dsa

原文：https://pkg.go.dev/crypto/dsa@go1.23.0

Package dsa implements the Digital Signature Algorithm, as defined in FIPS 186-3.

​ dsa 包实现了数字签名算法，如 FIPS 186-3 中所定义。

The DSA operations in this package are not implemented using constant-time algorithms.

​ 此包中的 DSA 操作并非使用恒定时间算法实现。

Deprecated: DSA is a legacy algorithm, and modern alternatives such as Ed25519 (implemented by package crypto/ed25519) should be used instead. Keys with 1024-bit moduli (L1024N160 parameters) are cryptographically weak, while bigger keys are not widely supported. Note that FIPS 186-5 no longer approves DSA for signature generation.

​ 已弃用：DSA 是一种旧算法，应改用 Ed25519（由 crypto/ed25519 包实现）等现代替代算法。具有 1024 位模数（L1024N160 参数）的密钥在密码学上很弱，而更大的密钥则不受广泛支持。请注意，FIPS 186-5 不再批准 DSA 用于签名生成。

常量

This section is empty.

变量

View Source

1

var ErrInvalidPublicKey = errors.New("crypto/dsa: invalid public key")

ErrInvalidPublicKey results when a public key is not usable by this code. FIPS is quite strict about the format of DSA keys, but other code may be less so. Thus, when using keys which may have been generated by other code, this error must be handled.

​ 当此代码无法使用公钥时，将导致 ErrInvalidPublicKey 结果。FIPS 对 DSA 密钥的格式非常严格，但其他代码可能没那么严格。因此，在使用可能由其他代码生成的密钥时，必须处理此错误。

函数

func GenerateKey

1

func GenerateKey(priv *PrivateKey, rand io.Reader) error

GenerateKey generates a public&private key pair. The Parameters of the PrivateKey must already be valid (see GenerateParameters).

​ GenerateKey 生成公钥和私钥对。PrivateKey 的 Parameters 必须已经有效（请参阅 GenerateParameters）。

func GenerateParameters

1

func GenerateParameters(params *Parameters, rand io.Reader, sizes ParameterSizes) error

GenerateParameters puts a random, valid set of DSA parameters into params. This function can take many seconds, even on fast machines.

​ GenerateParameters 将一组随机有效的 DSA 参数放入 params 中。此函数可能需要很多秒，即使在快速计算机上也是如此。

func Sign

1

func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)

Sign signs an arbitrary length hash (which should be the result of hashing a larger message) using the private key, priv. It returns the signature as a pair of integers. The security of the private key depends on the entropy of rand.

​ Sign 使用私钥 priv 对任意长度的哈希（应该是对较大消息进行哈希的结果）进行签名。它将签名作为一对整数返回。私钥的安全性取决于 rand 的熵。

Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated to the byte-length of the subgroup. This function does not perform that truncation itself.

​ 请注意，FIPS 186-3 第 4.6 节规定，哈希应截断为子组的字节长度。此函数不执行该截断本身。

Be aware that calling Sign with an attacker-controlled PrivateKey may require an arbitrary amount of CPU.

​ 请注意，使用攻击者控制的 PrivateKey 调用 Sign 可能需要任意数量的 CPU。

func Verify

1

func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool

Verify verifies the signature in r, s of hash using the public key, pub. It reports whether the signature is valid.

​ Verify 使用公钥 pub 验证 r、s 中的哈希签名。它报告签名是否有效。

Note that FIPS 186-3 section 4.6 specifies that the hash should be truncated to the byte-length of the subgroup. This function does not perform that truncation itself.

​ 请注意，FIPS 186-3 第 4.6 节规定，哈希应截断为子组的字节长度。此函数不执行该截断本身。

类型

type ParameterSizes

1

type ParameterSizes int

ParameterSizes is an enumeration of the acceptable bit lengths of the primes in a set of DSA parameters. See FIPS 186-3, section 4.2.

​ ParameterSizes 是 DSA 参数集中素数可接受位长的枚举。请参阅 FIPS 186-3 第 4.2 节。

1
2
3
4
5
6

const (
	L1024N160 ParameterSizes = iota
	L2048N224
	L2048N256
	L3072N256
)

type Parameters

1
2
3

type Parameters struct {
	P, Q, G *big.Int
}

Parameters represents the domain parameters for a key. These parameters can be shared across many keys. The bit length of Q must be a multiple of 8.

​ Parameters 表示密钥的域参数。这些参数可以在许多密钥之间共享。Q 的位长必须是 8 的倍数。

type PrivateKey

1
2
3
4

type PrivateKey struct {
	PublicKey
	X *big.Int
}

PrivateKey represents a DSA private key.

​ PrivateKey 表示 DSA 私钥。

type PublicKey

1
2
3
4

type PublicKey struct {
	Parameters
	Y *big.Int
}

PublicKey represents a DSA public key.

​ PublicKey 表示 DSA 公钥。