Public Key Cryptography with DSA

As its name implies, the Digital Signature Algorithm (DSA) is used for creating and verifying digital signatures. It provides authentication, but cannot be used for encryption or secrecy. DSA is frequently used in combination with Diffie-Hellman. Two parties in a conversation can exchange DSA public keys before the conversation begins (or during the conversation using certificates) and use the DSA keys to authenticate the communication of Diffie-Hellman parameters and keys. Combining Diffie-Hellman with DSA provides authentication and secrecy, and by using the shared secret resulting from the Diffie-Hellman exchange as a key, asymmetric cipher can then be used for encryption.

Just like Diffie-Hellman, DSA also requires parameters from which keys are generated. There is no harm in making the parameters used to generate a key pair public, but there's equally no compelling reason to do so. Only the private key that is generated must be kept private, as is implied by its name. The public key is the only thing that really needs to be shared with any party that wishes to verify the authenticity of anything signed with a private key.

Three commands are provided by the command-line tool for generating DSA parameters and keys, as well as for examining and manipulating them. The dsaparam command is used to generate and examine DSA parameters. Its function and options are not unlike those of the dhparam command. One major difference between the two is that the dsaparam command also provides an option to generate a private DSA key. The private key resulting from the dsaparam command will be unencrypted, which means that neither a password nor a passphrase will be required to decrypt and make use of it.

The gendsa command is used for generating private keys from a set of DSA parameters. By
default, the generated private key will not be encrypted, but options are available that allow the key to be encrypted using any one of the DES, 3DES, or IDEA ciphers. No options are provided for specifying the password or passphrase to use for encryption on the command line, so encrypted DSA private key generation cannot be easily automated.

Both the dsaparam and gendsa commands are capable of generating private keys, either
encrypted or not, but neither of them has the capability for generating a public key, which is required in order for DSA to provide any utility. The dsa command provides the means by which a public key can be generated from a private key. It also allows changes to be made to the encryption on a private key. For private keys that are not encrypted, encryption can be added, and for private keys that are already encrypted, the password or passphrase can be changed, as well as
the encryption cipher that's used to encrypt it. It's also possible to remove the encryption on a private key with this command.

Examples

The following examples illustrate the use of the DSA commands:

[root@host]# openssl dsaparam -out dsaparam.pem 1024 

Generates a new set of DSA parameters and writes them to the file dsaparam.pem. The
length of the prime and generator parameters will be 1,024 bits.

[root@host]# openssl gendsa -out dsaprivatekey.pem -des3 dsaparam.pem 

Generates a new DSA private key using the parameters from the file dsaparam.pem,
encrypts the newly generated private key with the 3DES cipher, and writes the result out to the file dsaprivatekey.pem.

[root@host]# openssl dsa -in dsaprivatekey.pem -pubout -out dsapublickey.pem 

Computes the public key that corresponds to the private key contained in the file
dsaprivatekey.pem and writes the public key out to the file dsapublickey.pem.

[root@host]# openssl dsa -in dsaprivatekey.pem -out dsaprivatekey.pem -des3 -passin pass:oldpword -passout pass:newpword

Reads a private key from the file dsaprivatekey.pem, decrypts it using the password
"oldpword", re-encrypts it using the password "newpword", and writes the newly
encrypted private key back out to the file dsaprivatekey.pem.