code: 9ferno

ref: 3b9c359adee736531f204ac53500edf16d7c0fb2
dir: /man/2/crypt-gensk/

View raw version
crypt: genSK, genSKfromPK, sktopk, dhparams, sign, verify \- generate keys and digital signatures
include "ipints.m";
ipints := load IPints IPints->PATH;
IPint: import ipints;

include "crypt.m";
crypt := load Crypt Crypt->PATH;

PK: adt
    pick {
    RSA =>
        n:     ref IPint;   # modulus
        ek:    ref IPint;   # exp (encryption key)
    Elgamal =>
        p:     ref IPint;   # modulus
        alpha: ref IPint;   # generator
        key:   ref IPint;   # encryption key (alpha**secret mod p)
    DSA =>
        p:     ref IPint;   # modulus
        q:     ref IPint;   # group order, q divides p-1
        alpha: ref IPint;   # group generator
        key:   ref IPint;   # encryption key (alpha**secret mod p)

SK: adt
    pick {
    RSA =>
        pk:     ref PK.RSA;
        dk:     ref IPint;   # exp (decryption key)
        p:      ref IPint;   # q in pkcs
        q:      ref IPint;   # p in pkcs
        # precomputed crt values
        kp:     ref IPint;   # k mod p-1
        kq:     ref IPint;   # k mod q-1
        c2:     ref IPint;   # for converting residues to number
    Elgamal =>
        pk:     ref PK.Elgamal;
        secret: ref IPint;   # decryption key
    DSA =>
        pk:     ref PK.DSA;
        secret: ref IPint;   # decryption key

PKsig: adt
    pick {
    RSA =>
        n:  ref IPint;
    Elgamal =>
        r:  ref IPint;
        s:  ref IPint;
    DSA =>
        r:  ref IPint;
        s:  ref IPint;

genSK:       fn(algname: string, length: int): ref SK;
genSKfromPK: fn(pk: ref PK): ref SK;
sktopk:      fn(sk: ref SK): ref PK;

sign:        fn(sk: ref SK, m: ref IPint): ref PKsig;
verify:      fn(pk: ref PK, sig: ref PKsig, m: ref IPint): int;

dhparams:    fn(nbits: int): (ref IPint, ref IPint);
.B Crypt
implements a set of public-key signature algorithms.
The public/private key pairs are represented by values of the adt
.BR SK ,
containing both the private (secret) and public parts of the pair,
.BR PK ,
containing only the public part.
The several algorithms are represented by different pick variants.
.B GenSK
generates a new public/private key pair, represented by
.BR SK .
.I Algname
is the name of the algorithm to use; in the current implementation,
.BR dsa ,
.B elgamal
.B rsa
are possible.
.I Length
gives the length of the key modulus in bits.
.B GenSK
returns nil if an unknown algorithm has been specified.
.B GenSKfromPK
generates a private key that has the system parameters as the public key
.IR pk .
It is used to generate new keys that are of the same complexity as old keys.
.B Sktopk
returns a reference to the public part of private key
.IR sk .
.B Sign
creates a digital signature of a message
.IR m ,
represented by an IPint,
using the private key
.IR sk .
.I m
represents a secure hash (eg, using
.IR crypt-sha1 (2))
of a much larger message.
.B Verify
uses public key
.I pk
to verify that the value
.I sig
is a digital signature of the message
.I m
using the private key corresponding to
.IR pk .
It returns non-zero (true) if the signature is valid; zero (false) otherwise.
Most applications use generic operations on public and private keys,
referring to
.BR SK ,
but specific variants can be named, such as
for RSA keys, allowing use of RSA-specific operations.
.IR Crypt-dsagen (2)
describes functions for key generation that are specific to various algorithms,
using algorithm-specific parameters.
.B Dhparams
creates Diffie-Hellman parameters. It returns
a tuple of IPints
.RI ( alpha , p ).
.I P
is an
.I nbits
long prime number that serves as the modulus.
.I Alpha
is a primitive root in the integer field defined by that modulus.
.IR crypt-dsagen (2),
.IR crypt-sha1 (2),
.IR security-auth (2),
.IR security-oldauth (2)