DSA(3)                                                     DSA(3)

          asn1toDSApriv, dsagen, dsasign, dsaverify, dsapuballoc,
          dsapubfree, dsaprivalloc, dsaprivfree, dsasigalloc,
          dsasigfree, dsaprivtopub - digital signature algorithm

          #include <u.h>
          #include <libc.h>
          #include <mp.h>
          #include <libsec.h>

          DSApriv*  dsagen(DSApub *opub)

          DSAsig*   dsasign(DSApriv *k, mpint *m)

          int       dsaverify(DSApub *k, DSAsig *sig, mpint *m)

          DSApub*   dsapuballoc(void)

          void      dsapubfree(DSApub*)

          DSApriv*  dsaprivalloc(void)

          void      dsaprivfree(DSApriv*)

          DSAsig*   dsasigalloc(void)

          void      dsasigfree(DSAsig*)

          DSApub*   dsaprivtopub(DSApriv*)

          DSApriv*  asn1toDSApriv(uchar *priv, int npriv)

          DSA is the NIST approved digital signature algorithm.  The
          owner of a key publishes the public part of the key:
               struct DSApub
                    mpint     *p;  // modulus
                    mpint     *q;  // group order, q divides p-1
                    mpint     *alpha;   // group generator
                    mpint     *key;     // alpha**secret mod p
          This part can be used for verifying signatures (with
          dsaverify) created by the owner.  The owner signs (with
          dsasign) using his private key:
               struct DSApriv
                    DSApub    pub;
                    mpint     *secret; // (decryption key)

     DSA(3)                                                     DSA(3)


          Keys are generated using dsagen. If dsagen's argument opub
          is nil, a key is created using a new p and q generated by
          DSAprimes (see prime(3)). Otherwise, p and q are copied from
          the old key.

          Dsaprivtopub returns a newly allocated copy of the public
          key corresponding to the private key.

          The routines dsapuballoc, dsapubfree, dsaprivalloc, and
          dsaprivfree are provided to manage key storage.

          Dsasign signs message m using a private key k yielding a
               struct DSAsig
                    mpint     *r, *s;
          Dsaverify returns 0 if the signature is valid and -1 if not.

          The routines dsasigalloc and dsasigfree are provided to man-
          age signature storage.

          Asn1toDSApriv converts an ASN1 formatted DSA private key
          into the corresponding DSApriv structure; see rsa(3) for
          other ASN1 routines.


          mp(3), aes(3), blowfish(3), des(3), rc4(3), rsa(3),
          sechash(3), prime(3), rand(3)