Skip to main content

DSA signature and verification

DSA is analogous to ECDSA, except that computations are done in a finite field. Like ECDSA, the resulting signature is made up of two values, r and s. The Crypto Interface APIs do not perform any message digesting. The application is required to handle any steps before the DSA signing step.

To sign, call:

CRYPTO_INTERFACE_DSA_computeSignatureAux(g_pRandomContext, pPrivKey, pDigest, digestLen, NULL, &pR, &rLen, &pS, &sLen, NULL);

Buffers are allocated to hold r and s in a big-endian byte array form, and pR and pS are set to their locations. In the middle, pass NULL so that verification is not performed immediately after signing, and the final NULL is for the vlong queue. To verify, call:

CRYPTO_INTERFACE_DSA_verifySignatureAux(pPubKey, pDigest, digestLen, pR, rLen, pS, sLen, &isValid, NULL);

Here, isValid will be set to TRUE if it is a valid signature, and FALSE otherwise.

Important

Be sure to check that both the return status is OK and isValid is equal to TRUE before accepting that the signature is valid.

In this section: