Hi
I recently migrated an application from OpenSSL 1.1.1 to OpenSSL 3.0, and I'm wondering how best to handle DSA signatures - specifically, the 'r' and 's' values - in OpenSSL 3.0.
In OpenSSL 1.1.1, it was pretty easy:
DSA_do_sign() - gets you a DSA_SIG
DSA_SIG_get0() - gets you the 'r' and 's' values from the DSA_SIG
This still works in OpenSSL 3.0, but the DSA_* functions are deprecated, and so to avoid that I'm doing this instead:
EVP_DIgestSign() - gets you a DER-encoded signature blob
BN_bin2bn() - grabs 'r' or 's' from the signature blob, so long as you point it at the right place in the blob
Which seems very cumbersome, and requires intimate knowledge of the layout of the signature blob.
Is there a better way to get the 'r' and 's' values from a DSA signature in OpenSSL 3.0 without using deprecated functions?
Thanks.
Richard
