2000-01-28 03:31:26 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
dsa - Digital Signature Algorithm
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/dsa.h>
|
2000-10-27 05:07:28 +08:00
|
|
|
#include <openssl/engine.h>
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
DSA * DSA_new(void);
|
|
|
|
void DSA_free(DSA *dsa);
|
|
|
|
|
2002-08-06 00:27:01 +08:00
|
|
|
int DSA_size(const DSA *dsa);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
DSA * DSA_generate_parameters(int bits, unsigned char *seed,
|
|
|
|
int seed_len, int *counter_ret, unsigned long *h_ret,
|
2000-02-04 02:22:01 +08:00
|
|
|
void (*callback)(int, int, void *), void *cb_arg);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
2002-08-06 00:27:01 +08:00
|
|
|
DH * DSA_dup_DH(const DSA *r);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
int DSA_generate_key(DSA *dsa);
|
|
|
|
|
|
|
|
int DSA_sign(int dummy, const unsigned char *dgst, int len,
|
|
|
|
unsigned char *sigret, unsigned int *siglen, DSA *dsa);
|
|
|
|
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
|
|
|
|
BIGNUM **rp);
|
|
|
|
int DSA_verify(int dummy, const unsigned char *dgst, int len,
|
2002-08-06 00:27:01 +08:00
|
|
|
const unsigned char *sigbuf, int siglen, DSA *dsa);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
2002-08-06 00:27:01 +08:00
|
|
|
void DSA_set_default_method(const DSA_METHOD *meth);
|
|
|
|
const DSA_METHOD *DSA_get_default_method(void);
|
|
|
|
int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
|
2000-10-27 05:07:28 +08:00
|
|
|
DSA *DSA_new_method(ENGINE *engine);
|
2002-08-06 00:27:01 +08:00
|
|
|
const DSA_METHOD *DSA_OpenSSL(void);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
DSA_SIG *DSA_SIG_new(void);
|
|
|
|
void DSA_SIG_free(DSA_SIG *a);
|
2002-08-06 00:27:01 +08:00
|
|
|
int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
|
2000-01-28 03:31:26 +08:00
|
|
|
DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
|
|
|
|
|
|
|
|
DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
|
|
|
|
int DSA_do_verify(const unsigned char *dgst, int dgst_len,
|
|
|
|
DSA_SIG *sig, DSA *dsa);
|
|
|
|
|
|
|
|
DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
|
|
|
|
DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
|
|
|
|
DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
|
2002-08-06 00:27:01 +08:00
|
|
|
int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
|
|
|
|
int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
|
|
|
|
int i2d_DSAparams(const DSA *a,unsigned char **pp);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
2002-08-06 00:27:01 +08:00
|
|
|
int DSAparams_print(BIO *bp, const DSA *x);
|
|
|
|
int DSAparams_print_fp(FILE *fp, const DSA *x);
|
|
|
|
int DSA_print(BIO *bp, const DSA *x, int off);
|
|
|
|
int DSA_print_fp(FILE *bp, const DSA *x, int off);
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
These functions implement the Digital Signature Algorithm (DSA). The
|
|
|
|
generation of shared DSA parameters is described in
|
2015-08-18 03:21:33 +08:00
|
|
|
L<DSA_generate_parameters(3)>;
|
|
|
|
L<DSA_generate_key(3)> describes how to
|
2000-01-28 03:31:26 +08:00
|
|
|
generate a signature key. Signature generation and verification are
|
2015-08-18 03:21:33 +08:00
|
|
|
described in L<DSA_sign(3)>.
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
The B<DSA> structure consists of several BIGNUM components.
|
|
|
|
|
|
|
|
struct
|
|
|
|
{
|
|
|
|
BIGNUM *p; // prime number (public)
|
|
|
|
BIGNUM *q; // 160-bit subprime, q | p-1 (public)
|
|
|
|
BIGNUM *g; // generator of subgroup (public)
|
|
|
|
BIGNUM *priv_key; // private key x
|
|
|
|
BIGNUM *pub_key; // public key y = g^x
|
|
|
|
// ...
|
|
|
|
}
|
|
|
|
DSA;
|
|
|
|
|
|
|
|
In public keys, B<priv_key> is NULL.
|
|
|
|
|
2002-08-06 00:27:01 +08:00
|
|
|
Note that DSA keys may use non-standard B<DSA_METHOD> implementations,
|
|
|
|
either directly or by the use of B<ENGINE> modules. In some cases (eg. an
|
|
|
|
ENGINE providing support for hardware-embedded keys), these BIGNUM values
|
|
|
|
will not be used by the implementation or may be used for alternative data
|
|
|
|
storage. For this reason, applications should generally avoid using DSA
|
|
|
|
structure elements directly and instead use API functions to query or
|
|
|
|
modify keys.
|
|
|
|
|
2000-01-28 03:31:26 +08:00
|
|
|
=head1 CONFORMING TO
|
|
|
|
|
|
|
|
US Federal Information Processing Standard FIPS 186 (Digital Signature
|
|
|
|
Standard, DSS), ANSI X9.30
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
2015-08-18 03:21:33 +08:00
|
|
|
L<bn(3)>, L<dh(3)>, L<err(3)>, L<rand(3)>,
|
|
|
|
L<rsa(3)>, L<sha(3)>, L<engine(3)>,
|
|
|
|
L<DSA_new(3)>,
|
|
|
|
L<DSA_size(3)>,
|
|
|
|
L<DSA_generate_parameters(3)>,
|
|
|
|
L<DSA_dup_DH(3)>,
|
|
|
|
L<DSA_generate_key(3)>,
|
|
|
|
L<DSA_sign(3)>, L<DSA_set_method(3)>,
|
|
|
|
L<DSA_get_ex_new_index(3)>,
|
|
|
|
L<RSA_print(3)>
|
2000-01-28 03:31:26 +08:00
|
|
|
|
|
|
|
=cut
|