// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// Package dsa implements the Digital Signature Algorithm, as defined in FIPS 186-3.
//
// The DSA operations in this package are not implemented using constant-time algorithms.
//
// Deprecated: DSA is a legacy algorithm, and modern alternatives such as
// Ed25519 (implemented by package crypto/ed25519) should be used instead. Keys

Louis Jacomet <******@****.***> 1711728981 +0100

    // force creation of multiple daemons for Java compilation by alternating between two distinct sets of JVM args
    def count = (project.name - "project") as int
    compileJava.options.forkOptions.jvmArgs = count % 2 ? ["-dsa"] : ["-esa"]

        passwordAuthenticationEnabled = true
    }

    private SshServer setupConfiguredTestSshd(int sshPort) {
        //copy dsa key to config directory
        URL fileUrl = ClassLoader.getSystemResource("sshd-config/test-dsa.key")
        FileUtils.copyURLToFile(fileUrl, new File(configDir, "test-dsa.key"))

        SshServer sshServer = SshServer.setUpDefaultServer()
        sshServer.setPort(sshPort)

	{SHA512WithRSAPSS, "SHA512-RSAPSS", oidSignatureRSAPSS, pssParametersSHA512, RSA, crypto.SHA512, true},
	{DSAWithSHA1, "DSA-SHA1", oidSignatureDSAWithSHA1, emptyRawValue, DSA, crypto.SHA1, false},
	{DSAWithSHA256, "DSA-SHA256", oidSignatureDSAWithSHA256, emptyRawValue, DSA, crypto.SHA256, false},
	{ECDSAWithSHA1, "ECDSA-SHA1", oidSignatureECDSAWithSHA1, emptyRawValue, ECDSA, crypto.SHA1, false},

		}
		return ecdh.X25519().NewPublicKey(der)
	case oid.Equal(oidPublicKeyDSA):
		y := new(big.Int)
		if !der.ReadASN1Integer(y) {
			return nil, errors.New("x509: invalid DSA public key")
		}
		pub := &dsa.PublicKey{
			Y: y,
			Parameters: dsa.Parameters{
				P: new(big.Int),
				Q: new(big.Int),
				G: new(big.Int),
			},
		}
		paramsDer := cryptobyte.String(params.FullBytes)

	// Sign signs digest with the private key, possibly using entropy from
	// rand. For an RSA key, the resulting signature should be either a
	// PKCS #1 v1.5 or PSS signature (as indicated by opts). For an (EC)DSA
	// key, it should be a DER-serialised, ASN.1 signature structure.
	//
	// Hash implements the SignerOpts interface and, in most cases, one can
	// simply pass in the hash function used as opts. Sign may also attempt

	RET

// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
TEXT ·svcCall(SB), NOSPLIT, $0
	BL   runtime·save_g(SB)     // Save g and stack pointer
	MOVW PSALAA, R8
	MOVD LCA64(R8), R8
	MOVD SAVSTACK_ASYNC(R8), R9
	MOVD R15, 0(R9)

	MOVD argv+8(FP), R1   // Move function arguments into registers
	MOVD dsa+16(FP), g
	MOVD fnptr+0(FP), R15

	BYTE $0x0D // Branch to function
	BYTE $0xEF

        signatureSubpacketGenerator.setKeyFlags(false, KeyFlags.SIGN_DATA | KeyFlags.CERTIFY_OTHER);
        signatureSubpacketGenerator.setPreferredSymmetricAlgorithms(false, PublicKeyAlgorithmTags.DSA)
        signatureSubpacketGenerator.setPreferredHashAlgorithms(false, HashAlgorithmTags.SHA512)
        signatureSubpacketGenerator.setPreferredCompressionAlgorithms(false, CompressionAlgorithmTags.ZIP)

	if err != nil {
		t.Fatalf("Failed to parse certificate: %s", err)
	}
	if cert.PublicKeyAlgorithm != DSA {
		t.Errorf("Parsed key algorithm was not DSA")
	}
	parsedKey, ok := cert.PublicKey.(*dsa.PublicKey)
	if !ok {
		t.Fatalf("Parsed key was not a DSA key: %s", err)
	}
	if expectedKey.Y.Cmp(parsedKey.Y) != 0 ||
		expectedKey.P.Cmp(parsedKey.P) != 0 ||