|
NAME
| |
asn1toDSApriv, dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree,
dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub
- digital signature algorithm
|
SYNOPSIS
| |
#include <u.h>
#include <libc.h>
#include <mp.h>
#include <libsec.h>
DSApriv* dsagen(DSApub *opub)
DSAsig* dsasign(DSApriv *k, mpint *m)
int dsaverify(DSApub *k, DSAsig *sig, mpint *m)
DSApub* dsapuballoc(void)
void dsapubfree(DSApub*)
DSApriv* dsaprivalloc(void)
void dsaprivfree(DSApriv*)
DSAsig* dsasigalloc(void)
void dsasigfree(DSAsig*)
DSApub* dsaprivtopub(DSApriv*)
DSApriv* asn1toDSApriv(uchar *priv, int npriv)
|
DESCRIPTION
| |
DSA is the NIST approved digital signature algorithm. The owner
of a key publishes the public part of the key:
| |
struct DSApub
{
| |
mpint *p; // modulus
mpint *q; // group order, q divides p−1
mpint *alpha; // group generator
mpint *key; // alpha**secret mod p
|
};
|
This part can be used for verifying signatures (with dsaverify)
created by the owner. The owner signs (with dsasign) using his
private key:
| |
struct DSApriv
{
| |
DSApub pub;
mpint *secret; // (decryption key)
|
};
|
Keys are generated using dsagen. If dsagen’s argument opub is
nil, a key is created using a new p and q generated by DSAprimes
(see prime(3)). Otherwise, p and q are copied from the old key.
Dsaprivtopub returns a newly allocated copy of the public key
corresponding to the private key.
The routines dsapuballoc, dsapubfree, dsaprivalloc, and dsaprivfree
are provided to manage key storage.
Dsasign signs message m using a private key k yielding a
Dsaverify returns 0 if the signature is valid and –1 if not.
The routines dsasigalloc and dsasigfree are provided to manage
signature storage.
Asn1toDSApriv converts an ASN1 formatted DSA private key into
the corresponding DSApriv structure; see rsa(3) for other ASN1
routines.
|
SOURCE
SEE ALSO
|
|
