From 90167202a4ce3dc6d4822fad04c51cc35913d796 Mon Sep 17 00:00:00 2001 From: Sverker Eriksson Date: Wed, 27 Jun 2012 15:35:26 +0200 Subject: crypto: Redo interface for rsa and dss hash signing Replace _hash functions with {digest,_} argument to existing sign/verify functions. --- lib/crypto/doc/src/crypto.xml | 66 +++++++++++++++++++++++++------------------ 1 file changed, 39 insertions(+), 27 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 19db6c9dd4..36f8bc6deb 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -865,11 +865,13 @@ Mpint() = >]]> - rsa_sign(Data, Key) -> Signature - rsa_sign(DigestType, Data, Key) -> Signature + rsa_sign(DataOrDigest, Key) -> Signature + rsa_sign(DigestType, DataOrDigest, Key) -> Signature Sign the data using rsa with the given key. + DataOrDigest = Data | {digest,Digest} Data = Mpint + Digest = binary() Key = [E, N, D] | [E, N, D, P1, P2, E1, E2, C] E, N, D = Mpint Where E is the public exponent, N is public modulus and @@ -879,37 +881,40 @@ Mpint() = >]]> the calculation faster. P1,P2 are first and second prime factors. E1,E2 are first and second exponents. C is the CRT coefficient. Terminology is taken from RFC 3447. - DigestType = md5 | sha + DigestType = md5 | sha | sha256 | sha384 | sha512 The default DigestType is sha. Mpint = binary() Signature = binary() -

Calculates a DigestType digest of the Data - and creates a RSA signature with the private key Key - of the digest.

+

Creates a RSA signature with the private key Key + of a digest. The digest is either calculated as a + DigestType digest of Data or a precalculated + binary Digest.

 - rsa_verify(Data, Signature, Key) -> Verified - rsa_verify(DigestType, Data, Signature, Key) -> Verified + rsa_verify(DataOrDigest, Signature, Key) -> Verified + rsa_verify(DigestType, DataOrDigest, Signature, Key) -> Verified Verify the digest and signature using rsa with given public key. Verified = boolean() + DataOrDigest = Data | {digest|Digest} Data, Signature = Mpint + Digest = binary() Key = [E, N] E, N = Mpint Where E is the public exponent and N is public modulus. DigestType = md5 | sha | sha256 | sha384 | sha512 - The default DigestType is sha. + The default DigestType is sha. Mpint = binary() -

Calculates a DigestType digest of the Data - and verifies that the digest matches the RSA signature using the +

Verifies that a digest matches the RSA signature using the signer's public key Key. -

+ The digest is either calculated as a DigestType + digest of Data or a precalculated binary Digest.

May throw exception notsup in case the chosen DigestType is not supported by the underlying OpenSSL implementation.

 @@ -1022,45 +1027,52 @@ Mpint() = >]]> - dss_sign(Data, Key) -> Signature - dss_sign(DigestType, Data, Key) -> Signature + dss_sign(DataOrDigest, Key) -> Signature + dss_sign(DigestType, DataOrDigest, Key) -> Signature Sign the data using dsa with given private key. - DigestType = sha | none (default is sha) - Data = Mpint | ShaDigest + DigestType = sha + DataOrDigest = Mpint | {digest,Digest} Key = [P, Q, G, X] P, Q, G, X = Mpint Where P, Q and G are the dss parameters and X is the private key. - ShaDigest = binary() with length 20 bytes + Digest = binary() with length 20 bytes Signature = binary() -

Creates a DSS signature with the private key Key of a digest. - If DigestType is 'sha', the digest is calculated as SHA1 of Data. - If DigestType is 'none', Data is the precalculated SHA1 digest.

+

Creates a DSS signature with the private key Key of + a digest. The digest is either calculated as a SHA1 + digest of Data or a precalculated binary Digest.

+

A deprecated feature is having DigestType = 'none' + in which case DataOrDigest is a precalculated SHA1 + digest.

 - dss_verify(Data, Signature, Key) -> Verified - dss_verify(DigestType, Data, Signature, Key) -> Verified + dss_verify(DataOrDigest, Signature, Key) -> Verified + dss_verify(DigestType, DataOrDigest, Signature, Key) -> Verified Verify the data and signature using dsa with given public key. Verified = boolean() - DigestType = sha | none + DigestType = sha + DataOrDigest = Mpint | {digest,Digest} Data = Mpint | ShaDigest Signature = Mpint Key = [P, Q, G, Y] P, Q, G, Y = Mpint Where P, Q and G are the dss parameters and Y is the public key. - ShaDigest = binary() with length 20 bytes + Digest = binary() with length 20 bytes -

Verifies that a digest matches the DSS signature using the public key Key. - If DigestType is 'sha', the digest is calculated as SHA1 of Data. - If DigestType is 'none', Data is the precalculated SHA1 digest.

+

Verifies that a digest matches the DSS signature using the + public key Key. The digest is either calculated as a SHA1 + digest of Data or is a precalculated binary Digest.

+

A deprecated feature is having DigestType = 'none' + in which case DataOrDigest is a precalculated SHA1 + digest binary.

 -- cgit v1.2.3