4 files changed, 25 insertions, 56 deletions

diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index 3c7644d251..5fff2890a2 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_ameth.c,v 1.30 2022/01/07 09:35:36 tb Exp $ */
+/* $OpenBSD: dsa_ameth.c,v 1.31 2022/01/14 08:29:06 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
@@ -133,6 +133,7 @@ static int
 dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
 {
         DSA *dsa;
+        ASN1_INTEGER *pubint = NULL;
         void *pval = NULL;
         int ptype;
         unsigned char *penc = NULL;
@@ -158,9 +159,14 @@ dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
         } else
                 ptype = V_ASN1_UNDEF;
 
-        dsa->write_params = 0;
 
-        penclen = i2d_DSAPublicKey(dsa, &penc);
+        if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) {
+                DSAerror(ERR_R_MALLOC_FAILURE);
+                goto err;
+        }
+
+        penclen = i2d_ASN1_INTEGER(pubint, &penc);
+        ASN1_INTEGER_free(pubint);
 
         if (penclen <= 0) {
                 DSAerror(ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c
index 3bf044665f..daa970e316 100644
--- a/src/lib/libcrypto/dsa/dsa_asn1.c
+++ b/src/lib/libcrypto/dsa/dsa_asn1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_asn1.c,v 1.23 2022/01/07 09:35:36 tb Exp $ */
+/* $OpenBSD: dsa_asn1.c,v 1.24 2022/01/14 08:29:06 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -329,14 +329,15 @@ i2d_DSAparams_fp(FILE *fp, DSA *a)
         return ASN1_item_i2d_fp(&DSAparams_it, fp, a);
 }
 
-/*
- * DSA public key is a bit trickier... its effectively a CHOICE type
- * decided by a field called write_params which can either write out
- * just the public key as an INTEGER or the parameters and public key
- * in a SEQUENCE
- */
-
-static const ASN1_TEMPLATE dsa_pub_internal_seq_tt[] = {
+static const ASN1_AUX DSAPublicKey_aux = {
+        .app_data = NULL,
+        .flags = 0,
+        .ref_offset = 0,
+        .ref_lock = 0,
+        .asn1_cb = dsa_cb,
+        .enc_offset = 0,
+};
+static const ASN1_TEMPLATE DSAPublicKey_seq_tt[] = {
         {
                 .flags = 0,
                 .tag = 0,
@@ -367,52 +368,16 @@ static const ASN1_TEMPLATE dsa_pub_internal_seq_tt[] = {
         },
 };
 
-const ASN1_ITEM dsa_pub_internal_it = {
+const ASN1_ITEM DSAPublicKey_it = {
         .itype = ASN1_ITYPE_SEQUENCE,
         .utype = V_ASN1_SEQUENCE,
-        .templates = dsa_pub_internal_seq_tt,
-        .tcount = sizeof(dsa_pub_internal_seq_tt) / sizeof(ASN1_TEMPLATE),
-        .funcs = NULL,
-        .size = sizeof(DSA),
-        .sname = "DSA",
-};
-
-static const ASN1_AUX DSAPublicKey_aux = {
-        .app_data = NULL,
-        .flags = 0,
-        .ref_offset = 0,
-        .ref_lock = 0,
-        .asn1_cb = dsa_cb,
-        .enc_offset = 0,
-};
-static const ASN1_TEMPLATE DSAPublicKey_ch_tt[] = {
-        {
-                .flags = 0,
-                .tag = 0,
-                .offset = offsetof(DSA, pub_key),
-                .field_name = "pub_key",
-                .item = &BIGNUM_it,
-        },
-        {
-                .flags = 0 | ASN1_TFLG_COMBINE,
-                .tag = 0,
-                .offset = 0,
-                .field_name = NULL,
-                .item = &dsa_pub_internal_it,
-        },
-};
-
-const ASN1_ITEM DSAPublicKey_it = {
-        .itype = ASN1_ITYPE_CHOICE,
-        .utype = offsetof(DSA, write_params),
-        .templates = DSAPublicKey_ch_tt,
-        .tcount = sizeof(DSAPublicKey_ch_tt) / sizeof(ASN1_TEMPLATE),
+        .templates = DSAPublicKey_seq_tt,
+        .tcount = sizeof(DSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
         .funcs = &DSAPublicKey_aux,
         .size = sizeof(DSA),
         .sname = "DSA",
 };
 
-
 DSA *
 d2i_DSAPublicKey(DSA **a, const unsigned char **in, long len)
 {
diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c
index 7a7986b1f7..1369c6f745 100644
--- a/src/lib/libcrypto/dsa/dsa_lib.c
+++ b/src/lib/libcrypto/dsa/dsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_lib.c,v 1.33 2022/01/07 09:35:36 tb Exp $ */
+/* $OpenBSD: dsa_lib.c,v 1.34 2022/01/14 08:29:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -154,7 +154,6 @@ DSA_new_method(ENGINE *engine)
 
         ret->pad = 0;
         ret->version = 0;
-        ret->write_params = 1;
         ret->p = NULL;
         ret->q = NULL;
         ret->g = NULL;
@@ -177,7 +176,7 @@ DSA_new_method(ENGINE *engine)
                 free(ret);
                 ret = NULL;
         }
-        
+
         return ret;
 }
 
diff --git a/src/lib/libcrypto/dsa/dsa_locl.h b/src/lib/libcrypto/dsa/dsa_locl.h
index 29a3901dc7..299c67a6b9 100644
--- a/src/lib/libcrypto/dsa/dsa_locl.h
+++ b/src/lib/libcrypto/dsa/dsa_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa_locl.h,v 1.4 2022/01/14 08:27:23 tb Exp $ */
+/* $OpenBSD: dsa_locl.h,v 1.5 2022/01/14 08:29:06 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
  *
@@ -90,7 +90,6 @@ struct dsa_st {
          * a DSA is passed instead of of a EVP_PKEY */
         int pad;
         long version;
-        int write_params;
         BIGNUM *p;
         BIGNUM *q;      /* == 20 */
         BIGNUM *g;