/* -*-c-*-
*
- * $Id: dsa.h,v 1.2 1999/11/20 22:23:48 mdw Exp $
+ * $Id: dsa.h,v 1.6 2000/07/01 11:20:51 mdw Exp $
*
* Digital Signature Algorithm
*
/*----- Revision history --------------------------------------------------*
*
* $Log: dsa.h,v $
+ * Revision 1.6 2000/07/01 11:20:51 mdw
+ * New functions for freeing public and private keys.
+ *
+ * Revision 1.5 2000/06/17 10:53:42 mdw
+ * Minor changes for key fetching. Typesetting fixes.
+ *
+ * Revision 1.4 1999/12/22 15:52:44 mdw
+ * Reworking for new prime-search system.
+ *
+ * Revision 1.3 1999/12/10 23:29:48 mdw
+ * Change header file guard names.
+ *
* Revision 1.2 1999/11/20 22:23:48 mdw
* Allow event handler to abort the search process.
*
*
*/
-#ifndef DSA_H
-#define DSA_H
+#ifndef CATACOMB_DSA_H
+#define CATACOMB_DSA_H
#ifdef __cplusplus
extern "C" {
/*----- Header files ------------------------------------------------------*/
-#ifndef MP_H
-# include "mp.h"
+#ifndef CATACOMB_KEY_H
+# include "key.h"
#endif
-/*----- Event codes -------------------------------------------------------*/
-
-enum {
- DSAEV_OK, /* Everything is fine */
-
- DSAEV_FAILQ, /* @q@ failed primality test */
- DSAEV_PASSQ, /* @q@ passeed one iteration */
- DSAEV_GOODQ, /* Found good prime @q@ */
-
- DSAEV_TRYP, /* Try prospective @p@ */
- DSAEV_FAILP, /* @p@ failed primality test */
- DSAEV_PASSP, /* @p@ passed one iteration */
- DSAEV_GOODP, /* @p@ accepted as being prime */
-
- DSAEV_TRYH, /* Try prospective @h@ */
- DSAEV_FAILH, /* @h@ failed */
- DSAEV_GOODG /* @g@ accepted as a generator */
-};
+#ifndef CATACOMB_MP_H
+# include "mp.h"
+#endif
+
+#ifndef CATACOMB_PGEN_H
+# include "pgen.h"
+#endif
/*----- Data structures ---------------------------------------------------*/
mp *g; /* Generates order-%$q$% subgroup */
} dsa_param;
+typedef struct dsa_pub {
+ dsa_param dp; /* Shared parameters */
+ mp *y; /* Public key */
+} dsa_pub;
+
+typedef struct dsa_priv {
+ dsa_param dp; /* Shared parameters */
+ mp *x; /* Private key */
+ mp *y; /* %$y \equiv g^x \pmod{p}$% */
+} dsa_priv;
+
/* --- DSA signature structure --- *
*
* This is the recommended structure for a DSA signature. The actual signing
octet s[DSA_SIGLEN]; /* 160-bit @s@ value */
} dsa_sig;
+/*----- Key fetching ------------------------------------------------------*/
+
+extern const key_fetchdef dsa_paramfetch[];
+#define DSA_PARAMFETCHSZ 5
+
+extern const key_fetchdef dsa_pubfetch[];
+#define DSA_PUBFETCHSZ 6
+
+extern const key_fetchdef dsa_privfetch[];
+#define DSA_PRIVFETCHSZ 9
+
+/* --- @dsa_paramfree@, @dsa_pubfree@, @dsa_privfree@ --- *
+ *
+ * Arguments: @dsa_param *dp@, @dsa_pub *dp@, @dsa_priv *dp@ = pointer
+ * to key block to free
+ *
+ * Returns: ---
+ *
+ * Use: Frees a DSA key block.
+ */
+
+extern void dsa_paramfree(dsa_param */*dp*/);
+extern void dsa_pubfree(dsa_pub */*dp*/);
+extern void dsa_privfree(dsa_priv */*dp*/);
+
+/*----- DSA stepper -------------------------------------------------------*/
+
+typedef struct dsa_stepctx {
+
+ /* --- To be initialized by the client --- */
+
+ grand *r; /* Random number generator */
+ mp *q; /* Force @p@ to be a multiple */
+ size_t bits; /* Number of bits in the result */
+ unsigned or; /* OR mask for low order bits */
+} dsa_stepctx;
+
+/* --- @dsa_step@ --- *
+ *
+ * The stepper chooses random integers, ensures that they are a multiple of
+ * @q@ (if specified), sets the low-order bits, and then tests for
+ * divisibility by small primes.
+ */
+
+extern int dsa_step(int /*rq*/, pgen_event */*ev*/, void */*p*/);
+
/*----- Functions provided ------------------------------------------------*/
/* --- @dsa_seed@ --- *
*
* Arguments: @dsa_param *dp@ = where to store parameters
- * @unsigned l@ = bitlength of @p@ in bits
+ * @unsigned ql@ = length of @q@ in bits
+ * @unsigned pl@ = length of @p@ in bits
+ * @unsigned steps@ = number of steps to find @q@
* @const void *k@ = pointer to key material
- * @int (*proc)(int ev, mp *m, void *p)@ = event procedure
* @size_t sz@ = size of key material
+ * @pgen_proc *event@ = event handler function
+ * @void *ectx@ = argument for event handler
*
- * Returns: Zero if all went well, nonzero if key material was
- * unsuitable (one of the @DSAEV@ codes).
+ * Returns: @PGEN_DONE@ if everything worked ok; @PGEN_ABORT@ otherwise.
*
* Use: Generates the DSA shared parameters from a given seed value.
- * This can take quite a long time. The size of @p@ in bits is
- * %$l = 512 + 64l'$%. The DSA standard, FIPS 186, only allows
- * %$0 \le l' \le 8$%. This implementation has no such limit,
- * although @l@ must be a multiple of 8.
- *
- * The event procedure is informed of various happenings during
- * generation. It is passed an event code describing what
- * happened, and a multiprecision number which pertains to the
- * event code. It may abort the search at any time by returning
- * a nonzero value, which is returned as the result of the
- * function.
+ * This can take quite a long time.
+ *
+ * The algorithm used is a compatible extension of the method
+ * described in the DSA standard, FIPS 186. The standard
+ * requires that %$q$% be 160 bits in size (i.e., @ql == 160@)
+ * and that the length of %$p$% be %$L = 512 + 64l$% for some
+ * %$l$%. Neither limitation applies to this implementation.
*/
-extern int dsa_seed(dsa_param */*dp*/, unsigned /*l*/,
- const void */*k*/, size_t /*sz*/,
- int (*proc)(int /*ev*/, mp */*m*/, void */*p*/),
- void */*p*/);
+extern int dsa_seed(dsa_param */*dp*/, unsigned /*ql*/, unsigned /*pl*/,
+ unsigned /*steps*/, const void */*k*/, size_t /*sz*/,
+ pgen_proc */*event*/, void */*ectx*/);
/* --- @dsa_mksig@ --- *
*
* Arguments: @const dsa_param *dp@ = pointer to DSA parameters
- * @const mp *a@ = secret signing key
- * @const mp *m@ = message to be signed
- * @const mp *k@ = random data
+ * @mp *a@ = secret signing key
+ * @mp *m@ = message to be signed
+ * @mp *k@ = random data
* @mp **rr, **ss@ = where to put output parameters
*
* Returns: ---
* Use: Computes a DSA signature of a message.
*/
-extern void dsa_mksig(const dsa_param */*dp*/, const mp */*a*/,
- const mp */*m*/, const mp */*k*/,
+extern void dsa_mksig(const dsa_param */*dp*/, mp */*a*/,
+ mp */*m*/, mp */*k*/,
mp **/*rr*/, mp **/*ss*/);
/* --- @dsa_sign@ --- *
/* --- @dsa_vrfy@ --- *
*
* Arguments: @const dsa_param *dp@ = pointer to DSA parameters
- * @const mp *y@ = public verification key
- * @const mp *m@ = message which was signed
- * @const mp *r, *s@ = the signature
+ * @mp *y@ = public verification key
+ * @mp *m@ = message which was signed
+ * @mp *r, *s@ = the signature
*
* Returns: Zero if the signature is a forgery, nonzero if it's valid.
*
* Use: Verifies a DSA digital signature.
*/
-extern int dsa_vrfy(const dsa_param */*dp*/, const mp */*y*/,
- const mp */*m*/, const mp */*r*/, const mp */*s*/);
+extern int dsa_vrfy(const dsa_param */*dp*/, mp */*y*/,
+ mp */*m*/, mp */*r*/, mp */*s*/);
/* --- @dsa_verify@ --- *
*
* Arguments: @const dsa_param *dp@ = pointer to DSA parameters
- * @const mp *y@ = public verification key
+ * @mp *y@ = public verification key
* @const void *m@ = pointer to message block
* @size_t msz@ = size of message block
* @const void *r@ = pointer to @r@ signature half
* Use: Verifies a DSA digital signature.
*/
-extern int dsa_verify(const dsa_param */*dp*/, const mp */*y*/,
- const void */*m*/, size_t /*msz*/,
- const void */*r*/, size_t /*rsz*/,
- const void */*s*/, size_t /*ssz*/);
+extern int dsa_verify(const dsa_param */*dp*/, mp */*y*/,
+ const void */*m*/, size_t /*msz*/,
+ const void */*r*/, size_t /*rsz*/,
+ const void */*s*/, size_t /*ssz*/);
/*----- That's all, folks -------------------------------------------------*/