@@ -378,6 +378,15 @@ psa_status_t psa_get_key_information(psa_key_handle_t handle,
378378 * psa_generate_key().
379379 *
380380 * The format for the required domain parameters varies by the key type.
381+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
382+ * the `Dss-Parms` format as defined by RFC 3279 §2.3.2.
383+ * ```
384+ * Dss-Parms ::= SEQUENCE {
385+ * p INTEGER,
386+ * q INTEGER,
387+ * g INTEGER
388+ * }
389+ * ```
381390 *
382391 * \param[in] data Buffer containing the key domain parameters. The content
383392 * of this buffer is interpreted according to \p type. of
@@ -468,19 +477,10 @@ psa_status_t psa_get_key_domain_parameters(psa_key_handle_t handle,
468477 * coefficient INTEGER, -- (inverse of q) mod p
469478 * }
470479 * ```
471- * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format
472- * is the non-encrypted DER encoding of the representation used by
473- * OpenSSL and OpenSSH, whose structure is described in ASN.1 as follows:
474- * ```
475- * DSAPrivateKey ::= SEQUENCE {
476- * version INTEGER, -- must be 0
477- * prime INTEGER, -- p
478- * subprime INTEGER, -- q
479- * generator INTEGER, -- g
480- * public INTEGER, -- y
481- * private INTEGER, -- x
482- * }
483- * ```
480+ * - For DSA private keys (#PSA_KEY_TYPE_DSA_KEYPAIR), the format is the
481+ * representation of the private key `x` as a big-endian byte string. The
482+ * length of the byte string is the private key size in bytes (leading zeroes
483+ * are not stripped).
484484 * - For elliptic curve key pairs (key types for which
485485 * #PSA_KEY_TYPE_IS_ECC_KEYPAIR is true), the format is
486486 * a representation of the private value as a `ceiling(m/8)`-byte string
@@ -559,33 +559,10 @@ psa_status_t psa_export_key(psa_key_handle_t handle,
559559 * -- where `m` is the bit size associated with the curve,
560560 * -- i.e. the bit size of `q` for a curve over `F_q`.
561561 * ```
562- *
563- * For other public key types, the format is the DER representation defined by
564- * RFC 5280 as `SubjectPublicKeyInfo`, with the `subjectPublicKey` format
565- * specified below.
566- * ```
567- * SubjectPublicKeyInfo ::= SEQUENCE {
568- * algorithm AlgorithmIdentifier,
569- * subjectPublicKey BIT STRING }
570- * AlgorithmIdentifier ::= SEQUENCE {
571- * algorithm OBJECT IDENTIFIER,
572- * parameters ANY DEFINED BY algorithm OPTIONAL }
573- * ```
574- * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY),
575- * the `subjectPublicKey` format is defined by RFC 3279 §2.3.2 as
576- * `DSAPublicKey`,
577- * with the OID `id-dsa`,
578- * and with the parameters `DSS-Parms`.
579- * ```
580- * id-dsa OBJECT IDENTIFIER ::= {
581- * iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 1 }
582- *
583- * Dss-Parms ::= SEQUENCE {
584- * p INTEGER,
585- * q INTEGER,
586- * g INTEGER }
587- * DSAPublicKey ::= INTEGER -- public key, Y
588- * ```
562+ * - For DSA public keys (#PSA_KEY_TYPE_DSA_PUBLIC_KEY), the format is the
563+ * representation of the public key `y = g^x mod p` as a big-endian byte
564+ * string. The length of the byte string is the length of the base prime `p`
565+ * in bytes.
589566 *
590567 * \param handle Handle to the key to export.
591568 * \param[out] data Buffer where the key data is to be written.
@@ -2317,6 +2294,12 @@ typedef struct {
23172294 * specifying the public exponent. The
23182295 * default public exponent used when \p extra
23192296 * is \c NULL is 65537.
2297+ * - For an DSA key (\p type is
2298+ * #PSA_KEY_TYPE_DSA_KEYPAIR), \p extra is an
2299+ * optional structure specifying the key domain
2300+ * parameters. The key domain parameters can also be
2301+ * provided by psa_set_key_domain_parameters(),
2302+ * which documents the format of the structure.
23202303 * \param extra_size Size of the buffer that \p extra
23212304 * points to, in bytes. Note that if \p extra is
23222305 * \c NULL then \p extra_size must be zero.
0 commit comments