DSA(2)
NAME
dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub - digital signature algorithm
SYNOPSIS
#include <u.h>
#include <libc.h>
#include <mp.h>
#include <libsec.h>
DSApriv∗dsagen(DSApub ∗opub)
DSAsig∗dsasign(DSApriv ∗k, mpint ∗m)
intdsaverify(DSApub ∗k, DSAsig ∗sig, mpint ∗m)
DSApub∗dsapuballoc(void)
voiddsapubfree(DSApub∗)
DSApriv∗dsaprivalloc(void)
voiddsaprivfree(DSApriv∗)
DSAsig∗dsasigalloc(void)
voiddsasigfree(DSAsig∗)
DSApub∗dsaprivtopub(DSApriv∗)
DESCRIPTION
DSA is the NIST approved digital signature algorithm. The owner of a key publishes the public part of the key:
struct DSApub
{
mpint∗p;// modulus
mpint∗q;// group order, q divides p-1
mpint∗alpha;// group generator
mpint∗key;// alpha∗∗secret mod p
};
This part can be used for verifying signatures (with dsaverify) created by the owner. The owner signs (with dsasign) using his private key:
struct DSApriv
{
DSApubpub;
mpint∗secret; // (decryption key)
};
Keys are generated using dsagen. If dsagen’s argument opub is nil, a key is created using a new p and q generated by DSAprimes(2). Otherwise, p and q are copied from the old key.
Dsaprivtopub returns a newly allocated copy of the public key corresponding to the private key.
The routines dsapuballoc, dsapubfree, dsaprivalloc, and dsaprivfree are provided to manage key storage.
Dsasign signs message m using a private key k yielding a
struct DSAsig
{
mpint∗r, ∗s;
};
Dsaverify returns 0 if the signature is valid and −1 if not.
The routines dsasigalloc and dsasigfree are provided to manage signature storage.
SOURCE
/sys/src/libsec
SEE ALSO
mp(2), aes(2), blowfish(2), des(2), rc4(2), rsa(2), sechash(2), prime(2), rand(2)
Plan 9 — July 25, 2002