[storin] / dsarand.h

/* -*-c-*-
 *
 * $Id: dsarand.h,v 1.1 2000/05/21 11:28:30 mdw Exp $
 *
 * Random number generator for DSA
 *
 * (c) 1999 Straylight/Edgeware
 * (c) 2000 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * Copyright (c) 2000 Mark Wooding
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * 
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 
 * 2, Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 
 * 3. The name of the authors may not be used to endorse or promote
 *    products derived from this software without specific prior written
 *    permission.
 * 
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN
 * NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 * 
 * Instead of accepting the above terms, you may redistribute and/or modify
 * this software under the terms of either the GNU General Public License,
 * or the GNU Library General Public License, published by the Free
 * Software Foundation; either version 2 of the License, or (at your
 * option) any later version.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: dsarand.h,v $
 * Revision 1.1  2000/05/21 11:28:30  mdw
 * Initial check-in.
 *
 * --- Past lives (Catacomb) --- *
 *
 * Revision 1.1  1999/12/22 15:53:12  mdw
 * Random number generator for finding DSA parameters.
 *
 */

#ifndef DSARAND_H
#define DSARAND_H

#ifdef __cplusplus
  extern "C" {
#endif

/*----- Header files ------------------------------------------------------*/

#ifndef BITS_H
#  include "bits.h"
#endif

#ifndef SHA_H
#  include "sha.h"
#endif

/*----- Data structures ---------------------------------------------------*/

typedef struct dsarand {
  octet *p;				/* Pointer to seed (modified) */
  size_t sz;				/* Size of the seed buffer */
  unsigned passes;			/* Number of passes to make */
} dsarand;

/*----- Functions provided ------------------------------------------------*/

/* --- @dsarand_init@ --- *
 *
 * Arguments:	@dsarand *d@ = pointer to context
 *		@const void *p@ = pointer to seed buffer
 *		@size_t sz@ = size of the buffer
 *
 * Returns:	---
 *
 * Use:		Initializes a DSA random number generator.
 */

extern void dsarand_init(dsarand */*d*/, const void */*p*/, size_t /*sz*/);

/* --- @dsarand_reseed@ --- *
 *
 * Arguments:	@dsarand *d@ = pointer to context
 *		@const void *p@ = pointer to seed buffer
 *		@size_t sz@ = size of the buffer
 *
 * Returns:	---
 *
 * Use:		Initializes a DSA random number generator.
 */

extern void dsarand_reseed(dsarand */*d*/, const void */*p*/, size_t /*sz*/);

/* --- @dsarand_destroy@ --- *
 *
 * Arguments:	@dsarand *d@ = pointer to context
 *
 * Returns:	---
 *
 * Use:		Disposes of a DSA random number generation context.
 */

extern void dsarand_destroy(dsarand */*d*/);

/* --- @dsarand_fill@ --- *
 *
 * Arguments:	@dsarand *d@ = pointer to context
 *		@void *p@ = pointer to output buffer
 *		@size_t sz@ = size of output buffer
 *
 * Returns:	---
 *
 * Use:		Fills an output buffer with pseudorandom data.
 *
 *		Let %$p$% be the numerical value of the input buffer, and let
 *		%$b$% be the number of bytes required.  Let
 *		%$z = \lceil b / 20 \rceil$% be the number of SHA outputs
 *		required.  Then the output of pass %$n$% is
 *
 *		  %$P_n = \sum_{0 \le i < z} 2^{160i} SHA(p + nz + i)$%
 *							%${} \bmod 2^{8b}$%
 *
 *		and the actual result in the output buffer is the XOR of all
 *		of the output passes.
 *
 *		The DSA procedure for choosing @q@ involves two passes with
 *		%$z = 1$%; the procedure for choosing @p@ involves one pass
 *		with larger %$z$%.  This generalization of the DSA generation
 *		procedure is my own invention but it seems relatively sound.
 */

extern void dsarand_fill(dsarand */*d*/, void */*p*/, size_t /*sz*/);

/*----- That's all, folks -------------------------------------------------*/

#ifdef __cplusplus
  }
#endif

#endif
Commit	Line	Data
e6e0e332 MW	1	/* --c--
	2	*
	3	* $Id: dsarand.h,v 1.1 2000/05/21 11:28:30 mdw Exp $
	4	*
	5	* Random number generator for DSA
	6	*
	7	* (c) 1999 Straylight/Edgeware
	8	* (c) 2000 Mark Wooding
	9	*/
	10
	11	/----- Licensing notice --------------------------------------------------
	12	*
	13	* Copyright (c) 2000 Mark Wooding
	14	* All rights reserved.
	15	*
	16	* Redistribution and use in source and binary forms, with or without
	17	* modification, are permitted provided that the following conditions are
	18	* met:
	19	*
	20	* 1. Redistributions of source code must retain the above copyright
	21	* notice, this list of conditions and the following disclaimer.
	22	*
	23	* 2, Redistributions in binary form must reproduce the above copyright
	24	* notice, this list of conditions and the following disclaimer in the
	25	* documentation and/or other materials provided with the distribution.
	26	*
	27	* 3. The name of the authors may not be used to endorse or promote
	28	* products derived from this software without specific prior written
	29	* permission.
	30	*
	31	* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
	32	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
	33	* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
	34	* NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	35	* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	36	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
	37	* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	38	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	39	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
	40	* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	41	* POSSIBILITY OF SUCH DAMAGE.
	42	*
	43	* Instead of accepting the above terms, you may redistribute and/or modify
	44	* this software under the terms of either the GNU General Public License,
	45	* or the GNU Library General Public License, published by the Free
	46	* Software Foundation; either version 2 of the License, or (at your
	47	* option) any later version.
	48	*/
	49
	50	/----- Revision history --------------------------------------------------
	51	*
	52	* $Log: dsarand.h,v $
	53	* Revision 1.1 2000/05/21 11:28:30 mdw
	54	* Initial check-in.
	55	*
	56	* --- Past lives (Catacomb) --- *
	57	*
	58	* Revision 1.1 1999/12/22 15:53:12 mdw
	59	* Random number generator for finding DSA parameters.
	60	*
	61	*/
	62
	63	#ifndef DSARAND_H
	64	#define DSARAND_H
65
66	#ifdef __cplusplus
67	extern "C" {
68	#endif
69
70	/----- Header files ------------------------------------------------------/
71
72	#ifndef BITS_H
73	# include "bits.h"
74	#endif
75
76	#ifndef SHA_H
77	# include "sha.h"
78	#endif
79
80	/----- Data structures ---------------------------------------------------/
81
82	typedef struct dsarand {
83	octet p; / Pointer to seed (modified) */
84	size_t sz; /* Size of the seed buffer */
85	unsigned passes; /* Number of passes to make */
86	} dsarand;
87
88	/----- Functions provided ------------------------------------------------/
89
90	/* --- @dsarand_init@ --- *
91	*
92	* Arguments: @dsarand *d@ = pointer to context
93	* @const void *p@ = pointer to seed buffer
94	* @size_t sz@ = size of the buffer
95	*
96	* Returns: ---
97	*
98	* Use: Initializes a DSA random number generator.
99	*/
100
101	extern void dsarand_init(dsarand /d/, const void /p/, size_t /sz/);
102
103	/* --- @dsarand_reseed@ --- *
104	*
105	* Arguments: @dsarand *d@ = pointer to context
106	* @const void *p@ = pointer to seed buffer
107	* @size_t sz@ = size of the buffer
108	*
109	* Returns: ---
110	*
111	* Use: Initializes a DSA random number generator.
112	*/
113
114	extern void dsarand_reseed(dsarand /d/, const void /p/, size_t /sz/);
115
116	/* --- @dsarand_destroy@ --- *
117	*
118	* Arguments: @dsarand *d@ = pointer to context
119	*
120	* Returns: ---
121	*
122	* Use: Disposes of a DSA random number generation context.
123	*/
124
125	extern void dsarand_destroy(dsarand /d*/);
126
127	/* --- @dsarand_fill@ --- *
128	*
129	* Arguments: @dsarand *d@ = pointer to context
130	* @void *p@ = pointer to output buffer
131	* @size_t sz@ = size of output buffer
132	*
133	* Returns: ---
134	*
135	* Use: Fills an output buffer with pseudorandom data.
136	*
137	* Let %$p$% be the numerical value of the input buffer, and let
138	* %$b$% be the number of bytes required. Let
139	* %$z = \lceil b / 20 \rceil$% be the number of SHA outputs
140	* required. Then the output of pass %$n$% is
141	*
142	* %$P_n = \sum_{0 \le i < z} 2^{160i} SHA(p + nz + i)$%
143	* %${} \bmod 2^{8b}$%
144	*
145	* and the actual result in the output buffer is the XOR of all
146	* of the output passes.
147	*
148	* The DSA procedure for choosing @q@ involves two passes with
149	* %$z = 1$%; the procedure for choosing @p@ involves one pass
150	* with larger %$z$%. This generalization of the DSA generation
151	* procedure is my own invention but it seems relatively sound.
152	*/
153
154	extern void dsarand_fill(dsarand /d/, void /p/, size_t /sz/);
155
156	/----- That's all, folks -------------------------------------------------/
157
158	#ifdef __cplusplus
159	}
160	#endif
161
162	#endif