diff --git a/ChangeLog b/ChangeLog
index da8f29a86808db0aca25864b5cd28380d3fa805b..64e6c97c294966f5a273962f8a157380b0b825ab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+2009-10-19  Niels Möller  <nisse@lysator.liu.se>
+
+	* tools/pkcs1-conv.c: Updated for dsa/der interface change.
+
+	* der2dsa.c (dsa_public_key_from_der_iterators): Split into two
+	new functions...
+	(dsa_params_from_der_iterator): New function.
+	(dsa_public_key_from_der_iterator): New function.
+	(dsa_openssl_private_key_from_der_iterator): Renamed, was
+	dsa_private_key_from_der_iterator.
+	(dsa_openssl_private_key_from_der): Likewise.
+	* dsa.h: Corresponding changees to prototypes and #defines.
+
 2009-10-12  Niels Möller  <nisse@lysator.liu.se>
 
 	* sexp-format.c: Removed conditioning on HAVE_LIBGMP.
@@ -14,7 +27,8 @@
 	* configure.ac (LIBHOGWEED_MINOR): Bumped libhogweed minor
 	version, now it's 1.1.
 
-	* testsuite/rsa2sexp-test.c (test_main): Updated testcase for "rsa-pkcs1".
+	* testsuite/rsa2sexp-test.c (test_main): Updated testcase for
+	"rsa-pkcs1".
 
 2009-10-11  Niels Möller  <nisse@lysator.liu.se>
 
diff --git a/der2dsa.c b/der2dsa.c
index de8b4c85542ba7c5e5128444519a6c9e3ba0061a..656bc899906feca2433768ecb3ddea6efd7b64e7 100644
--- a/der2dsa.c
+++ b/der2dsa.c
@@ -39,37 +39,45 @@
  && mpz_sgn((x)) > 0)
 
 int
-dsa_public_key_from_der_iterators(struct dsa_public_key *pub,
-				 unsigned limit,
-				 struct asn1_der_iterator *i,
-				 struct asn1_der_iterator *j)
+dsa_params_from_der_iterator(struct dsa_public_key *pub,
+			     unsigned limit,
+			     struct asn1_der_iterator *i)
 {
-  /* DSAPublicKey ::= INTEGER
-     Dss-Parms ::= SEQUENCE {
+  /* Dss-Parms ::= SEQUENCE {
 	 p  INTEGER,
 	 q  INTEGER,
 	 g  INTEGER
      }
   */
-
   return (i->type == ASN1_INTEGER
-	  && asn1_der_get_bignum(i, pub->y, limit)
-	  && mpz_sgn(pub->y) > 0
-	  && j->type == ASN1_INTEGER
-	  && asn1_der_get_bignum(j, pub->p, limit)
+	  && asn1_der_get_bignum(i, pub->p, limit)
 	  && mpz_sgn(pub->p) > 0
-	  && GET(j, pub->q, limit)
-	  && GET(j, pub->g, limit)
+	  && GET(i, pub->q, limit)
+	  && GET(i, pub->g, limit)
 	  && asn1_der_iterator_next(i) == ASN1_ITERATOR_END);
+  
+}
+
+int
+dsa_public_key_from_der_iterator(struct dsa_public_key *pub,
+				 unsigned limit,
+				 struct asn1_der_iterator *i)
+{
+  /* DSAPublicKey ::= INTEGER
+  */
+
+  return (i->type == ASN1_INTEGER
+	  && asn1_der_get_bignum(i, pub->y, limit)
+	  && mpz_sgn(pub->y) > 0);
 }
 
 /* FIXME: Rename this and the next function to something
    openssl-specific? */
 int
-dsa_private_key_from_der_iterator(struct dsa_public_key *pub,
-				  struct dsa_private_key *priv,
-				  unsigned limit,
-				  struct asn1_der_iterator *i)
+dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub,
+					  struct dsa_private_key *priv,
+					  unsigned limit,
+					  struct asn1_der_iterator *i)
 {
   /* DSAPrivateKey ::= SEQUENCE {
          version           Version,
@@ -97,7 +105,7 @@ dsa_private_key_from_der_iterator(struct dsa_public_key *pub,
 }
 
 int
-dsa_keypair_from_der(struct dsa_public_key *pub,
+dsa_openssl_private_key_from_der(struct dsa_public_key *pub,
 		     struct dsa_private_key *priv,
 		     unsigned limit,
 		     unsigned length, const uint8_t *data)
@@ -107,11 +115,6 @@ dsa_keypair_from_der(struct dsa_public_key *pub,
 
   res = asn1_der_iterator_first(&i, length, data);
 
-  if (res != ASN1_ITERATOR_CONSTRUCTED)
-    return 0;
-
-  if (priv)
-    return dsa_private_key_from_der_iterator(pub, priv, limit, &i);
-  else
-    return 0;
+  return (res == ASN1_ITERATOR_CONSTRUCTED
+	  && dsa_openssl_private_key_from_der_iterator(pub, priv, limit, &i));
 }
diff --git a/dsa.h b/dsa.h
index c8ce4934bc9222dad443035000a0e4793366f571..32f691deb3f00b2810953d7aed6206cdb0c45df7 100644
--- a/dsa.h
+++ b/dsa.h
@@ -55,9 +55,10 @@ extern "C" {
 #define dsa_keypair_to_sexp nettle_dsa_keypair_to_sexp
 #define dsa_keypair_from_sexp_alist nettle_dsa_keypair_from_sexp_alist
 #define dsa_keypair_from_sexp nettle_dsa_keypair_from_sexp
-#define dsa_public_key_from_der_iterators nettle_dsa_public_key_from_der_iterators
-#define dsa_private_key_from_der_iterator nettle_dsa_private_key_from_der_iterator 
-#define dsa_keypair_from_der nettle_dsa_keypair_from_der
+#define dsa_params_from_der_iterator nettle_dsa_params_from_der_iterator
+#define dsa_public_key_from_der_iterator nettle_dsa_public_key_from_der_iterator
+#define dsa_openssl_private_key_from_der_iterator nettle_dsa_openssl_private_key_from_der_iterator 
+#define dsa_openssl_private_key_from_der nettle_openssl_provate_key_from_der
 
 #define DSA_MIN_P_BITS 512
 #define DSA_Q_OCTETS 20
@@ -213,23 +214,25 @@ dsa_keypair_from_sexp(struct dsa_public_key *pub,
 struct asn1_der_iterator;
 
 int
-dsa_public_key_from_der_iterators(struct dsa_public_key *pub,
-				  unsigned limit,
-				  struct asn1_der_iterator *i,
-				  struct asn1_der_iterator *j);
+dsa_params_from_der_iterator(struct dsa_public_key *pub,
+			     unsigned limit,
+			     struct asn1_der_iterator *i);
+int
+dsa_public_key_from_der_iterator(struct dsa_public_key *pub,
+				 unsigned limit,
+				 struct asn1_der_iterator *i);
 
 int
-dsa_private_key_from_der_iterator(struct dsa_public_key *pub,
-				  struct dsa_private_key *priv,
-				  unsigned limit,
-				  struct asn1_der_iterator *i);
+dsa_openssl_private_key_from_der_iterator(struct dsa_public_key *pub,
+					  struct dsa_private_key *priv,
+					  unsigned limit,
+					  struct asn1_der_iterator *i);
 
-/* For public keys, use PRIV == NULL */ 
 int
-dsa_keypair_from_der(struct dsa_public_key *pub,
-		     struct dsa_private_key *priv,
-		     unsigned limit, 
-		     unsigned length, const uint8_t *data);
+dsa_openssl_private_key_from_der(struct dsa_public_key *pub,
+				 struct dsa_private_key *priv,
+				 unsigned limit, 
+				 unsigned length, const uint8_t *data);
 
 
 #ifdef __cplusplus
diff --git a/tools/pkcs1-conv.c b/tools/pkcs1-conv.c
index 34a779480c2ca936a7ca37671cbbf071ea98c01c..158df5d4a43bd5c9a9c34975595c5f0ac12a852a 100644
--- a/tools/pkcs1-conv.c
+++ b/tools/pkcs1-conv.c
@@ -317,8 +317,8 @@ convert_dsa_private_key(struct nettle_buffer *buffer, unsigned length, const uin
   dsa_public_key_init(&pub);
   dsa_private_key_init(&priv);
 
-  if (dsa_keypair_from_der(&pub, &priv, 0,
-			   length, data))
+  if (dsa_openssl_private_key_from_der(&pub, &priv, 0,
+				       length, data))
     {
       /* Reuses the buffer */
       nettle_buffer_reset(buffer);
@@ -408,7 +408,8 @@ convert_public_key(struct nettle_buffer *buffer, unsigned length, const uint8_t
 
 		  dsa_public_key_init(&pub);
 
-		  if (dsa_public_key_from_der_iterators(&pub, 0, &i, &j))
+		  if (dsa_params_from_der_iterator(&pub, 0, &i)
+		      && dsa_public_key_from_der_iterator(&pub, 0, &j))
 		    {
 		      nettle_buffer_reset(buffer);
 		      res = dsa_keypair_to_sexp(buffer, NULL, &pub, NULL) > 0;