1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
.TH ELGAMAL 3
.SH NAME
eggen, egencrypt, egdecrypt, egsign, egverify, egpuballoc, egpubfree, egprivalloc, egprivfree, egsigalloc, egsigfree, egprivtopub - elgamal encryption
.SH SYNOPSIS
.B #include <u.h>
.br
.B #include <libc.h>
.br
.B #include <mp.h>
.br
.B #include <libsec.h>
.PP
.B
EGpriv* eggen(int nlen, int nrep)
.PP
.B
mpint* egencrypt(EGpub *k, mpint *in, mpint *out)
.PP
.B
mpint* egdecrypt(EGpriv *k, mpint *in, mpint *out)
.PP
.B
EGsig* egsign(EGpriv *k, mpint *m)
.PP
.B
int egverify(EGpub *k, EGsig *sig, mpint *m)
.PP
.B
EGpub* egpuballoc(void)
.PP
.B
void egpubfree(EGpub*)
.PP
.B
EGpriv* egprivalloc(void)
.PP
.B
void egprivfree(EGpriv*)
.PP
.B
EGsig* egsigalloc(void)
.PP
.B
void egsigfree(EGsig*)
.PP
.B
EGpub* egprivtopub(EGpriv*)
.SH DESCRIPTION
.PP
Elgamal is a public key encryption and signature algorithm. The owner of a key publishes
the public part of the key:
.EX
struct EGpub
{
mpint *p; // modulus
mpint *alpha; // generator
mpint *key; // (encryption key) alpha**secret mod p
};
.EE
This part can be used for encrypting data (with
.IR egencrypt )
to be sent to the owner.
The owner decrypts (with
.IR egdecrypt )
using his private key:
.EX
struct EGpriv
{
EGpub pub;
mpint *secret; // (decryption key)
};
.EE
.PP
Keys are generated using
.IR eggen .
.I Eggen
takes both bit length of the modulus
and the number of repetitions of the Miller-Rabin
primality test to run. If the latter is 0, it does the default number
of rounds.
.I Egprivtopub
returns a newly allocated copy of the public key
corresponding to the private key.
.PP
The routines
.IR egpuballoc ,
.IR egpubfree ,
.IR egprivalloc ,
and
.I egprivfree
are provided to manage key storage.
.PP
.I Egsign
signs message
.I m
using a private key
.I k
yielding a
.EX
struct EGsig
{
mpint *r, *s;
};
.EE
.I Egverify
returns 0 if the signature is valid and \-1 if not.
.PP
The routines
.I egsigalloc
and
.I egsigfree
are provided to manage signature storage.
.SH SOURCE
.B \*9/src/libsec
.SH SEE ALSO
.IR mp (3),
.IR aes (3),
.IR blowfish (3),
.IR des (3),
.IR dsa (3),
.IR rc4 (3),
.IR rsa (3),
.IR sechash (3),
.IR prime (3),
.IR rand (3)
|