chiark / gitweb /
CommitLineData
e6e0e332
MW
1/* -*-c-*-
2 *
3 * $Id: dsarand.h,v 1.1 2000/05/21 11:28:30 mdw Exp$
4 *
5 * Random number generator for DSA
6 *
7 * (c) 1999 Straylight/Edgeware
8 * (c) 2000 Mark Wooding
9 */
10
11/*----- Licensing notice --------------------------------------------------*
12 *
13 * Copyright (c) 2000 Mark Wooding
15 *
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions are
18 * met:
19 *
20 * 1. Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
22 *
23 * 2, Redistributions in binary form must reproduce the above copyright
24 * notice, this list of conditions and the following disclaimer in the
25 * documentation and/or other materials provided with the distribution.
26 *
27 * 3. The name of the authors may not be used to endorse or promote
28 * products derived from this software without specific prior written
29 * permission.
30 *
31 * THIS SOFTWARE IS PROVIDED AS IS'' AND ANY EXPRESS OR IMPLIED
32 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
33 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
34 * NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
40 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
41 * POSSIBILITY OF SUCH DAMAGE.
42 *
43 * Instead of accepting the above terms, you may redistribute and/or modify
44 * this software under the terms of either the GNU General Public License,
46 * Software Foundation; either version 2 of the License, or (at your
47 * option) any later version.
48 */
49
50/*----- Revision history --------------------------------------------------*
51 *
52 * $Log: dsarand.h,v$
53 * Revision 1.1 2000/05/21 11:28:30 mdw
54 * Initial check-in.
55 *
56 * --- Past lives (Catacomb) --- *
57 *
58 * Revision 1.1 1999/12/22 15:53:12 mdw
59 * Random number generator for finding DSA parameters.
60 *
61 */
62
63#ifndef DSARAND_H
64#define DSARAND_H
65
66#ifdef __cplusplus
67 extern "C" {
68#endif
69
71
72#ifndef BITS_H
73# include "bits.h"
74#endif
75
76#ifndef SHA_H
77# include "sha.h"
78#endif
79
80/*----- Data structures ---------------------------------------------------*/
81
82typedef struct dsarand {
83 octet *p; /* Pointer to seed (modified) */
84 size_t sz; /* Size of the seed buffer */
85 unsigned passes; /* Number of passes to make */
86} dsarand;
87
88/*----- Functions provided ------------------------------------------------*/
89
90/* --- @dsarand_init@ --- *
91 *
92 * Arguments: @dsarand *d@ = pointer to context
93 * @const void *p@ = pointer to seed buffer
94 * @size_t sz@ = size of the buffer
95 *
96 * Returns: ---
97 *
98 * Use: Initializes a DSA random number generator.
99 */
100
101extern void dsarand_init(dsarand */*d*/, const void */*p*/, size_t /*sz*/);
102
103/* --- @dsarand_reseed@ --- *
104 *
105 * Arguments: @dsarand *d@ = pointer to context
106 * @const void *p@ = pointer to seed buffer
107 * @size_t sz@ = size of the buffer
108 *
109 * Returns: ---
110 *
111 * Use: Initializes a DSA random number generator.
112 */
113
114extern void dsarand_reseed(dsarand */*d*/, const void */*p*/, size_t /*sz*/);
115
116/* --- @dsarand_destroy@ --- *
117 *
118 * Arguments: @dsarand *d@ = pointer to context
119 *
120 * Returns: ---
121 *
122 * Use: Disposes of a DSA random number generation context.
123 */
124
125extern void dsarand_destroy(dsarand */*d*/);
126
127/* --- @dsarand_fill@ --- *
128 *
129 * Arguments: @dsarand *d@ = pointer to context
130 * @void *p@ = pointer to output buffer
131 * @size_t sz@ = size of output buffer
132 *
133 * Returns: ---
134 *
135 * Use: Fills an output buffer with pseudorandom data.
136 *
137 * Let %$p$% be the numerical value of the input buffer, and let
138 * %$b$% be the number of bytes required. Let
139 * %$z = \lceil b / 20 \rceil$% be the number of SHA outputs
140 * required. Then the output of pass %$n$% is
141 *
142 * %$P_n = \sum_{0 \le i < z} 2^{160i} SHA(p + nz + i)$%
143 * %${} \bmod 2^{8b}$%
144 *
145 * and the actual result in the output buffer is the XOR of all
146 * of the output passes.
147 *
148 * The DSA procedure for choosing @q@ involves two passes with
149 * %$z = 1$%; the procedure for choosing @p@ involves one pass
150 * with larger %$z$%. This generalization of the DSA generation
151 * procedure is my own invention but it seems relatively sound.
152 */
153
154extern void dsarand_fill(dsarand */*d*/, void */*p*/, size_t /*sz*/);
155
156/*----- That's all, folks -------------------------------------------------*/
157
158#ifdef __cplusplus
159 }
160#endif
161
162#endif