ref: db809f2d4786af8fbdf221d59f638c6d0d0d439c
dir: /sys/man/2/dsa/
.TH DSA 2
.SH NAME
dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub - digital signature algorithm
.SH SYNOPSIS
.B #include <u.h>
.br
.B #include <libc.h>
.br
.B #include <mp.h>
.br
.B #include <libsec.h>
.PP
.B
DSApriv* dsagen(DSApub *opub)
.PP
.B
DSAsig* dsasign(DSApriv *k, mpint *m)
.PP
.B
int dsaverify(DSApub *k, DSAsig *sig, mpint *m)
.PP
.B
DSApub* dsapuballoc(void)
.PP
.B
void dsapubfree(DSApub*)
.PP
.B
DSApriv* dsaprivalloc(void)
.PP
.B
void dsaprivfree(DSApriv*)
.PP
.B
DSAsig* dsasigalloc(void)
.PP
.B
void dsasigfree(DSAsig*)
.PP
.B
DSApub* dsaprivtopub(DSApriv*)
.SH DESCRIPTION
.PP
DSA is the NIST approved digital signature algorithm. The owner of a key publishes
the public part of the key:
.IP
.EX
struct DSApub
{
mpint *p; // modulus
mpint *q; // group order, q divides p-1
mpint *alpha; // group generator
mpint *key; // alpha**secret mod p
};
.EE
.LP
This part can be used for verifying signatures (with
.IR dsaverify )
created by the owner.
The owner signs (with
.IR dsasign )
using his private key:
.IP
.EX
struct DSApriv
{
DSApub pub;
mpint *secret; // (decryption key)
};
.EE
.PP
Keys are generated using
.IR dsagen .
If
.IR dsagen 's
argument
.I opub
is
.BR nil ,
a key is created using a new
.B p
and
.B q
generated by
.I DSAprimes
(see
.IR prime (2)).
Otherwise,
.B p
and
.B q
are copied from the old key.
.PP
.I Dsaprivtopub
returns a newly allocated copy of the public key
corresponding to the private key.
.PP
The routines
.IR dsapuballoc ,
.IR dsapubfree ,
.IR dsaprivalloc ,
and
.I dsaprivfree
are provided to manage key storage.
.PP
.I Dsasign
signs message
.I m
using a private key
.I k
yielding a
.IP
.EX
struct DSAsig
{
mpint *r, *s;
};
.EE
.LP
.I Dsaverify
returns 0 if the signature is valid and \-1 if not.
.PP
The routines
.I dsasigalloc
and
.I dsasigfree
are provided to manage signature storage.
.SH SOURCE
.B /sys/src/libsec
.SH SEE ALSO
.IR mp (2),
.IR aes (2),
.IR blowfish (2),
.IR des (2),
.IR rc4 (2),
.IR rsa (2),
.IR sechash (2),
.IR prime (2),
.IR rand (2)