template class xf::security::dsa

#include "dsa.hpp"

Overview

Digital Signature. This class provide signing and verifying functions. Generation of domain parameters, key pairs and per-message secrect number requires key management mechanism and is not covered in this class.

Parameters:

L	bit length of prime modulus.
N	bit length of prime divisor. Selection of L and N is fixed in FIPS.186-4, section 4.2. Choice of pair {L, N} are: {1024, 160}, {2048, 224}, {2048, 256}, {3072, 256}
H	bit length of Digest value

template <
    int L,
    int N,
    int H
    >
class dsa

// fields

ap_uint <L> p
ap_uint <N> q
ap_uint <L> g
ap_uint <N> x
ap_uint <L> y
ap_uint <L> rMod

Fields

ap_uint <L> p

Prime modulus, a domain parameter.

ap_uint <N> q

Prime divisor, a domain parameter.

ap_uint <L> g

generator of a subgroup of order q in GF(p), a domain parameter

ap_uint <N> x

private key

ap_uint <L> y

public key

ap_uint <L> rMod

a parameter determined by p, rMod = 2^(2*L) mod p

Methods

updateSigningParam

updateSigningParam overload (1)

void updateSigningParam (
    ap_uint <L> inputP,
    ap_uint <N> inputQ,
    ap_uint <L> inputG,
    ap_uint <N> inputX
    )

Set up domain parameters for DSA signing when a set of new domain parameter will be used. rMod is not provided which need to be calculated on Chip.

Parameters:

inputP	Input prime modulus.
inputQ	Input prime divisor.
inputG	Input generator of a subgroup of order inputQ in GF(inputQ).
inputX	Input private key

updateSigningParam overload (2)

void updateSigningParam (
    ap_uint <L> inputP,
    ap_uint <N> inputQ,
    ap_uint <L> inputG,
    ap_uint <N> inputX,
    ap_uint <L> inputRMod
    )

Set up domain parameters for DSA signing when a set of new domain parameter will be used.

Parameters:

inputP	Input prime modulus.
inputQ	Input prime divisor.
inputG	Input generator of a subgroup of order inputQ in GF(inputQ).
inputX	Input private key
rMod	Input rMode, provided by user.

updateVerifyingParam

updateVerifyingParam overload (1)

void updateVerifyingParam (
    ap_uint <L> inputP,
    ap_uint <N> inputQ,
    ap_uint <L> inputG,
    ap_uint <L> inputY
    )

Set up domain parameters for DSA Verifying when a set of new domain parameter will be used. rMod is not provided which need to be calculated on Chip.

Parameters:

inputP	Input prime modulus.
inputQ	Input prime divisor.
inputG	Input generator of a subgroup of order inputQ in GF(inputQ).
inputY	Input public key

updateVerifyingParam overload (2)

void updateVerifyingParam (
    ap_uint <L> inputP,
    ap_uint <N> inputQ,
    ap_uint <L> inputG,
    ap_uint <L> inputY,
    ap_uint <L> inputRMod
    )

Set up domain parameters for DSA Verifying when a set of new domain parameter will be used.

Parameters:

inputP	Input prime modulus.
inputQ	Input prime divisor.
inputG	Input generator of a subgroup of order inputQ in GF(inputQ).
inputY	Input public key
rMod	Input rMode, provided by user.

sign

void sign (
    ap_uint <H> digest,
    ap_uint <N> k,
    ap_uint <N>& r,
    ap_uint <N>& s
    )

DSA signing function.

Parameters:

digest	Digest value of message to be signed.
k	A per-message secret number.
r	Element of signature pair.
s	Element of signature pair. Pair(r, s) forms a complete signature pair of DSA.

verify

bool verify (
    ap_uint <H> digest,
    ap_uint <N> r,
    ap_uint <N> s
    )

DSA verifying function. It returns true if verified, otherwise false.

Parameters:

digest	Digest value of message to be verified.
r	Element of signature pair.
s	Element of signature pair. Pair(r, s) forms a complete signature pair of DSA.