sign.h

IBE是一种非对称密码技术

/* Copyright 2003-2006, Voltage Security, all rights reserved.
 */

#include "vibecrypto.h"
#include "environment.h"
#include "base.h"
#include "libctx.h"
#include "algobj.h"
#include "keyobj.h"
#include "pad.h"

#ifndef _SIGN_H
#define _SIGN_H

#ifdef __cplusplus
extern "C" {
#endif

/* If the class is SIGN, this is the classCtx (the data struct and
 * the types that are the fields).
 */

/* Call this routine to get an algorithm object that will digest data
 * as specified by the sign/verify object. This is generally used when
 * the sign/verify object was created using an algId. The caller
 * doesn't know what the digest algorithm is, so get the signing
 * algorithm to build it.
 * <p>The caller passes in an address of a VtAlgorithmObject, the
 * implementation will deposit a digest algorithm object there. The
 * digest object belongs to the sign/verify object, the caller can use
 * that object, but must not destroy it.
 *
 * @param obj The sign or verify object. The object built to sign or
 * verify signatures.
 * @param digestObject The address where the implementation will
 * deposit the digest object.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
typedef int VOLT_CALLING_CONV (*VGetDigestObject) VOLT_PROTO_LIST ((
   VoltAlgorithmObject *obj,
   VtAlgorithmObject *digestObject
));

/* The implementation of this typedef will check the input arguments to
 * see if they can create a signature. It will also determine how big
 * the signature buffer needs to be.
 * <p>The checks include matching the key and algorithm object,
 * determining if the random is valid, and seeing if the data is too
 * large or small. The signCtx->digestAlg field will be set to the
 * algorithm used, the function should check that as well.
 * <p>The function also must set the paddedBlockLen field in the
 * signCtx. If the input is not to be padded, the paddedBlockLen is
 * simply the same length as the digest.
 *
 * @param obj The object set to create signatures.
 * @param key The object containing the key.
 * @param random The object to use in generating random bytes if
 * necessary.
 * @param dataToSign
 * @param dataToSignLen
 * @param signatureSize The address where the implementation will
 * deposit the length of the signature.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
typedef int VOLT_CALLING_CONV (*VCheckSignatureInput) VOLT_PROTO_LIST ((
   VoltAlgorithmObject *obj,
   VoltKeyObject *key,
   VtRandomObject random,
   unsigned char *dataToSign,
   unsigned int dataToSignLen,
   unsigned int *signatureSize
));

/* Create the signature from the data and key.
 * <p>This function does no argument checking. The caller should have
 * called the GetSignatureSize function to make sure the args were
 * valid. The implementation will assume the address given by signature
 * is valid and big enough.
 * <p>The signCtx->digestAlg field will be set.
 *
 * @param obj The algorithm object containing the context.
 * @param key The key object containing the key data.
 * @param random The object to use in generating random bytes if
 * necessary.
 * @param dataToSign
 * @param dataToSignLen
 * @param signature The buffer into which the implementation will place
 * the signature.
 * @return an int, 0 if the function completed successfully or a
 * non-zero error code.
 */
typedef int VOLT_CALLING_CONV (*VSignData) VOLT_PROTO_LIST ((
   VoltAlgorithmObject *obj,
   VoltKeyObject *key,
   VtRandomObject random,
   unsigned char *dataToSign,
   unsigned int dataToSignLen,
   unsigned char *signature,
   unsigned int *sigLen
));

/* Verify the signature. The dataToVerify is the digest.
 * <p>Set verifyResult to 1 (yes, true) if the signature verifies, or
 * else set it to 0 (no, flase) if it does not.
 * <p>If the signature does not verify, the return value will still be
 * 0 (success, no error). There was no error in the function, it did
 * what it was supposed to do, determine if a signature verified or not.
 * <p>If the return value is not 0, then the verifyResult value is
 * meaningless.
 * <p>The signCtx->digestAlg field will be set.
 * <p>If there is any unpadding to do, it is the responsibility of this
 * function to do it. If needed, it should find the Unpad function and
 * padCtx in the signCtx in the obj.
 */
typedef int VOLT_CALLING_CONV (*VVerifyData) VOLT_PROTO_LIST ((
   VoltAlgorithmObject *obj,
   VoltKeyObject *key,
   VtRandomObject random,
   unsigned char *dataToVerify,
   unsigned int dataToVerifyLen,
   unsigned char *signature,
   unsigned int sigLen,
   unsigned int *verifyResult
));

/* The digestAlg field might be temporary. If an algorithm object is
 * built from an algID, then the digestAlg is fixed. If not, then it
 * might be possible to use a different digest alg each signature (or
 * not, it depends on the signature algorithm and the implementation).
 * If the digest algorithm is changeable, that will be set by the
 */
typedef struct
{
  VGetDigestObject       GetDigestObject;
  VCheckSignatureInput   CheckSignatureInput;
  VSignData              SignData;
  VVerifyData            VerifyData;
  VtAlgorithmObject      digestObject;
  unsigned int           algorithm;
  unsigned int           digestAlg;
  unsigned int           paddedBlockLen;
  VPad                   Pad;
  VUnpad                 Unpad;
  Pointer                padCtx;
  VCtxDestroy            PadCtxDestroy;
  Pointer                localSignCtx;
  VCtxDestroy            LocalSignCtxDestroy;
} VoltSignClassCtx;

/* Use one of these values for the algorithm field in the SignClassCtx.
 * <p>This is a bit field.
 * <p>The ALG_ID bit is to be set if the object was built from an algID.
 */
#define VOLT_SIGNATURE_ALG_DSA   0x0001
#define VOLT_SIGNATURE_ALG_RSA   0x0002
#define VOLT_SIGNATURE_ALG_ID    0x8000

/* Implements VCtxDestroy.
 */
void VOLT_CALLING_CONV VoltSignCtxDestroy VOLT_PROTO_LIST ((
   Pointer obj,
   Pointer ctx
));

#ifdef __cplusplus
}
#endif

#endif /* _SIGN_H */