X-Git-Url: https://git.distorted.org.uk/~mdw/catacomb/blobdiff_plain/0f00dc4c8eb47e67bc0f148c2dd109f73a451e0a..bd6d65e32b835551677456bf286d09ced6859882:/pub/dsa.h

diff --git a/pub/dsa.h b/pub/dsa.h
index 3b93d933..5079e1cd 100644
--- a/pub/dsa.h
+++ b/pub/dsa.h
@@ -43,10 +43,16 @@
 
 /*----- Header files ------------------------------------------------------*/
 
+#include <mLib/macros.h>
+
 #ifndef CATACOMB_DH_H
 #  include "dh.h"
 #endif
 
+#ifndef CATACOMB_GRAND_H
+#  include "grand.h"
+#endif
+
 #ifndef CATACOMB_KEY_H
 #  include "key.h"
 #endif
@@ -190,6 +196,24 @@ extern int dsa_checkparam(keycheck */*kc*/, const dsa_param */*dp*/,
 
 extern mp *dsa_h2n(mp */*d*/, mp */*r*/, const void */*h*/, size_t /*hsz*/);
 
+/* --- @dsa_nonce@ --- *
+ *
+ * Arguments:	@mp *d@ = destination integer
+ *		@mp *q@ = order of the DSA group
+ *		@mp *x@ = secret key
+ *		@const octet *m@ = message hash
+ *		@const gchash *ch@ = hash class
+ *		@grand *r@ = random bit source, or null
+ *
+ * Returns:	A nonce.
+ *
+ * Use:		Generates a nonce for use in DSA (or another Fiat--Shamir
+ *		signature scheme).
+ */
+
+extern mp *dsa_nonce(mp */*d*/, mp */*q*/, mp */*x*/, const octet */*m*/,
+		     const gchash */*ch*/, grand */*r*/);
+
 /* --- @dsa_mksig@ --- *
  *
  * Arguments:	@const dsa_param *dp@ = pointer to DSA parameters
@@ -201,11 +225,18 @@ extern mp *dsa_h2n(mp */*d*/, mp */*r*/, const void */*h*/, size_t /*hsz*/);
  * Returns:	---
  *
  * Use:		Computes a DSA signature of a message.
+ *
+ *		This function is deprecated.  It's really rather badly
+ *		designed, and hard to use securely (and hard to fix).  Please
+ *		use @gdsa_sign@ instead.
  */
 
-extern void dsa_mksig(const dsa_param */*dp*/, mp */*a*/,
-		      mp */*m*/, mp */*k*/,
-		      mp **/*rr*/, mp **/*ss*/);
+extern
+#ifndef CATACOMB_DSAIMPL
+  DEPRECATED("please use `gdsa_sign' instead")
+#endif
+  void dsa_mksig(const dsa_param */*dp*/, mp */*a*/, mp */*m*/, mp */*k*/,
+		 mp **/*rr*/, mp **/*ss*/);
 
 /* --- @dsa_sign@ --- *
  *
@@ -224,13 +255,20 @@ extern void dsa_mksig(const dsa_param */*dp*/, mp */*a*/,
  *
  * Use:		Signs a message, storing the results in a big-endian binary
  *		form.
+ *
+ *		This function is deprecated.  It's really rather badly
+ *		designed, and hard to use securely (and hard to fix).  Please
+ *		use @gdsa_sign@ instead.
  */
 
-extern void dsa_sign(dsa_param */*dp*/, mp */*a*/,
-		     const void */*m*/, size_t /*msz*/,
-		     const void */*k*/, size_t /*ksz*/,
-		     void */*r*/, size_t /*rsz*/,
-		     void */*s*/, size_t /*ssz*/);
+extern
+#ifndef CATACOMB_DSAIMPL
+  DEPRECATED("please use `gdsa_sign' instead")
+#endif
+  void dsa_sign(dsa_param */*dp*/, mp */*a*/,
+		const void */*m*/, size_t /*msz*/,
+		const void */*k*/, size_t /*ksz*/,
+		void */*r*/, size_t /*rsz*/, void */*s*/, size_t /*ssz*/);
 
 /* --- @dsa_vrfy@ --- *
  *