3 * $Id: pss.h,v 1.1 2000/07/20 20:13:38 mdw Exp $
5 * Probabistic signature scheme
7 * (c) 2000 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of Catacomb.
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
30 /*----- Revision history --------------------------------------------------*
33 * Revision 1.1 2000/07/20 20:13:38 mdw
34 * Added Bellare and Rogaway's PSS encoding for RSA signatures.
38 /*----- Notes on PSS ------------------------------------------------------*
40 * Applying PSS before RSA signing renders the construction provably secure,
41 * in that the difficulty of forging a signature is directly related to the
42 * difficulty of inverting the RSA function, in the random oracle model.
43 * This is a good thing. PSS was designed by Bellare and Rogaway. This
44 * particular variant is the one specified in draft 1 of PKCS#1 version 2.1.
46 * Stanford University have a patent claim on PSS, although if (as seems
47 * likely) PSS is included in IEEE P1363, they'll grant a free world-wide
48 * licence to use the scheme for signatures with appendix (rather than
49 * signatures with message recovery).
52 #ifndef CATACOMB_PSS_H
53 #define CATACOMB_PSS_H
59 /*----- Header files ------------------------------------------------------*/
61 #include <mLib/bits.h>
62 #include <mLib/dstr.h>
64 #ifndef CATACOMB_GCIPHER_H
68 #ifndef CATACOMB_GHASH_H
72 #ifndef CATACOMB_GRAND_H
76 /*----- Data structures ---------------------------------------------------*/
79 const gccipher
*cc
; /* Cipher class for masking */
80 const gchash
*ch
; /* Hash class for choosing a seed */
81 grand
*r
; /* Random number source */
82 void *salt
; /* Pointer to the salt */
85 /*----- Functions provided ------------------------------------------------*/
87 /* --- @pss_presign@ --- *
89 * Arguments: @pss *pp@ = pointer to PSS parameter block
91 * Returns: An initialized generic hash context.
93 * Use: Initializes a hash function for signing with PSS. A salt is
94 * chosen and written into the parameter block.
97 extern ghash
*pss_presign(pss */
*pp*/
);
99 /* --- @pss_encode@ --- *
101 * Arguments: @const void *msg@ = pointer to message (hash) data
102 * @size_t msz@ = size of message data
103 * @void *buf@ = pointer to output buffer
104 * @size_t sz@ = size of the output buffer
105 * @void *p@ = pointer to PSS parameter block
107 * Returns: Zero of all went well, negative on failure.
109 * Use: Implements the operation @EMSA-PSS-ENCODE@, as defined in
110 * PKCS#1 v. 2.1 draft 1.
113 extern int pss_encode(const void */
*msg*/
, size_t /*msz*/,
114 void */
*buf*/
, size_t /*sz*/, void */
*p*/
);
116 /* --- @pss_decode@ --- *
118 * Arguments: @const void *buf@ = pointer to encoded buffer
119 * @size_t sz@ = size of the encoded byffer
120 * @dstr *d@ = pointer to destination string
121 * @void *p@ = pointer to PSS parameter block
123 * Returns: The length of the output string (hash) if successful,
124 * negative on failure.
126 * Use: Implements most of the operation @EMSA_PSS_VERIFY@, as
127 * defined in PCSK#1 v. 2.1 draft 1. The salt value is filled
128 * in ready for hashing of the data to start.
131 extern int pss_decode(const void */
*buf*/
, size_t /*sz*/,
132 dstr */
*d*/
, void */
*p*/
);
134 /* --- @pss_preverify@ --- *
136 * Arguments: @pss *pp@ = pointer to PSS parameter block
138 * Returns: An initialized generic hash context.
140 * Use: Initializes a hash function for use with PSS. A salt is
141 * read from the parameter block, where @pss_decode@ should have
145 extern ghash
*pss_presign(pss */
*pp*/
);
147 /* --- @pss_done@ --- *
149 * Arguments: @pss *pp@ = pointer to PSS parameter block
153 * Use: Disposes of a PSS parameter block once it's finished with.
156 extern void pss_done(pss */
*pp*/
);
158 /*----- That's all, folks -------------------------------------------------*/