[thirdparty/openssl.git] / doc / man3 / DSA_sign.pod

=pod

=head1 NAME

DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures

=head1 SYNOPSIS

 #include <openssl/dsa.h>

 int DSA_sign(int type, const unsigned char *dgst, int len,
              unsigned char *sigret, unsigned int *siglen, DSA *dsa);

 int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, BIGNUM **rp);

 int DSA_verify(int type, const unsigned char *dgst, int len,
                unsigned char *sigbuf, int siglen, DSA *dsa);

=head1 DESCRIPTION

DSA_sign() computes a digital signature on the B<len> byte message
digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
encoding at B<sigret>. The length of the signature is places in
*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.

DSA_sign_setup() is defined only for backward binary compatibility and
should not be used.
Since OpenSSL 1.1.0 the DSA type is opaque and the output of
DSA_sign_setup() cannot be used anyway: calling this function will only
cause overhead, and does not affect the actual signature
(pre-)computation.

DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
matches a given message digest B<dgst> of size B<len>.
B<dsa> is the signer's public key.

The B<type> parameter is ignored.

The random generator must be seeded when DSA_sign() (or DSA_sign_setup())
is called.
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
external circumstances (see L<RAND(7)>), the operation will fail.

=head1 RETURN VALUES

DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
DSA_verify() returns 1 for a valid signature, 0 for an incorrect
signature and -1 on error. The error codes can be obtained by
L<ERR_get_error(3)>.

=head1 CONFORMING TO

US Federal Information Processing Standard FIPS 186 (Digital Signature
Standard, DSS), ANSI X9.30

=head1 SEE ALSO

L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
L<DSA_do_sign(3)>,
L<RAND(7)>

=head1 COPYRIGHT

Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
38e33cef UM	1	=pod
	2
	3	=head1 NAME
	4
	5	DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/dsa.h>
	10
e9b77246 BB	11	int DSA_sign(int type, const unsigned char *dgst, int len,
e9b77246 BB	12	unsigned char sigret, unsigned int siglen, DSA *dsa);
38e33cef	13
e9b77246	14	int DSA_sign_setup(DSA dsa, BN_CTX ctx, BIGNUM kinvp, BIGNUM rp);
38e33cef	15
e9b77246	16	int DSA_verify(int type, const unsigned char *dgst, int len,
1bc74519	17	unsigned char sigbuf, int siglen, DSA dsa);
38e33cef UM	18
	19	=head1 DESCRIPTION
	20
	21	DSA_sign() computes a digital signature on the B<len> byte message
	22	digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
	23	encoding at B<sigret>. The length of the signature is places in
	24	*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
	25
8fe4c0b0 NT	26	DSA_sign_setup() is defined only for backward binary compatibility and
	27	should not be used.
	28	Since OpenSSL 1.1.0 the DSA type is opaque and the output of
	29	DSA_sign_setup() cannot be used anyway: calling this function will only
	30	cause overhead, and does not affect the actual signature
	31	(pre-)computation.
38e33cef UM	32
	33	DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
	34	matches a given message digest B<dgst> of size B<len>.
	35	B<dsa> is the signer's public key.
	36
	37	The B<type> parameter is ignored.
	38
262c0088	39	The random generator must be seeded when DSA_sign() (or DSA_sign_setup())
74235cc9	40	is called.
262c0088 DMSP	41	If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
262c0088 DMSP	42	external circumstances (see L<RAND(7)>), the operation will fail.
74235cc9	43
38e33cef UM	44	=head1 RETURN VALUES
	45
	46	DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
	47	DSA_verify() returns 1 for a valid signature, 0 for an incorrect
	48	signature and -1 on error. The error codes can be obtained by
9b86974e	49	L<ERR_get_error(3)>.
38e33cef UM	50
	51	=head1 CONFORMING TO
	52
	53	US Federal Information Processing Standard FIPS 186 (Digital Signature
	54	Standard, DSS), ANSI X9.30
	55
	56	=head1 SEE ALSO
	57
b97fdb57	58	L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
262c0088 DMSP	59	L<DSA_do_sign(3)>,
262c0088 DMSP	60	L<RAND(7)>
38e33cef	61
e2f92610 RS	62	=head1 COPYRIGHT
e2f92610 RS	63
fd38836b	64	Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	65
4746f25a	66	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	67	this file except in compliance with the License. You can obtain a copy
	68	in the file LICENSE in the source distribution or at
	69	L<https://www.openssl.org/source/license.html>.
	70
	71	=cut