From 90167202a4ce3dc6d4822fad04c51cc35913d796 Mon Sep 17 00:00:00 2001
From: Sverker Eriksson
Date: Wed, 27 Jun 2012 15:35:26 +0200
Subject: crypto: Redo interface for rsa and dss hash signing
Replace _hash functions with {digest,_} argument
to existing sign/verify functions.
---
lib/crypto/doc/src/crypto.xml | 66 +++++++++++++++++++++++++------------------
1 file changed, 39 insertions(+), 27 deletions(-)
(limited to 'lib/crypto/doc/src')
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index 19db6c9dd4..36f8bc6deb 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -865,11 +865,13 @@ Mpint() = >]]>
- rsa_sign(Data, Key) -> Signature
- rsa_sign(DigestType, Data, Key) -> Signature
+ rsa_sign(DataOrDigest, Key) -> Signature
+ rsa_sign(DigestType, DataOrDigest, Key) -> Signature
Sign the data using rsa with the given key.
+ DataOrDigest = Data | {digest,Digest}
Data = Mpint
+ Digest = binary()
Key = [E, N, D] | [E, N, D, P1, P2, E1, E2, C]
E, N, D = Mpint
Where E is the public exponent, N is public modulus and
@@ -879,37 +881,40 @@ Mpint() = >]]>
the calculation faster. P1,P2 are first and second prime factors.
E1,E2 are first and second exponents. C is the CRT coefficient.
Terminology is taken from RFC 3447.
- DigestType = md5 | sha
+ DigestType = md5 | sha | sha256 | sha384 | sha512
The default DigestType is sha.
Mpint = binary()
Signature = binary()
- Calculates a DigestType digest of the Data
- and creates a RSA signature with the private key Key
- of the digest.
+ Creates a RSA signature with the private key Key
+ of a digest. The digest is either calculated as a
+ DigestType digest of Data or a precalculated
+ binary Digest.
- rsa_verify(Data, Signature, Key) -> Verified
- rsa_verify(DigestType, Data, Signature, Key) -> Verified
+ rsa_verify(DataOrDigest, Signature, Key) -> Verified
+ rsa_verify(DigestType, DataOrDigest, Signature, Key) -> Verified
Verify the digest and signature using rsa with given public key.
Verified = boolean()
+ DataOrDigest = Data | {digest|Digest}
Data, Signature = Mpint
+ Digest = binary()
Key = [E, N]
E, N = Mpint
Where E is the public exponent and N is public modulus.
DigestType = md5 | sha | sha256 | sha384 | sha512
- The default DigestType is sha.
+ The default DigestType is sha.
Mpint = binary()
- Calculates a DigestType digest of the Data
- and verifies that the digest matches the RSA signature using the
+
Verifies that a digest matches the RSA signature using the
signer's public key Key.
-
+ The digest is either calculated as a DigestType
+ digest of Data or a precalculated binary Digest.
May throw exception notsup in case the chosen DigestType
is not supported by the underlying OpenSSL implementation.
@@ -1022,45 +1027,52 @@ Mpint() = >]]>
- dss_sign(Data, Key) -> Signature
- dss_sign(DigestType, Data, Key) -> Signature
+ dss_sign(DataOrDigest, Key) -> Signature
+ dss_sign(DigestType, DataOrDigest, Key) -> Signature
Sign the data using dsa with given private key.
- DigestType = sha | none (default is sha)
- Data = Mpint | ShaDigest
+ DigestType = sha
+ DataOrDigest = Mpint | {digest,Digest}
Key = [P, Q, G, X]
P, Q, G, X = Mpint
Where P, Q and G are the dss
parameters and X is the private key.
- ShaDigest = binary() with length 20 bytes
+ Digest = binary() with length 20 bytes
Signature = binary()
- Creates a DSS signature with the private key Key of a digest.
- If DigestType is 'sha', the digest is calculated as SHA1 of Data.
- If DigestType is 'none', Data is the precalculated SHA1 digest.
+ Creates a DSS signature with the private key Key of
+ a digest. The digest is either calculated as a SHA1
+ digest of Data or a precalculated binary Digest.
+ A deprecated feature is having DigestType = 'none'
+ in which case DataOrDigest is a precalculated SHA1
+ digest.
- dss_verify(Data, Signature, Key) -> Verified
- dss_verify(DigestType, Data, Signature, Key) -> Verified
+ dss_verify(DataOrDigest, Signature, Key) -> Verified
+ dss_verify(DigestType, DataOrDigest, Signature, Key) -> Verified
Verify the data and signature using dsa with given public key.
Verified = boolean()
- DigestType = sha | none
+ DigestType = sha
+ DataOrDigest = Mpint | {digest,Digest}
Data = Mpint | ShaDigest
Signature = Mpint
Key = [P, Q, G, Y]
P, Q, G, Y = Mpint
Where P, Q and G are the dss
parameters and Y is the public key.
- ShaDigest = binary() with length 20 bytes
+ Digest = binary() with length 20 bytes
- Verifies that a digest matches the DSS signature using the public key Key.
- If DigestType is 'sha', the digest is calculated as SHA1 of Data.
- If DigestType is 'none', Data is the precalculated SHA1 digest.
+ Verifies that a digest matches the DSS signature using the
+ public key Key. The digest is either calculated as a SHA1
+ digest of Data or is a precalculated binary Digest.
+ A deprecated feature is having DigestType = 'none'
+ in which case DataOrDigest is a precalculated SHA1
+ digest binary.
--
cgit v1.2.3