1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
/*
* Copyright (c) 2001, 2002 Virtual Unlimited B.V.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*/
/*!\file dsa.h
* \brief Digital Signature Algorithm, as specified by NIST FIPS 186.
*
* FIPS 186 specifies the DSA algorithm as having a large prime \f$p\f$,
* a cofactor \f$q\f$ and a generator \f$g\f$ of a subgroup of
* \f$\mathds{Z}^{*}_p\f$ with order \f$q\f$. The private and public key
* values are \f$x\f$ and \f$y\f$ respectively.
*
* \author Bob Deblier <bob.deblier@pandora.be>
* \ingroup DL_dsa_m
*/
#ifndef _DSA_H
#define _DSA_H
#include "mpbarrett.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* The raw DSA signing function.
*
* Signing equations:
*
* \li \f$r=(g^{k}\ \textrm{mod}\ p)\ \textrm{mod}\ q\f$
* \li \f$s=k^{-1}(h(m)+xr)\ \textrm{mod}\ q\f$
*
* @param p The prime.
* @param q The cofactor.
* @param g The generator.
* @param rgc The pseudo-random generator context.
* @param hm The hash to be signed.
* @param x The private key value.
* @param r The signature's \e r value.
* @param s The signature's \e r value.
* @retval 0 on success, -1 on failure.
*/
BEECRYPTAPI /*@unused@*/
int dsasign(const mpbarrett* p, const mpbarrett* q, const mpnumber* g, randomGeneratorContext* rgc, const mpnumber* hm, const mpnumber* x, mpnumber* r, mpnumber* s)
/*@modifies r->size, r->data, *r->data, s->size, s->data @*/;
/**
* The raw DSA verification function.
*
* Verifying equations:
* \li Check \f$0<r<q\f$ and \f$0<s<q\f$
* \li \f$w=s^{-1}\ \textrm{mod}\ q\f$
* \li \f$u_1=w \cdot h(m)\ \textrm{mod}\ q\f$
* \li \f$u_2=rw\ \textrm{mod}\ q\f$
* \li \f$v=(g^{u_1}y^{u_2}\ \textrm{mod}\ p)\ \textrm{mod}\ q\f$
* \li Check \f$v=r\f$
*
* @warning The return type of this function should be a boolean, but since
* that type isn't portable, an int is used.
*
* @param p The prime.
* @param q The cofactor.
* @param g The generator.
* @param hm The digest to be verified.
* @param y The public key value.
* @param r The signature's r value.
* @param s The signature's r value.
* @retval 0 on failure, 1 on success.
*/
BEECRYPTAPI /*@unused@*/
int dsavrfy(const mpbarrett* p, const mpbarrett* q, const mpnumber* g, const mpnumber* hm, const mpnumber* y, const mpnumber* r, const mpnumber* s)
/*@*/;
#ifdef __cplusplus
}
#endif
#endif
|
