c4e_dlc_dsa.h File Reference

(Version 579)

Digital Signature Algorithm (DSA) in discrete logarithm (DL) domain. More...

#include "c4e_sha.h"
#include "c4e_dlc.h"
#include "c4e_gfp.h"
Include dependency graph for c4e_dlc_dsa.h:

Go to the source code of this file.

Defines

#define C4E_DLC_DSA_TMPID_SIGN
 Temp. space qualifier associated with c4e_dlc_dsa_sign().
#define C4E_DLC_DSA_TMPID_VERIFY
 Temp. space qualifier associated with c4e_dlc_dsa_verify().
#define C4E_DLC_DSA_TMPID_MAX
 Temp. space qualifier applicable to all DSA functions.

Typedefs

typedef void(* C4eDlcDsaK2rFunc )(void *C4E_RESTRICT ctx, C4E_CONST C4eElement *C4E_RESTRICT k, C4eElement *C4E_RESTRICT r)
 Function which computes signature component r (one-time DSA public key respective the x-coordinate of a public ECDSA key) from the associated one-time private key k.
typedef void(* C4eDlcDsaU2vFunc )(void *C4E_RESTRICT ctx, C4E_CONST void *C4E_RESTRICT y, C4E_CONST C4eElement *C4E_RESTRICT u1, C4E_CONST C4eElement *C4E_RESTRICT u2, C4eElement *C4E_RESTRICT v)
 Function which computes signature verification variable v from intermediate values $ u_1 $ and $ u_2 $.

Functions

C4eSysStatus c4e_dlc_dsa_sign (C4eDlcDomain *C4E_RESTRICT dom, C4E_CONST C4eElement *C4E_RESTRICT x, C4eHashId hid, C4E_CONST C4eArchUint8 *C4E_RESTRICT digest, C4eArchDigit tmp[C4E_RESTRICT], C4eArchUint8 *C4E_RESTRICT signature)
 DSA signature of a digest, according to IEEE Std 1363 (DLSP-DSA) and FIPS 186-4, with binary encoded signature.
C4eSysStatus c4e_dlc_dsa_verify (C4eDlcDomain *C4E_RESTRICT dom, C4E_CONST C4eElement *C4E_RESTRICT y, C4eHashId hid, C4E_CONST C4eArchUint8 *C4E_RESTRICT digest, C4E_CONST C4eArchUint8 *C4E_RESTRICT signature, C4eArchSize len, C4eArchDigit tmp[C4E_RESTRICT])
 DSA signature verification, according to IEEE Std 1363 (DLVP-DSA) and FIPS 186-4, with binary encoded signature.
C4eSysStatus c4e_dlc_dsa_unisig (void *ctx, C4E_CONST C4eElement *C4E_RESTRICT x, C4eElemOsp *C4E_RESTRICT q, C4eDlcDsaK2rFunc fn_k2r, C4eHashId hid, C4E_CONST C4eArchUint8 *C4E_RESTRICT digest, C4eArchDigit tmp[C4E_RESTRICT], C4eArchUint8 *C4E_RESTRICT signature)
 Universal [EC]DSA signing routine.
C4eSysStatus c4e_dlc_dsa_univfy (void *ctx, C4E_CONST void *C4E_RESTRICT y, C4eElemOsp *C4E_RESTRICT q, C4eDlcDsaU2vFunc fn_u2v, C4eHashId hid, C4E_CONST C4eArchUint8 *C4E_RESTRICT digest, C4E_CONST C4eArchUint8 *C4E_RESTRICT signature, C4eArchSize len, C4eArchDigit tmp[C4E_RESTRICT])
 Universal [EC]DSA verification routine.

Detailed Description

Digital Signature Algorithm (DSA) in discrete logarithm (DL) domain.

Author:
Copyright (C) 2015 Ralf Hoppe <ralf.hoppe@ieee.org>
Version:
Id
c4e_dlc_dsa.h 579 2015-05-24 18:00:40Z ralf

Definition in file c4e_dlc_dsa.h.

Function Documentation

C4eSysStatus c4e_dlc_dsa_unisig ( void *  ctx,
C4E_CONST C4eElement *C4E_RESTRICT  x,
C4eElemOsp *C4E_RESTRICT  q,
C4eDlcDsaK2rFunc  fn_k2r,
C4eHashId  hid,
C4E_CONST C4eArchUint8 *C4E_RESTRICT  digest,
C4eArchDigit  tmp[C4E_RESTRICT],
C4eArchUint8 *C4E_RESTRICT  signature 
)

Universal [EC]DSA signing routine.

This function performs a DSA signature in any domain, using the following formulas for calculating (r,s):

\begin{align*} r &= f(g, x, k) \bmod q \\ s &= k^{-1}(z + xr) \bmod q \end{align*}

with z the (partial) digest, k the (random) one-time private key, x the private key and and f a domain dependent (callback) function which computes signature component r from a private key.

Attention:
The parameter q is temporary modified - so it must be writable. After function return it holds the same values as at function entry.
Precondition:
The validity of domain parameter q must be assured by the caller, either implicit or by using a domain parameter validity test function, e.g. c4e_dlc_domchk().
The validity of the private key x must be assured by the caller, either implicit or by using a private key test function, e.g. c4e_dlc_keychk_prv() in DL domain.
The required digits space (in units of C4eArchDigit) for tmp is (whichever is greater):
The Random Number Generator (RNG) must be initialized at user side, then installed via function c4e_rng_install().
Bibliography:
Standard Specifications For Public-Key Cryptography. Std 1363-2000, IEEE, 2000.
Bibliography:
Digitale Signature Standard (DSS). FIPS Publication 186-4, National Institute of Standards and Technology, 2013.
Bibliography:
Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). ANSI X9.62, 1998.
Parameters:
[in] ctx Pointer to a context, which typically points to associated domain parameters (passed to callback function fn_k2r).
[in] x Pointer to private key x < q.
[in] q A prime divisor of group order (or group order itself) and it's length (which is also the length of one signature part).
[in] fn_k2r Function pointer (see C4eDlcDsaK2rFunc).
[in] hid Hash algorithm identifier associated with digest and it's length.
[in] digest Digest calculated by the caller using a hash function.
tmp Array of temporary space elements (see preconditions for details on size).
[out] signature Signature buffer, with implicit length of (2U * q.len) bytes. It is binary encoded according to IEEE Std 1363, annex E.3.1.
Returns:
Status
Return values:
C4E_STATUS_OK If the operation was successful.
other If the operation has failed.
See also:
C4eDlcDsaK2rFunc, C4eElement, c4e_dlc_dsa_sign(), C4E_ELEM_ASGN_MEM()
C4eSysStatus c4e_dlc_dsa_univfy ( void *  ctx,
C4E_CONST void *C4E_RESTRICT  y,
C4eElemOsp *C4E_RESTRICT  q,
C4eDlcDsaU2vFunc  fn_u2v,
C4eHashId  hid,
C4E_CONST C4eArchUint8 *C4E_RESTRICT  digest,
C4E_CONST C4eArchUint8 *C4E_RESTRICT  signature,
C4eArchSize  len,
C4eArchDigit  tmp[C4E_RESTRICT] 
)

Universal [EC]DSA verification routine.

This function performs a DSA verification in any domain, using the following formulas for verifying (r,s):

\begin{align*} u_1 &= z s^{-1} \bmod q u_2 &= r s^{-1} \bmod q v' &= f(g, y, u_1, u_2) \bmod q \\ \end{align*}

with z the (partial) digest, (r, s) the received signature components, y the public key and f a domain dependent (callback) function which computes $ v' $ from domain parameters, the public key y and from $ u_1 $ and $ u_2 $. Finally $ v' $ is compared with signature component $ r $.

Attention:
The parameter q is temporary modified - so it must be writable. After function return it holds the same values as at function entry.
Precondition:
The validity of domain parameter q must be assured by the caller, either implicit or by using a domain parameter validity test function, e.g. c4e_dlc_domchk().
The validity of the private key x must be assured by the caller, either implicit or by using a private key test function, e.g. c4e_dlc_keychk_prv() in DL domain.
The required digits space (in units of C4eArchDigit) for tmp is (whichever is greater):
Bibliography:
Standard Specifications For Public-Key Cryptography. Std 1363-2000, IEEE, 2000.
Bibliography:
Digitale Signature Standard (DSS). FIPS Publication 186-4, National Institute of Standards and Technology, 2013.
Bibliography:
Public Key Cryptography For The Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). ANSI X9.62, 1998.
Parameters:
[in] ctx Pointer to a context, which typically points to associated domain parameters (passed to callback function fn_u2v).
[in] y Pointer to [EC]DSA public key, then passed to fn_u2v.
[in] q A prime divisor of group order (or group order itself) and it's length (which is also the length of one signature part).
[in] fn_u2v Function pointer (see C4eDlcDsaU2vFunc).
[in] hid Hash algorithm identifier associated with digest and it's length.
[in] digest Digest calculated by the caller using a hash function.
[in] signature Received signature of length len. It must be binary encoded according to IEEE Std 1363, annex E.3.1.
[in] len Length of received signature, in bytes.
tmp Array of temporary space elements (see preconditions for details on size).
Returns:
Status
Return values:
C4E_STATUS_OK If the signature verification was successful.
other If the signature verification has failed.
See also:
C4eDlcDsaU2vFunc, C4eElement, c4e_dlc_dsa_verify(), C4E_ELEM_ASGN_MEM()
Generated by Ralf Hoppe, Ginsterweg 49, 73230 Kirchheim unter Teck, Germany
on Sun Jun 7 14:10:50 2015 for CRY4E using doxygen 1.6.1