# Package dsa

Package dsa implements the Digital Signature Algorithm, as defined in FIPS 186-3.

The DSA operations in this package are not implemented using constant-time algorithms.

- Variables
- func GenerateKey(priv *PrivateKey, rand io.Reader) error
- func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) error
- func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
- func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool
- type ParameterSizes
- type Parameters
- type PrivateKey
- type PublicKey

#### Package files

dsa.go

In the call graph viewer below, each node
is a function belonging to this package
and its children are the functions it
calls—perhaps dynamically.

The root nodes are the entry points of the
package: functions that may be called from
outside the package.
There may be non-exported or anonymous
functions among them if they are called
dynamically from another package.

Click a node to visit that function's source code.
From there you can visit its callers by
clicking its declaring `func`

token.

Functions may be omitted if they were
determined to be unreachable in the
particular programs or tests that were
analyzed.

## Variables

ErrInvalidPublicKey results when a public key is not usable by this code.
FIPS is quite strict about the format of DSA keys, but other code may be
less so. Thus, when using keys which may have been generated by other code,
this error must be handled.

var ErrInvalidPublicKey = errors.New("crypto/dsa: invalid public key")

func GenerateKey(priv *PrivateKey, rand io.Reader) error

GenerateKey generates a public&private key pair. The Parameters of the
PrivateKey must already be valid (see GenerateParameters).

func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) error

GenerateParameters puts a random, valid set of DSA parameters into params.
This function can take many seconds, even on fast machines.

func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

Sign signs an arbitrary length hash (which should be the result of hashing a
larger message) using the private key, priv. It returns the signature as a
pair of integers. The security of the private key depends on the entropy of
rand.

Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated
to the byte-length of the subgroup. This function does not perform that
truncation itself.

Be aware that calling Sign with an attacker-controlled PrivateKey may
require an arbitrary amount of CPU.

func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool

Verify verifies the signature in r, s of hash using the public key, pub. It
reports whether the signature is valid.

Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated
to the byte-length of the subgroup. This function does not perform that
truncation itself.

ParameterSizes is a enumeration of the acceptable bit lengths of the primes
in a set of DSA parameters. See FIPS 186-3, section 4.2.

type ParameterSizes int

const (
L1024N160 ParameterSizes = iota
L2048N224
L2048N256
L3072N256
)

Parameters represents the domain parameters for a key. These parameters can
be shared across many keys. The bit length of Q must be a multiple of 8.

type Parameters struct {
P, Q, G *big.Int
}

PrivateKey represents a DSA private key.

type PrivateKey struct {
PublicKey
X *big.Int
}

PublicKey represents a DSA public key.

type PublicKey struct {
Parameters
Y *big.Int
}