@@ -378,6 +378,15 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle,
378378 * psa_generate_key().
379379 *
380380 * The format for the required domain parameters varies by the key type.
381+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
382+ * the `Dss-Parms` format as defined by RFC 3279 §2.3.2.
383+ * ```
384+ * Dss-Parms ::= SEQUENCE {
385+ * p INTEGER,
386+ * q INTEGER,
387+ * g INTEGER
388+ * }
389+ * ```
381390 *
382391 * \param handle Handle to the key to set domain parameters for.
383392 * \param[in] data Buffer containing the key domain parameters. The content
@@ -470,19 +479,10 @@ psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle,
470479 * coefficient INTEGER, -- (inverse of q) mod p
471480 * }
472481 * ```
473- * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
474- * is the non-encrypted DER encoding of the representation used by
475- * OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows:
476- * ```
477- * DSAPrivateKey ::= SEQUENCE {
478- * version INTEGER, -- must be 0
479- * prime INTEGER, -- p
480- * subprime INTEGER, -- q
481- * generator INTEGER, -- g
482- * public INTEGER, -- y
483- * private INTEGER, -- x
484- * }
485- * ```
482+ * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format is the
483+ * representation of the private key `x` as a big-endian byte string. The
484+ * length of the byte string is the private key size in bytes (leading zeroes
485+ * are not stripped).
486486 * - For elliptic curve key pairs (key types for which
487487 * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
488488 * a representation of the private value as a `ceiling(m/8)`-byte string
@@ -561,33 +561,10 @@ psa_status_t psa_export_key(psa_key_handle_t handle,
561561 * -- where `m` is the bit size associated with the curve,
562562 * -- i.e. the bit size of `q` for a curve over `F_q`.
563563 * ```
564- *
565- * For other public key types, the format is the DER representation defined by
566- * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format
567- * specified below.
568- * ```
569- * SubjectPublicKeyInfo ::= SEQUENCE {
570- * algorithm AlgorithmIdentifier,
571- * subjectPublicKey BIT STRING }
572- * AlgorithmIdentifier ::= SEQUENCE {
573- * algorithm OBJECT IDENTIFIER,
574- * parameters ANY DEFINED BY algorithm OPTIONAL }
575- * ```
576- * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
577- * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as
578- * `DSAPublicKey`,
579- * with the OID `id-dsa`,
580- * and with the parameters `DSS-Parms`.
581- * ```
582- * id-dsa OBJECT IDENTIFIER ::= {
583- * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
584- *
585- * Dss-Parms ::= SEQUENCE {
586- * p INTEGER,
587- * q INTEGER,
588- * g INTEGER }
589- * DSAPublicKey ::= INTEGER -- public key, Y
590- * ```
564+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), the format is the
565+ * representation of the public key `y = g^x mod p` as a big-endian byte
566+ * string. The length of the byte string is the length of the base prime `p`
567+ * in bytes.
591568 *
592569 * \param handle Handle to the key to export.
593570 * \param[out] data Buffer where the key data is to be written.
@@ -2319,6 +2296,12 @@ typedef struct {
23192296 * specifying the public exponent. The
23202297 * default public exponent used when \p extra
23212298 * is \c NULL is 65537.
2299+ * - For an DSA key (\p type is
2300+ * #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an
2301+ * optional structure specifying the key domain
2302+ * parameters. The key domain parameters can also be
2303+ * provided by psa_set_key_domain_parameters(),
2304+ * which documents the format of the structure.
23222305 * \param extra_size Size of the buffer that \p extra
23232306 * points to, in bytes. Note that if \p extra is
23242307 * \c NULL then \p extra_size must be zero.
0 commit comments