULL) return;

	CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data);

	if(r->meth->finish) r->meth->finish(r);

	meth = ENGINE_get_DSA(r->handle);

	if(meth->finish) meth->finish(r);

	ENGINE_finish(r->handle);

	if (r->p != NULL) BN_clear_free(r->p);

	if (r->q != NULL) BN_clear_free(r->q);

#include <openssl/dsa.h>

#include <openssl/rand.h>

#include <openssl/asn1.h>

#include <openssl/engine.h>

static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);

static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);

		}

	/* Compute r = (g^k mod p) mod q */

	if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,

	if (!ENGINE_get_DSA(dsa->handle)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,

		(BN_MONT_CTX *)dsa->method_mont_p)) goto err;

	if (!BN_mod(r,r,dsa->q,ctx)) goto err;

	if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err;

#else

	{

	if (!dsa->meth->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,

	if (!ENGINE_get_DSA(dsa->handle)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2,

						dsa->p,ctx,mont)) goto err;

	/* BN_copy(&u1,&t1); */

	/* let u1 = u1 mod q */

#include <openssl/dsa.h>

#include <openssl/rand.h>

#include <openssl/asn1.h>

#include <openssl/engine.h>

DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)

	{

	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);

	return ENGINE_get_DSA(dsa->handle)->dsa_do_sign(dgst, dlen, dsa);

	}

int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,

int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)

	{

	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);

	return ENGINE_get_DSA(dsa->handle)->dsa_sign_setup(dsa, ctx_in, kinvp, rp);

	}

#include <openssl/rand.h>

#include <openssl/asn1.h>

#include <openssl/asn1_mac.h>

#include <openssl/engine.h>

int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,

		  DSA *dsa)

	{

	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);

	return ENGINE_get_DSA(dsa->handle)->dsa_do_verify(dgst, dgst_len, sig, dsa);

	}

/* data has already been hashed (probably with SHA or SHA-1). */