xref: /onnv-gate/usr/src/common/openssl/doc/crypto/dsa.pod (revision 2175:b0b2f052a486) 
1*2175Sjp161948=pod
2*2175Sjp161948
3*2175Sjp161948=head1 NAME
4*2175Sjp161948
5*2175Sjp161948dsa - Digital Signature Algorithm
6*2175Sjp161948
7*2175Sjp161948=head1 SYNOPSIS
8*2175Sjp161948
9*2175Sjp161948 #include <openssl/dsa.h>
10*2175Sjp161948 #include <openssl/engine.h>
11*2175Sjp161948
12*2175Sjp161948 DSA *	DSA_new(void);
13*2175Sjp161948 void	DSA_free(DSA *dsa);
14*2175Sjp161948
15*2175Sjp161948 int	DSA_size(const DSA *dsa);
16*2175Sjp161948
17*2175Sjp161948 DSA *	DSA_generate_parameters(int bits, unsigned char *seed,
18*2175Sjp161948                int seed_len, int *counter_ret, unsigned long *h_ret,
19*2175Sjp161948		void (*callback)(int, int, void *), void *cb_arg);
20*2175Sjp161948
21*2175Sjp161948 DH *	DSA_dup_DH(const DSA *r);
22*2175Sjp161948
23*2175Sjp161948 int	DSA_generate_key(DSA *dsa);
24*2175Sjp161948
25*2175Sjp161948 int	DSA_sign(int dummy, const unsigned char *dgst, int len,
26*2175Sjp161948		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
27*2175Sjp161948 int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
28*2175Sjp161948                BIGNUM **rp);
29*2175Sjp161948 int	DSA_verify(int dummy, const unsigned char *dgst, int len,
30*2175Sjp161948		const unsigned char *sigbuf, int siglen, DSA *dsa);
31*2175Sjp161948
32*2175Sjp161948 void DSA_set_default_method(const DSA_METHOD *meth);
33*2175Sjp161948 const DSA_METHOD *DSA_get_default_method(void);
34*2175Sjp161948 int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
35*2175Sjp161948 DSA *DSA_new_method(ENGINE *engine);
36*2175Sjp161948 const DSA_METHOD *DSA_OpenSSL(void);
37*2175Sjp161948
38*2175Sjp161948 int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
39*2175Sjp161948	     int (*dup_func)(), void (*free_func)());
40*2175Sjp161948 int DSA_set_ex_data(DSA *d, int idx, char *arg);
41*2175Sjp161948 char *DSA_get_ex_data(DSA *d, int idx);
42*2175Sjp161948
43*2175Sjp161948 DSA_SIG *DSA_SIG_new(void);
44*2175Sjp161948 void	DSA_SIG_free(DSA_SIG *a);
45*2175Sjp161948 int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
46*2175Sjp161948 DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
47*2175Sjp161948
48*2175Sjp161948 DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
49*2175Sjp161948 int	DSA_do_verify(const unsigned char *dgst, int dgst_len,
50*2175Sjp161948	     DSA_SIG *sig, DSA *dsa);
51*2175Sjp161948
52*2175Sjp161948 DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
53*2175Sjp161948 DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
54*2175Sjp161948 DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
55*2175Sjp161948 int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
56*2175Sjp161948 int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
57*2175Sjp161948 int	i2d_DSAparams(const DSA *a,unsigned char **pp);
58*2175Sjp161948
59*2175Sjp161948 int	DSAparams_print(BIO *bp, const DSA *x);
60*2175Sjp161948 int	DSAparams_print_fp(FILE *fp, const DSA *x);
61*2175Sjp161948 int	DSA_print(BIO *bp, const DSA *x, int off);
62*2175Sjp161948 int	DSA_print_fp(FILE *bp, const DSA *x, int off);
63*2175Sjp161948
64*2175Sjp161948=head1 DESCRIPTION
65*2175Sjp161948
66*2175Sjp161948These functions implement the Digital Signature Algorithm (DSA).  The
67*2175Sjp161948generation of shared DSA parameters is described in
68*2175Sjp161948L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
69*2175Sjp161948L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
70*2175Sjp161948generate a signature key. Signature generation and verification are
71*2175Sjp161948described in L<DSA_sign(3)|DSA_sign(3)>.
72*2175Sjp161948
73*2175Sjp161948The B<DSA> structure consists of several BIGNUM components.
74*2175Sjp161948
75*2175Sjp161948 struct
76*2175Sjp161948        {
77*2175Sjp161948        BIGNUM *p;		// prime number (public)
78*2175Sjp161948        BIGNUM *q;		// 160-bit subprime, q | p-1 (public)
79*2175Sjp161948        BIGNUM *g;		// generator of subgroup (public)
80*2175Sjp161948        BIGNUM *priv_key;	// private key x
81*2175Sjp161948        BIGNUM *pub_key;	// public key y = g^x
82*2175Sjp161948        // ...
83*2175Sjp161948        }
84*2175Sjp161948 DSA;
85*2175Sjp161948
86*2175Sjp161948In public keys, B<priv_key> is NULL.
87*2175Sjp161948
88*2175Sjp161948Note that DSA keys may use non-standard B<DSA_METHOD> implementations,
89*2175Sjp161948either directly or by the use of B<ENGINE> modules. In some cases (eg. an
90*2175Sjp161948ENGINE providing support for hardware-embedded keys), these BIGNUM values
91*2175Sjp161948will not be used by the implementation or may be used for alternative data
92*2175Sjp161948storage. For this reason, applications should generally avoid using DSA
93*2175Sjp161948structure elements directly and instead use API functions to query or
94*2175Sjp161948modify keys.
95*2175Sjp161948
96*2175Sjp161948=head1 CONFORMING TO
97*2175Sjp161948
98*2175Sjp161948US Federal Information Processing Standard FIPS 186 (Digital Signature
99*2175Sjp161948Standard, DSS), ANSI X9.30
100*2175Sjp161948
101*2175Sjp161948=head1 SEE ALSO
102*2175Sjp161948
103*2175Sjp161948L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
104*2175Sjp161948L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
105*2175Sjp161948L<DSA_new(3)|DSA_new(3)>,
106*2175Sjp161948L<DSA_size(3)|DSA_size(3)>,
107*2175Sjp161948L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
108*2175Sjp161948L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
109*2175Sjp161948L<DSA_generate_key(3)|DSA_generate_key(3)>,
110*2175Sjp161948L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
111*2175Sjp161948L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
112*2175Sjp161948L<RSA_print(3)|RSA_print(3)>
113*2175Sjp161948
114*2175Sjp161948=cut
115