# Module type `Mirage_crypto_ec.Dsa`

Digital signature algorithm.

### Serialisation

`val priv_of_cstruct : Cstruct.t -> (priv, error) Stdlib.result`

`priv_of_cstruct cs`

decodes a private key from the buffer`cs`

. If the provided data is invalid, an error is returned.

`val priv_to_cstruct : priv -> Cstruct.t`

`priv_to_cstruct p`

encode the private key`p`

to a buffer.

`val pub_of_cstruct : Cstruct.t -> (pub, error) Stdlib.result`

`pub_of_cstruct cs`

decodes a public key from the buffer`cs`

. If the provided data is invalid, an error is returned.

`val pub_to_cstruct : pub -> Cstruct.t`

`pub_to_cstruct p`

encodes the public key`p`

into a buffer.

### Deriving the public key

### Key generation

`val generate : ?g:Mirage_crypto_rng.g -> unit -> priv * pub`

`generate ~g ()`

generates a key pair.

### Cryptographic operations

`val sign : key:priv -> ?k:Cstruct.t -> Cstruct.t -> Cstruct.t * Cstruct.t`

`sign ~key ~k digest`

signs the message`digest`

using the private`key`

. The`digest`

is not processed further - it should be the hash of the message to sign. If`k`

is not provided, it is computed using the deterministic construction from RFC 6979. The result is a pair of`r`

and`s`

.- raises Invalid_argument
if

`k`

is not suitable or not in range.

- raises Message_too_long
if the bit size of

`msg`

exceeds the curve.

`val verify : key:pub -> (Cstruct.t * Cstruct.t) -> Cstruct.t -> bool`

`verify ~key (r, s) digest`

verifies the signature`r, s`

on the message`digest`

with the public`key`

. The return value is`true`

if verification was successful,`false`

otherwise. If the message has more bits than the group order, the result is false.

`module K_gen : functor (H : Mirage_crypto.Hash.S) -> sig ... end`

`K_gen`

can be instantiated over a hashing module to obtain an RFC6979 compliant`k`

-generator for that hash.