[thirdparty/openssl.git] / doc / man3 / DSA_sign.pod

=pod

=head1 NAME

DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures

=head1 SYNOPSIS

 #include <openssl/dsa.h>

The following functions have been deprecated since OpenSSL 3.0, and can be
hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
see L<openssl_user_macros(7)>:

 int DSA_sign(int type, const unsigned char *dgst, int len,
              unsigned char *sigret, unsigned int *siglen, DSA *dsa);

 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp);

 int DSA_verify(int type, const unsigned char *dgst, int len,
                unsigned char *sigbuf, int siglen, DSA *dsa);

=head1 DESCRIPTION

All of the functions described on this page are deprecated.
Applications should instead use L<EVP_PKEY_sign_init(3)>, L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.

DSA_sign() computes a digital signature on the B<len> byte message
digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
encoding at B<sigret>. The length of the signature is places in
*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.

DSA_sign_setup() is defined only for backward binary compatibility and
should not be used.
Since OpenSSL 1.1.0 the DSA type is opaque and the output of
DSA_sign_setup() cannot be used anyway: calling this function will only
cause overhead, and does not affect the actual signature
(pre-)computation.

DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
matches a given message digest B<dgst> of size B<len>.
B<dsa> is the signer's public key.

The B<type> parameter is ignored.

The random generator must be seeded when DSA_sign() (or DSA_sign_setup())
is called.
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
external circumstances (see L<RAND(7)>), the operation will fail.

=head1 RETURN VALUES

DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
DSA_verify() returns 1 for a valid signature, 0 for an incorrect
signature and -1 on error. The error codes can be obtained by
L<ERR_get_error(3)>.

=head1 CONFORMING TO

US Federal Information Processing Standard FIPS 186 (Digital Signature
Standard, DSS), ANSI X9.30

=head1 SEE ALSO

L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
L<DSA_do_sign(3)>,
L<RAND(7)>

=head1 HISTORY

All of these functions were deprecated in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
38e33cef UM	1	=pod
	2
	3	=head1 NAME
	4
	5	DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/dsa.h>
	10
3dbf8243 MC	11	The following functions have been deprecated since OpenSSL 3.0, and can be
	12	hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
	13	see L<openssl_user_macros(7)>:
e52b4215	14
e9b77246 BB	15	int DSA_sign(int type, const unsigned char *dgst, int len,
e9b77246 BB	16	unsigned char sigret, unsigned int siglen, DSA *dsa);
38e33cef	17
e9b77246	18	int DSA_sign_setup(DSA dsa, BN_CTX ctx, BIGNUM kinvp, BIGNUM rp);
38e33cef	19
e9b77246	20	int DSA_verify(int type, const unsigned char *dgst, int len,
1bc74519	21	unsigned char sigbuf, int siglen, DSA dsa);
38e33cef UM	22
	23	=head1 DESCRIPTION
	24
e52b4215 SL	25	All of the functions described on this page are deprecated.
	26	Applications should instead use L<EVP_PKEY_sign_init(3)>, L<EVP_PKEY_sign(3)>,
	27	L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
	28
38e33cef UM	29	DSA_sign() computes a digital signature on the B<len> byte message
	30	digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
	31	encoding at B<sigret>. The length of the signature is places in
	32	*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
	33
8fe4c0b0 NT	34	DSA_sign_setup() is defined only for backward binary compatibility and
	35	should not be used.
	36	Since OpenSSL 1.1.0 the DSA type is opaque and the output of
	37	DSA_sign_setup() cannot be used anyway: calling this function will only
	38	cause overhead, and does not affect the actual signature
	39	(pre-)computation.
38e33cef UM	40
	41	DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
	42	matches a given message digest B<dgst> of size B<len>.
	43	B<dsa> is the signer's public key.
	44
	45	The B<type> parameter is ignored.
	46
262c0088	47	The random generator must be seeded when DSA_sign() (or DSA_sign_setup())
74235cc9	48	is called.
262c0088 DMSP	49	If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
262c0088 DMSP	50	external circumstances (see L<RAND(7)>), the operation will fail.
74235cc9	51
38e33cef UM	52	=head1 RETURN VALUES
	53
	54	DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
	55	DSA_verify() returns 1 for a valid signature, 0 for an incorrect
	56	signature and -1 on error. The error codes can be obtained by
9b86974e	57	L<ERR_get_error(3)>.
38e33cef UM	58
	59	=head1 CONFORMING TO
	60
	61	US Federal Information Processing Standard FIPS 186 (Digital Signature
	62	Standard, DSS), ANSI X9.30
	63
	64	=head1 SEE ALSO
	65
b97fdb57	66	L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
262c0088 DMSP	67	L<DSA_do_sign(3)>,
262c0088 DMSP	68	L<RAND(7)>
38e33cef	69
e52b4215 SL	70	=head1 HISTORY
	71
	72	All of these functions were deprecated in OpenSSL 3.0.
	73
e2f92610 RS	74	=head1 COPYRIGHT
e2f92610 RS	75
3c2bdd7d	76	Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	77
4746f25a	78	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	79	this file except in compliance with the License. You can obtain a copy
	80	in the file LICENSE in the source distribution or at
	81	L<https://www.openssl.org/source/license.html>.
	82
	83	=cut