6859cf7459
manual when the specific function is refered to in the current manual text. This correction was originally introduced in OpenBSD's tracking of OpenSSL.
67 lines
2.0 KiB
Plaintext
67 lines
2.0 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/dsa.h>
|
|
|
|
int DSA_sign(int type, const unsigned char *dgst, int len,
|
|
unsigned char *sigret, unsigned int *siglen, DSA *dsa);
|
|
|
|
int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
|
|
BIGNUM **rp);
|
|
|
|
int DSA_verify(int type, const unsigned char *dgst, int len,
|
|
unsigned char *sigbuf, int siglen, DSA *dsa);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
DSA_sign() computes a digital signature on the B<len> byte message
|
|
digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
|
|
encoding at B<sigret>. The length of the signature is places in
|
|
*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
|
|
|
|
DSA_sign_setup() may be used to precompute part of the signing
|
|
operation in case signature generation is time-critical. It expects
|
|
B<dsa> to contain DSA parameters. It places the precomputed values
|
|
in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
|
|
the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
|
|
be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
|
|
B<ctx> is a pre-allocated B<BN_CTX> or NULL.
|
|
|
|
DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
|
|
matches a given message digest B<dgst> of size B<len>.
|
|
B<dsa> is the signer's public key.
|
|
|
|
The B<type> parameter is ignored.
|
|
|
|
The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
|
|
is called.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
|
|
DSA_verify() returns 1 for a valid signature, 0 for an incorrect
|
|
signature and -1 on error. The error codes can be obtained by
|
|
L<ERR_get_error(3)|ERR_get_error(3)>.
|
|
|
|
=head1 CONFORMING TO
|
|
|
|
US Federal Information Processing Standard FIPS 186 (Digital Signature
|
|
Standard, DSS), ANSI X9.30
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
|
|
L<DSA_do_sign(3)|DSA_do_sign(3)>
|
|
|
|
=head1 HISTORY
|
|
|
|
DSA_sign() and DSA_verify() are available in all versions of SSLeay.
|
|
DSA_sign_setup() was added in SSLeay 0.8.
|
|
|
|
=cut
|