DSA signature and verification
DSA is analogous to ECDSA, except that computations are done in a finite field. Like ECDSA, the resulting signature is made up of two values, r and s. The Crypto Interface APIs do not perform any message digesting. The application is required to handle any steps before the DSA signing step.
To sign, call:
CRYPTO_INTERFACE_DSA_computeSignatureAux(g_pRandomContext, pPrivKey, pDigest, digestLen, NULL, &pR, &rLen, &pS, &sLen, NULL);
Buffers are allocated to hold r and s in a big-endian byte array form, and pR
and pS
are set to their locations. In the middle, pass NULL
so that verification is not performed immediately after signing, and the final NULL
is for the vlong
queue. To verify, call:
CRYPTO_INTERFACE_DSA_verifySignatureAux(pPubKey, pDigest, digestLen, pR, rLen, pS, sLen, &isValid, NULL);
Here, isValid
will be set to TRUE
if it is a valid signature, and FALSE
otherwise.
Important
Be sure to check that both the return status is OK
and isValid
is equal to TRUE
before accepting that the signature is valid.