NAME

	dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree, dsaprivtopub - digital signature algorithm

SYNOPSIS

#include <u.h> #include <libc.h> #include <mp.h> #include <libsec.h> DSApriv*    dsagen(DSApub *opub) DSAsig*     dsasign(DSApriv *k, mpint *m) int         dsaverify(DSApub *k, DSAsig *sig, mpint *m) DSApub*     dsapuballoc(void) void        dsapubfree(DSApub*) DSApriv*    dsaprivalloc(void) void        dsaprivfree(DSApriv*) DSAsig*     dsasigalloc(void) void        dsasigfree(DSAsig*) DSApub*     dsaprivtopub(DSApriv*)

DESCRIPTION

DSA is the NIST approved digital signature algorithm. The owner of a key publishes the public part of the key: struct DSApub { mpint       *p;    // modulus mpint       *q;    // group order, q divides p−1 mpint       *alpha;     // group generator mpint       *key;       // alpha**secret mod p }; This part can be used for verifying signatures (with dsaverify) created by the owner. The owner signs (with dsasign) using his private key: struct DSApriv { DSApub      pub; mpint       *secret; // (decryption key) }; Keys are generated using dsagen. If dsagen’s argument opub is nil, a key is created using a new p and q generated by DSAprimes (see prime(3)). Otherwise, p and q are copied from the old key. Dsaprivtopub returns a newly allocated copy of the public key corresponding to the private key. The routines dsapuballoc, dsapubfree, dsaprivalloc, and dsaprivfree are provided to manage key storage. Dsasign signs message m using a private key k yielding a struct DSAsig { mpint       *r, *s; }; Dsaverify returns 0 if the signature is valid and –1 if not. The routines dsasigalloc and dsasigfree are provided to manage signature storage.

SOURCE

	/usr/local/plan9/src/libsec

SEE ALSO

	mp(3), aes(3), blowfish(3), des(3), rc4(3), rsa(3), sechash(3), prime(3), rand(3)