Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
/* dsa.h
*
* The DSA publickey algorithm.
*/
/* nettle, low-level cryptographics library
*
* Copyright (C) 2002 Niels Mller
*
* The nettle library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or (at your
* option) any later version.
*
* The nettle library is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
* License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with the nettle library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
* MA 02111-1307, USA.
*/
#ifndef NETTLE_DSA_H_INCLUDED
#define NETTLE_DSA_H_INCLUDED
#include <inttypes.h>
#include <gmp.h>
#include "sha.h"
/* For nettle_random_func */
#include "nettle-meta.h"
struct dsa_public_key
{
/* Modulo */
mpz_t p;
/* Group order */
mpz_t q;
/* Generator */
mpz_t g;
/* Public value */
mpz_t y;
};
struct dsa_private_key
{
/* Unlike an rsa public key, all the public information is needed,
* in addition to the private information. */
struct dsa_public_key pub;
mpz_t x;
};
struct dsa_signature
{
mpz_t r;
mpz_t s;
};
/* Signing a message works as follows:
*
* Store the private key in a dsa_private_key struct.
*
* Initialize a hashing context, by callling
* sha1_init
*
* Hash the message by calling
* sha1_update
*
* Create the signature by calling
* dsa_sign
*
* The signature is represented as two mpz_t bignums. This call also
* resets the hashing context.
*
* When done with the key and signature, don't forget to call
* mpz_clear.
*/
/* Calls mpz_init to initialize bignum storage. */
void
dsa_public_key_init(struct dsa_public_key *key);
/* Calls mpz_clear to deallocate bignum storage. */
void
dsa_public_key_clear(struct dsa_public_key *key);
/* Calls mpz_init to initialize bignum storage. */
void
dsa_private_key_init(struct dsa_private_key *key);
/* Calls mpz_clear to deallocate bignum storage. */
void
dsa_private_key_clear(struct dsa_private_key *key);
/* Calls mpz_init to initialize bignum storage. */
void
dsa_signature_init(struct dsa_signature *signature);
/* Calls mpz_clear to deallocate bignum storage. */
void
dsa_signature_clear(struct dsa_signature *signature);
void
_dsa_hash(mpz_t x, struct sha1_ctx *hash);
void
dsa_sign(struct dsa_private_key *key,
void *random_ctx, nettle_random_func random,
struct sha1_ctx *hash,
struct dsa_signature *signature);
int
dsa_verify(struct dsa_public_key *key,
struct sha1_ctx *hash,
const struct dsa_signature *signature);
/* Key generation */
#if 0
/* Note that the key structs must be initialized first. */
int
dsa_generate_keypair(struct dsa_public_key *pub,
struct dsa_private_key *key,
void *random_ctx, nettle_random_func random,
void *progress_ctx, nettle_progress_func progress,
/* Desired size of modulo, in bits */
unsigned n_size,
/* Desired size of public exponent, in bits. If
* zero, the passed in value pub->e is used. */
unsigned e_size);
#define DSA_SIGN(key, algorithm, ctx, length, data, signature) ( \
algorithm##_update(ctx, length, data), \
dsa_##algorithm##_sign(key, ctx, signature) \
)
#define DSA_VERIFY(key, algorithm, ctx, length, data, signature) ( \
algorithm##_update(ctx, length, data), \
dsa_##algorithm##_verify(key, ctx, signature) \
)
#endif
#endif /* NETTLE_DSA_H_INCLUDED */