crm_pk_dreq crm_async_dsa_sign_go

C

struct crm_pk_dreq crm_async_dsa_sign_go(struct crm_pk_cnx *cnx, const crm_op *p, const crm_op *q, const crm_op *g, const crm_op *k, const crm_op *privkey, const crm_op *h)

Description

Asynchronous (non-blocking) DSA signature generation Start an DSA signature generation on the accelerator and return immediately. When the operation finishes on the accelerator, call crm_async_finish_pair()

Parameters

ParamDescription
cnxConnection structure obtained through CRM_PK_OPEN() at startup
pPrime modulus p
qPrime divisor of p-1
gGenerator of order q mod p
kRandom value
privkeyPrivate key
hHash digest of message reduced by means of Secure Hash Algorithm specified in FIPS 180-3

SEE crm_dsa_sign() for a synchronous version

Returns

Acquired acceleration request for this operation

crm_dsa_sign

C

int crm_dsa_sign(struct crm_pk_cnx *cnx,
   const crm_op *p, const crm_op *q, const crm_op *g, const crm_op *k,
   const crm_op *privkey, const crm_op *h, crm_op *r, crm_op *s)

Description

DSA signature generation

Computes the following: 1. X = g k mod p 2. r = X mod q 3. if r == 0 the return ::CRM_ERR_INVALID_SIGNATURE 4. else w = k (-1) mod q 5. s = w * (h + x * r) mod q 6. if s == 0 then return ::CRM_ERR_INVALID_SIGNATURE 7. (r,s) is the signature

Parameters

ParamDescription
cnxConnection structure obtained through CRM_PK_OPEN() at startup
pPrime modulus p
qPrime divisor of p-1
gGenerator of order q mod p
kRandom value
privkeyPrivate key
hHash digest of message reduced by means of Secure Hash Algorithm specified in FIPS 180-3
rFirst part of signature
sSecond part of signature

SEE crm_dsa_sign_go() for an asynchronous version

Returns

CRM_OK CRM_ERR_NOT_INVERTIBLE CRM_ERR_INVALID_SIGNATURE CRM_ERR_INVALID_PARAM CRM_ERR_UNKNOWN_ERROR CRM_ERR_BUSY CRM_ERR_NOT_IMPLEMENTED CRM_ERR_OPERAND_TOO_LARGE CRM_ERR_PLATFORM_ERROR CRM_ERR_EXPIRED

crm_async_dsa_ver_go

C

struct crm_pk_dreq crm_async_dsa_ver_go(struct crm_pk_cnx *cnx,
   const crm_op *p, const crm_op *q, const crm_op *g, const crm_op *pubkey,
   const crm_op *h, const crm_op *r, const crm_op *s)

Description

Asynchronous (non-blocking) DSA signature verification

Start an DSA signature verification on the accelerator and return immediately. When the operation finishes on the accelerator, call CRM_PK_RELEASE_REQ()

Parameters

ParamDescription
cnxConnection structure obtained through CRM_PK_OPEN() at startup
pPrime modulus p
qPrime divisor of p-1
gGenerator of order q mod p
pubkeyPublic key
hHash digest of message reduced by means of Secure Hash Algorithm specified in FIPS 180-3
rFirst part of signature to verify
sSecond part of signature to verify

SEE

crm_dsa_ver() for a synchronous version

Returns

Acquired acceleration request for this operation

crm_dsa_ver

C

int crm_dsa_ver(struct crm_pk_cnx *cnx,
   const crm_op *p, const crm_op *q, const crm_op *g, const crm_op *pubkey,
   const crm_op *h, const crm_op *r, const crm_op *s)

Description

DSA signature verification

Checks if a signature is valid: 1. w = s (-1) mod q 2. u1 = h * w mod q 3. u2 = r * w mod q 4. X = g (u1) * y ^ (u2) mod p 5. v = X mod q 6. if v == r then signature is valid (::CRM_OK) 7. else return ::CRM_ERR_INVALID_SIGNATURE

Before launching the operation, verify the domain D(p,q,g) by checking: 1. 21023 < p < 21024 \b or 22047 < p < 22048 2. 2159 < q < 2160 \b or 2223 < q < 2224 \b or 2255 < q < 2256 3. 1 < g < p

Parameters

ParamDescription
cnxConnection structure obtained through CRM_PK_OPEN() at startup
pPrime modulus p
qPrime divisor of p-1
gGenerator of order q mod p
pubkeyPublic key
hHash digest of message reduced by means of Secure Hash Algorithm specified in FIPS 180-3
rFirst part of signature to verify
sSecond part of signature to verify

SEE

crm_async_dsa_ver_go() for an asynchronous version

Returns

CRM_OK CRM_ERR_NOT_INVERTIBLE CRM_ERR_INVALID_SIGNATURE CRM_ERR_OUT_OF_RANGE CRM_ERR_INVALID_PARAM CRM_ERR_UNKNOWN_ERROR CRM_ERR_BUSY CRM_ERR_NOT_IMPLEMENTED CRM_ERR_OPERAND_TOO_LARGE CRM_ERR_PLATFORM_ERROR CRM_ERR_EXPIRED