Merge branch 'feature/formatRsaDsa' into develop

This closes #50
libtom · Sep 29, 2014 · b1b3d58 · b1b3d58
2 parents 7842e33 + eea24fe
commit b1b3d58
Show file tree

Hide file tree

Showing 7 changed files with 285 additions and 47 deletions.
diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h
@@ -5,6 +5,9 @@ enum {
    PK_PRIVATE=1
 };
 
+/* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */
+#define PK_STD          0x1000
+
 int rand_prime(void *N, long len, prng_state *prng, int wprng);
 int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng);
 int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);

diff --git a/src/pk/dsa/dsa_export.c b/src/pk/dsa/dsa_export.c
@@ -28,12 +28,15 @@
 int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key)
 {
    unsigned long zero=0;
-   int err;
+   int err, std;
 
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(key    != NULL);
 
+   std = type & PK_STD;
+   type &= ~PK_STD;
+
    /* can we store the static header?  */
    if (type == PK_PRIVATE && key->type != PK_PRIVATE) {
       return CRYPT_PK_TYPE_MISMATCH;
@@ -43,45 +46,67 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
       return CRYPT_INVALID_ARG;
    }
 
-   /* This encoding is different from the one in original
-    * libtomcrypt. It uses a compatible encoding with gnutls
-    * and openssl
-    */
-
    if (type == PK_PRIVATE) {
-      return der_encode_sequence_multi(out, outlen,
-                                 LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
-                                 LTC_ASN1_INTEGER,      1UL, key->p,
-                                 LTC_ASN1_INTEGER,      1UL, key->q,
-                                 LTC_ASN1_INTEGER,      1UL, key->g,
-                                 LTC_ASN1_INTEGER,      1UL, key->y,
-                                 LTC_ASN1_INTEGER,      1UL, key->x,
-                                 LTC_ASN1_EOL,          0UL, NULL);
+      if (std) {
+          return der_encode_sequence_multi(out, outlen,
+                                         LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
+                                         LTC_ASN1_INTEGER,      1UL, key->p,
+                                         LTC_ASN1_INTEGER,      1UL, key->q,
+                                         LTC_ASN1_INTEGER,      1UL, key->g,
+                                         LTC_ASN1_INTEGER,      1UL, key->y,
+                                         LTC_ASN1_INTEGER,      1UL, key->x,
+                                         LTC_ASN1_EOL,          0UL, NULL);
+      }
+      else {
+          unsigned char flags[1];
+          flags[0] = 1;
+          return der_encode_sequence_multi(out, outlen,
+                                         LTC_ASN1_BIT_STRING,   1UL, flags,
+                                         LTC_ASN1_INTEGER,      1UL, key->g,
+                                         LTC_ASN1_INTEGER,      1UL, key->p,
+                                         LTC_ASN1_INTEGER,      1UL, key->q,
+                                         LTC_ASN1_INTEGER,      1UL, key->y,
+                                         LTC_ASN1_INTEGER,      1UL, key->x,
+                                         LTC_ASN1_EOL,          0UL, NULL);
+      }
    } else {
-      unsigned long tmplen = (mp_count_bits(key->y)/8)+8;
-      unsigned char* tmp = XMALLOC(tmplen);
-      ltc_asn1_list int_list[3];
+      if (std) {
+          unsigned long tmplen = (mp_count_bits(key->y) / 8) + 8;
+          unsigned char* tmp = XMALLOC(tmplen);
+          ltc_asn1_list int_list[3];
 
-      if (tmp == NULL) {
-	   return CRYPT_MEM;
-      }
+          if (tmp == NULL) {
+              return CRYPT_MEM;
+          }
 
-      err = der_encode_integer(key->y, tmp, &tmplen);
-      if (err != CRYPT_OK) {
-		  goto error;
-      }
+          err = der_encode_integer(key->y, tmp, &tmplen);
+          if (err != CRYPT_OK) {
+              goto error;
+          }
 
-      LTC_SET_ASN1(int_list, 0, LTC_ASN1_INTEGER, key->p, 1UL);
-      LTC_SET_ASN1(int_list, 1, LTC_ASN1_INTEGER, key->q, 1UL);
-      LTC_SET_ASN1(int_list, 2, LTC_ASN1_INTEGER, key->g, 1UL);
+          LTC_SET_ASN1(int_list, 0, LTC_ASN1_INTEGER, key->p, 1UL);
+          LTC_SET_ASN1(int_list, 1, LTC_ASN1_INTEGER, key->q, 1UL);
+          LTC_SET_ASN1(int_list, 2, LTC_ASN1_INTEGER, key->g, 1UL);
 
-      err = der_encode_subject_public_key_info(out, outlen,
-        PKA_DSA, tmp, tmplen,
-        LTC_ASN1_SEQUENCE, int_list, sizeof(int_list)/sizeof(int_list[0]));
+          err = der_encode_subject_public_key_info(out, outlen, PKA_DSA, tmp,
+              tmplen, LTC_ASN1_SEQUENCE, int_list,
+              sizeof(int_list) / sizeof(int_list[0]));
 
 error:
-      XFREE(tmp);
-      return err;
+          XFREE(tmp);
+          return err;
+      }
+      else {
+          unsigned char flags[1];
+          flags[0] = 0;
+          return der_encode_sequence_multi(out, outlen,
+                                     LTC_ASN1_BIT_STRING,   1UL, flags,
+                                     LTC_ASN1_INTEGER,      1UL, key->g,
+                                     LTC_ASN1_INTEGER,      1UL, key->p,
+                                     LTC_ASN1_INTEGER,      1UL, key->q,
+                                     LTC_ASN1_INTEGER,      1UL, key->y,
+                                     LTC_ASN1_EOL,          0UL, NULL);
+      }
    }
 }
 

diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c
@@ -18,7 +18,7 @@
 #ifdef LTC_MDSA
 
 /**
-   Import a DSA key 
+   Import a DSA key
    @param in       The binary packet to import from
    @param inlen    The length of the binary packet
    @param key      [out] Where to store the imported key
@@ -29,6 +29,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
    int           err;
    unsigned long zero = 0;
    unsigned char* tmpbuf = NULL;
+   unsigned char flags[1];
 
    LTC_ARGCHK(in  != NULL);
    LTC_ARGCHK(key != NULL);
@@ -39,6 +40,42 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
       return CRYPT_MEM;
    }
 
+   /* try to match the old libtomcrypt format */
+   if ((err = der_decode_sequence_multi(in, inlen,
+                                  LTC_ASN1_BIT_STRING, 1UL, flags,
+                                  LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) {
+       /* private key */
+       if (flags[0]) {
+           fprintf(stderr, "private key\n");
+           if ((err = der_decode_sequence_multi(in, inlen,
+                                  LTC_ASN1_BIT_STRING,   1UL, flags,
+                                  LTC_ASN1_INTEGER,      1UL, key->g,
+                                  LTC_ASN1_INTEGER,      1UL, key->p,
+                                  LTC_ASN1_INTEGER,      1UL, key->q,
+                                  LTC_ASN1_INTEGER,      1UL, key->y,
+                                  LTC_ASN1_INTEGER,      1UL, key->x,
+                                  LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
+               goto LBL_ERR;
+           }
+           key->type = PK_PRIVATE;
+           goto LBL_OK;
+       }
+       /* public key */
+       else {
+           fprintf(stderr, "public key\n");
+           if ((err = der_decode_sequence_multi(in, inlen,
+                                      LTC_ASN1_BIT_STRING,   1UL, flags,
+                                      LTC_ASN1_INTEGER,      1UL, key->g,
+                                      LTC_ASN1_INTEGER,      1UL, key->p,
+                                      LTC_ASN1_INTEGER,      1UL, key->q,
+                                      LTC_ASN1_INTEGER,      1UL, key->y,
+                                      LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
+               goto LBL_ERR;
+           }
+           key->type = PK_PUBLIC;
+           goto LBL_OK;
+       }
+   }
    /* get key type */
    if ((err = der_decode_sequence_multi(in, inlen,
                           LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
@@ -78,6 +115,8 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
       XFREE(tmpbuf);
       key->type = PK_PUBLIC;
   }
+
+LBL_OK:
   key->qord = mp_unsigned_bin_size(key->q);
 
   if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||

diff --git a/src/pk/rsa/rsa_export.c b/src/pk/rsa/rsa_export.c
@@ -56,27 +56,37 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
                           LTC_ASN1_EOL,     0UL, NULL);
    } else {
       /* public key */
-      unsigned long tmplen = (mp_count_bits(key->N)/8)*2+8;
-      unsigned char* tmp = XMALLOC(tmplen);
+      unsigned long tmplen, *ptmplen;
+      unsigned char* tmp = NULL;
 
-      if (tmp == NULL) {
-	   return CRYPT_MEM;
+      if (type & PK_STD) {
+          tmplen = (mp_count_bits(key->N)/8)*2+8;
+          tmp = XMALLOC(tmplen);
+          ptmplen = &tmplen;
+          if (tmp == NULL) {
+              return CRYPT_MEM;
+          }
+      }
+      else {
+          tmp = out;
+          ptmplen = outlen;
       }
 
-      err = der_encode_sequence_multi(tmp, &tmplen,
+      err = der_encode_sequence_multi(tmp, ptmplen,
                                  LTC_ASN1_INTEGER, 1UL,  key->N,
                                  LTC_ASN1_INTEGER, 1UL,  key->e,
                                  LTC_ASN1_EOL,     0UL, NULL);
 
-      if (err != CRYPT_OK) {
-		  goto error;
+      if ((err != CRYPT_OK) || !(type & PK_STD)) {
+          goto finish;
       }
 
       err = der_encode_subject_public_key_info(out, outlen,
         PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0);
 
-error:
-      XFREE(tmp);
+finish:
+      if (tmp != out)
+        XFREE(tmp);
       return err;
 
    }

diff --git a/testprof/dsa_test.c b/testprof/dsa_test.c
@@ -2,29 +2,144 @@
 
 #ifdef LTC_MDSA
 
+/* This is the private key from test_dsa.key */
+static const unsigned char openssl_priv_dsa[] = {
+  0x30, 0x82, 0x01, 0xbb, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xc5,
+  0x0a, 0x37, 0x51, 0x5c, 0xab, 0xd6, 0x18, 0xd5, 0xa2, 0x70, 0xbd, 0x4a,
+  0x6f, 0x6b, 0x4a, 0xf9, 0xe1, 0x39, 0x95, 0x0f, 0x2b, 0x99, 0x38, 0x7d,
+  0x9a, 0x64, 0xd6, 0x4c, 0xb5, 0x96, 0x7a, 0xdc, 0xed, 0xac, 0xa8, 0xac,
+  0xc6, 0x1b, 0x65, 0x5a, 0xde, 0xdb, 0x00, 0x61, 0x25, 0x1a, 0x18, 0x2c,
+  0xee, 0xa1, 0x07, 0x90, 0x62, 0x5e, 0x4d, 0x12, 0x31, 0x90, 0xc7, 0x03,
+  0x21, 0xfa, 0x09, 0xe7, 0xb1, 0x73, 0xd7, 0x8e, 0xaf, 0xdb, 0xfd, 0xbf,
+  0xb3, 0xef, 0xad, 0xd1, 0xa1, 0x2a, 0x03, 0x6d, 0xe7, 0x06, 0x92, 0x4a,
+  0x85, 0x2a, 0xff, 0x7a, 0x01, 0x66, 0x53, 0x1f, 0xea, 0xc6, 0x67, 0x41,
+  0x84, 0x5a, 0xc0, 0x6c, 0xed, 0x62, 0xf9, 0xc2, 0x62, 0x62, 0x05, 0xa4,
+  0xfa, 0x48, 0xa0, 0x66, 0xec, 0x35, 0xc9, 0xa8, 0x11, 0xfe, 0xb9, 0x81,
+  0xab, 0xee, 0xbe, 0x31, 0xb6, 0xbf, 0xcf, 0x02, 0x15, 0x00, 0xaa, 0x5b,
+  0xd7, 0xf4, 0xe5, 0x06, 0x24, 0x13, 0xe5, 0x88, 0x35, 0xca, 0x00, 0xc7,
+  0xa6, 0x35, 0x71, 0x61, 0x94, 0xc5, 0x02, 0x81, 0x80, 0x3b, 0x92, 0xe4,
+  0xff, 0x59, 0x29, 0x15, 0x0b, 0x08, 0x99, 0x5a, 0x7b, 0xf2, 0xad, 0x14,
+  0x40, 0x55, 0x6f, 0xa0, 0x47, 0xff, 0x90, 0x99, 0xb3, 0x44, 0xb3, 0xd4,
+  0xfc, 0x45, 0x15, 0x05, 0xae, 0x67, 0x22, 0x43, 0x9c, 0xba, 0x37, 0x10,
+  0xa5, 0x89, 0x47, 0x37, 0xec, 0xcc, 0xf5, 0xae, 0xad, 0xa8, 0xb4, 0x7a,
+  0x35, 0xcb, 0x9d, 0x93, 0x5c, 0xed, 0xe6, 0xb0, 0x7e, 0x96, 0x94, 0xc4,
+  0xa6, 0x0c, 0x7d, 0xd6, 0x70, 0x8a, 0x09, 0x4f, 0x81, 0x4a, 0x0e, 0xc2,
+  0x13, 0xfb, 0xeb, 0x16, 0xbf, 0xea, 0xa4, 0xf4, 0x56, 0xff, 0x72, 0x30,
+  0x05, 0xde, 0x8a, 0x44, 0x3f, 0xbe, 0xc6, 0x85, 0x26, 0x55, 0xd6, 0x2d,
+  0x1d, 0x1e, 0xdb, 0x15, 0xda, 0xa4, 0x45, 0x83, 0x3c, 0x17, 0x97, 0x98,
+  0x0b, 0x8d, 0x87, 0xf3, 0x49, 0x0d, 0x90, 0xbd, 0xa9, 0xab, 0x67, 0x6e,
+  0x87, 0x68, 0x72, 0x23, 0xdc, 0x02, 0x81, 0x80, 0x53, 0x16, 0xb0, 0xfb,
+  0xbf, 0x59, 0x8a, 0x5e, 0x55, 0x95, 0xc1, 0x4f, 0xac, 0x43, 0xb8, 0x08,
+  0x53, 0xe6, 0xcf, 0x0d, 0x92, 0x23, 0xfa, 0xb1, 0x84, 0x59, 0x52, 0x39,
+  0xbf, 0xcb, 0xf2, 0x2d, 0x38, 0x3a, 0xdd, 0x93, 0x52, 0x05, 0x49, 0x7e,
+  0x2b, 0x12, 0xc4, 0x61, 0x73, 0xe3, 0x6f, 0x54, 0xbd, 0x96, 0xe5, 0xa7,
+  0xaa, 0xa9, 0x5a, 0x58, 0xa4, 0xb7, 0x67, 0xd2, 0xc0, 0xbd, 0xc8, 0x1e,
+  0xb1, 0x3a, 0x12, 0x4f, 0x98, 0xc0, 0x05, 0xef, 0x39, 0x5d, 0x6a, 0xba,
+  0xb7, 0x0b, 0x3b, 0xd8, 0xb7, 0x95, 0xdd, 0x79, 0x6e, 0xa2, 0xd2, 0x84,
+  0x73, 0x47, 0x03, 0x88, 0xb4, 0x64, 0xd9, 0xb9, 0xb8, 0x4f, 0xf1, 0xc9,
+  0x34, 0xbb, 0xf9, 0x73, 0x66, 0xf5, 0x7c, 0x2e, 0x11, 0xfe, 0xc3, 0x31,
+  0xe6, 0x08, 0x38, 0x59, 0x67, 0x81, 0xeb, 0x6d, 0x41, 0x27, 0xd7, 0x0d,
+  0x74, 0xaf, 0xa0, 0x35, 0x02, 0x15, 0x00, 0x99, 0x36, 0xe5, 0xe4, 0xe9,
+  0xfb, 0x28, 0xbe, 0x91, 0xf5, 0x06, 0x5f, 0xe8, 0xc9, 0x35, 0xb3, 0xf5,
+  0xd8, 0x1f, 0xc5
+};
+
+/* The public part of test_dsa.key in SubjectPublicKeyInfo format */
+static const unsigned char openssl_pub_dsa[] = {
+  0x30, 0x82, 0x01, 0xb6, 0x30, 0x82, 0x01, 0x2b, 0x06, 0x07, 0x2a, 0x86,
+  0x48, 0xce, 0x38, 0x04, 0x01, 0x30, 0x82, 0x01, 0x1e, 0x02, 0x81, 0x81,
+  0x00, 0xc5, 0x0a, 0x37, 0x51, 0x5c, 0xab, 0xd6, 0x18, 0xd5, 0xa2, 0x70,
+  0xbd, 0x4a, 0x6f, 0x6b, 0x4a, 0xf9, 0xe1, 0x39, 0x95, 0x0f, 0x2b, 0x99,
+  0x38, 0x7d, 0x9a, 0x64, 0xd6, 0x4c, 0xb5, 0x96, 0x7a, 0xdc, 0xed, 0xac,
+  0xa8, 0xac, 0xc6, 0x1b, 0x65, 0x5a, 0xde, 0xdb, 0x00, 0x61, 0x25, 0x1a,
+  0x18, 0x2c, 0xee, 0xa1, 0x07, 0x90, 0x62, 0x5e, 0x4d, 0x12, 0x31, 0x90,
+  0xc7, 0x03, 0x21, 0xfa, 0x09, 0xe7, 0xb1, 0x73, 0xd7, 0x8e, 0xaf, 0xdb,
+  0xfd, 0xbf, 0xb3, 0xef, 0xad, 0xd1, 0xa1, 0x2a, 0x03, 0x6d, 0xe7, 0x06,
+  0x92, 0x4a, 0x85, 0x2a, 0xff, 0x7a, 0x01, 0x66, 0x53, 0x1f, 0xea, 0xc6,
+  0x67, 0x41, 0x84, 0x5a, 0xc0, 0x6c, 0xed, 0x62, 0xf9, 0xc2, 0x62, 0x62,
+  0x05, 0xa4, 0xfa, 0x48, 0xa0, 0x66, 0xec, 0x35, 0xc9, 0xa8, 0x11, 0xfe,
+  0xb9, 0x81, 0xab, 0xee, 0xbe, 0x31, 0xb6, 0xbf, 0xcf, 0x02, 0x15, 0x00,
+  0xaa, 0x5b, 0xd7, 0xf4, 0xe5, 0x06, 0x24, 0x13, 0xe5, 0x88, 0x35, 0xca,
+  0x00, 0xc7, 0xa6, 0x35, 0x71, 0x61, 0x94, 0xc5, 0x02, 0x81, 0x80, 0x3b,
+  0x92, 0xe4, 0xff, 0x59, 0x29, 0x15, 0x0b, 0x08, 0x99, 0x5a, 0x7b, 0xf2,
+  0xad, 0x14, 0x40, 0x55, 0x6f, 0xa0, 0x47, 0xff, 0x90, 0x99, 0xb3, 0x44,
+  0xb3, 0xd4, 0xfc, 0x45, 0x15, 0x05, 0xae, 0x67, 0x22, 0x43, 0x9c, 0xba,
+  0x37, 0x10, 0xa5, 0x89, 0x47, 0x37, 0xec, 0xcc, 0xf5, 0xae, 0xad, 0xa8,
+  0xb4, 0x7a, 0x35, 0xcb, 0x9d, 0x93, 0x5c, 0xed, 0xe6, 0xb0, 0x7e, 0x96,
+  0x94, 0xc4, 0xa6, 0x0c, 0x7d, 0xd6, 0x70, 0x8a, 0x09, 0x4f, 0x81, 0x4a,
+  0x0e, 0xc2, 0x13, 0xfb, 0xeb, 0x16, 0xbf, 0xea, 0xa4, 0xf4, 0x56, 0xff,
+  0x72, 0x30, 0x05, 0xde, 0x8a, 0x44, 0x3f, 0xbe, 0xc6, 0x85, 0x26, 0x55,
+  0xd6, 0x2d, 0x1d, 0x1e, 0xdb, 0x15, 0xda, 0xa4, 0x45, 0x83, 0x3c, 0x17,
+  0x97, 0x98, 0x0b, 0x8d, 0x87, 0xf3, 0x49, 0x0d, 0x90, 0xbd, 0xa9, 0xab,
+  0x67, 0x6e, 0x87, 0x68, 0x72, 0x23, 0xdc, 0x03, 0x81, 0x84, 0x00, 0x02,
+  0x81, 0x80, 0x53, 0x16, 0xb0, 0xfb, 0xbf, 0x59, 0x8a, 0x5e, 0x55, 0x95,
+  0xc1, 0x4f, 0xac, 0x43, 0xb8, 0x08, 0x53, 0xe6, 0xcf, 0x0d, 0x92, 0x23,
+  0xfa, 0xb1, 0x84, 0x59, 0x52, 0x39, 0xbf, 0xcb, 0xf2, 0x2d, 0x38, 0x3a,
+  0xdd, 0x93, 0x52, 0x05, 0x49, 0x7e, 0x2b, 0x12, 0xc4, 0x61, 0x73, 0xe3,
+  0x6f, 0x54, 0xbd, 0x96, 0xe5, 0xa7, 0xaa, 0xa9, 0x5a, 0x58, 0xa4, 0xb7,
+  0x67, 0xd2, 0xc0, 0xbd, 0xc8, 0x1e, 0xb1, 0x3a, 0x12, 0x4f, 0x98, 0xc0,
+  0x05, 0xef, 0x39, 0x5d, 0x6a, 0xba, 0xb7, 0x0b, 0x3b, 0xd8, 0xb7, 0x95,
+  0xdd, 0x79, 0x6e, 0xa2, 0xd2, 0x84, 0x73, 0x47, 0x03, 0x88, 0xb4, 0x64,
+  0xd9, 0xb9, 0xb8, 0x4f, 0xf1, 0xc9, 0x34, 0xbb, 0xf9, 0x73, 0x66, 0xf5,
+  0x7c, 0x2e, 0x11, 0xfe, 0xc3, 0x31, 0xe6, 0x08, 0x38, 0x59, 0x67, 0x81,
+  0xeb, 0x6d, 0x41, 0x27, 0xd7, 0x0d, 0x74, 0xaf, 0xa0, 0x35
+};
+
+static int dsa_compat_test(void)
+{
+  dsa_key key;
+  unsigned char tmp[1024];
+  unsigned long x;
+
+  DO(dsa_import(openssl_priv_dsa, sizeof(openssl_priv_dsa), &key));
+
+  x = sizeof(tmp);
+  DO(dsa_export(tmp, &x, PK_PRIVATE | PK_STD, &key));
+  DO((x == sizeof(openssl_priv_dsa))?CRYPT_OK:CRYPT_ERROR);
+  DO((memcmp(tmp, openssl_priv_dsa, sizeof(openssl_priv_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+
+  x = sizeof(tmp);
+  DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
+  DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
+  DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+  dsa_free(&key);
+
+  DO(dsa_import(openssl_pub_dsa, sizeof(openssl_pub_dsa), &key));
+
+  x = sizeof(tmp);
+  DO(dsa_export(tmp, &x, PK_PUBLIC | PK_STD, &key));
+  DO((x == sizeof(openssl_pub_dsa))?CRYPT_OK:CRYPT_ERROR);
+  DO((memcmp(tmp, openssl_pub_dsa, sizeof(openssl_pub_dsa)) == 0)?CRYPT_OK:CRYPT_ERROR);
+  dsa_free(&key);
+
+  return 0;
+}
+
 int dsa_test(void)
 {
    unsigned char msg[16], out[1024], out2[1024];
    unsigned long x, y;
    int stat1, stat2;
    dsa_key key, key2;
 
+   dsa_compat_test();
+
    /* make a random key */
    DO(dsa_make_key(&yarrow_prng, find_prng("yarrow"), 20, 128, &key));
 
    /* verify it */
    DO(dsa_verify_key(&key, &stat1));
    if (stat1 == 0) { fprintf(stderr, "dsa_verify_key "); return 1; }
-   
+
    /* encrypt a message */
    for (x = 0; x < 16; x++) { msg[x] = x; }
    x = sizeof(out);
    DO(dsa_encrypt_key(msg, 16, out, &x, &yarrow_prng, find_prng("yarrow"), find_hash("sha1"), &key));
-   
+
    /* decrypt */
    y = sizeof(out2);
    DO(dsa_decrypt_key(out, x, out2, &y, &key));
-   
+
    if (y != 16 || memcmp(out2, msg, 16)) {
       fprintf(stderr, "dsa_decrypt failed, y == %lu\n", y);
       return 1;