ct.c, ct.h: New constant-time operations.
[u/mdw/catacomb] / gdsa.h
CommitLineData
e9026a0a 1/* -*-c-*-
2 *
f4535c64 3 * $Id$
e9026a0a 4 *
5 * Generalized version of DSA
6 *
7 * (c) 2004 Straylight/Edgeware
8 */
9
45c0fd36 10/*----- Licensing notice --------------------------------------------------*
e9026a0a 11 *
12 * This file is part of Catacomb.
13 *
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
45c0fd36 18 *
e9026a0a 19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
45c0fd36 23 *
e9026a0a 24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
27 * MA 02111-1307, USA.
28 */
29
e9026a0a 30#ifndef CATACOMB_GDSA_H
31#define CATACOMB_GDSA_H
32
33#ifdef __cplusplus
34 extern "C" {
35#endif
36
37/*----- Header files ------------------------------------------------------*/
38
39#ifndef CATACOMB_GHASH_H
40# include "ghash.h"
41#endif
42
43#ifndef CATACOMB_GROUP_H
44# include "group.h"
45#endif
46
47/*----- Data structures ---------------------------------------------------*/
48
49/* --- GDSA context --- *
50 *
51 * You don't need to fill in all of this stuff. See the description of the
52 * function you want to use to find out what members are needed.
53 */
54
55typedef struct gdsa {
56 group *g; /* The group we work in */
57 mp *u; /* Private key, for signing */
58 ge *p; /* Public key, for verifying */
59 grand *r; /* Random number source */
60 const gchash *h; /* Hash function */
61} gdsa;
62
63/* --- GDSA signatures --- */
64
65typedef struct gdsa_sig { mp *r, *s; } gdsa_sig;
66#define GDSA_SIG_INIT { MP_NEW, MP_NEW }
67
68/*----- Functions provided ------------------------------------------------*/
69
70/* --- @gdsa_beginhash@ --- *
71 *
72 * Arguments: @const gdsa *c@ = pointer to the context structure
73 *
74 * Returns: A hashing context for you to hash the message.
75 *
76 * Use: Initializes a hash function correctly for you to hash a
77 * message. Requires @h@.
78 */
79
80extern ghash *gdsa_beginhash(const gdsa */*c*/);
81
82/* --- @gdsa_endhash@ --- *
83 *
84 * Arguments: @const gdsa *c@ = pointer to the context structure
85 * @ghash *h@ = the hashing context
86 *
87 * Returns: ---
88 *
89 * Use: Does any final thing that DSA wants to do when hashing a
45c0fd36 90 * message. (Actually, there's nothing.) The hashing context
e9026a0a 91 * isn't finalized.
92 */
93
f4535c64 94extern void gdsa_endhash(const gdsa */*c*/, ghash */*h*/);
e9026a0a 95
96/* --- @gdsa_sign@ --- *
97 *
98 * Arguments: @const gdsa *c@ = my context structure
99 * @gdsa_sig *s@ = where to put the signature (initialized)
100 * @const void *m@ = pointer to message hash
101 * @mp *k@ = random exponent for this message or null
102 *
103 * Returns: ---
104 *
105 * Use: Signs a message. Requires @g@, @u@, @h@, and @r@ if @k@ is
106 * null. This is a better idea than inventing @k@ yourself.
107 */
108
109extern void gdsa_sign(const gdsa */*c*/, gdsa_sig */*s*/,
110 const void */*m*/, mp */*k*/);
111
112/* --- @gdsa_verify@ --- *
113 *
114 * Arguments: @const gdsa *c@ = my context structure
115 * @const gdsa_sig *s@ = the signature to verify
116 * @const void *m@ = pointer to message hash
117 *
118 * Returns: Zero if OK, negative on failure.
119 *
120 * Use: Checks a signature on a message, Requires @g@, @p@, @h@.
121 */
122
123extern int gdsa_verify(const gdsa */*c*/, const gdsa_sig */*s*/,
124 const void */*m*/);
125
126/*----- That's all, folks -------------------------------------------------*/
127
128#ifdef __cplusplus
129 }
130#endif
131
132#endif