DSA(2) DSA(2)
NAME
dsagen, dsasign, dsaverify, dsapuballoc, dsapubfree,
dsaprivalloc, dsaprivfree, dsasigalloc, dsasigfree,
dsaprivtopub - digital signature algorithm
SYNOPSIS
#include <u.h>
#include <libc.h>
#include <mp.h>
#include <libsec.h>
DSApriv* dsagen(DSApub *opub)
DSAsig* dsasign(DSApriv *k, mpint *m)
int dsaverify(DSApub *k, DSAsig *sig, mpint *m)
DSApub* dsapuballoc(void)
void dsapubfree(DSApub*)
DSApriv* dsaprivalloc(void)
void dsaprivfree(DSApriv*)
DSAsig* dsasigalloc(void)
void dsasigfree(DSAsig*)
DSApub* dsaprivtopub(DSApriv*)
DESCRIPTION
DSA is the NIST approved digital signature algorithm. The
owner of a key publishes the public part of the key:
struct DSApub
{
mpint *p; // modulus
mpint *q; // group order, q divides p-1
mpint *alpha; // group generator
mpint *key; // alpha**secret mod p
};
This part can be used for verifying signatures (with
dsaverify) created by the owner. The owner signs (with
dsasign) using his private key:
struct DSApriv
{
DSApub pub;
Page 1 Plan 9 (printed 10/29/25)
DSA(2) DSA(2)
mpint *secret; // (decryption key)
};
Keys are generated using dsagen. If dsagen's argument opub
is nil, a key is created using a new p and q generated by
DSAprimes (see prime(2)). Otherwise, p and q are copied from
the old key.
Dsaprivtopub returns a newly allocated copy of the public
key corresponding to the private key.
The routines dsapuballoc, dsapubfree, dsaprivalloc, and
dsaprivfree are provided to manage key storage.
Dsasign signs message m using a private key k yielding a
struct DSAsig
{
mpint *r, *s;
};
Dsaverify returns 0 if the signature is valid and -1 if not.
The routines dsasigalloc and dsasigfree are provided to man-
age signature storage.
SOURCE
/sys/src/libsec
SEE ALSO
mp(2), aes(2), blowfish(2), des(2), rc4(2), rsa(2),
sechash(2), prime(2), rand(2)
Page 2 Plan 9 (printed 10/29/25)