crypt-0intro (revision 06155dbb53eb0585800b239acd6e45b946c6e0cf) - OpenGrok cross reference for /inferno-os/man/2/crypt-0intro

         CRYPT-INTRO 2
 NAME
Crypt intro - introduction to the
 Crypt cryptography
module
 SYNOPSIS
.EX
include "ipints.m";
ipints := load IPints IPints->PATH;
IPint: import ipints;

include "crypt.m";
crypt := load Crypt Crypt->PATH;

 DESCRIPTION
 Crypt contains a mixed set of functions that variously:
 \(bu
form cryptographically secure digests; see
 crypt-sha1 (2)  \(bu
generate public/private key pairs; see
 crypt-gensk (2)  \(bu
encrypt data, using AES, DES, or IDEA; see
 crypt-crypt (2)  \(bu
create and verify cryptographic signatures using the
public keys; see
 crypt-sign (2)  "Public Key Cryptography"
Public key cryptography has many uses.
Inferno relies on it only for digital signatures.
The private key may be used to digitally
sign data, the public one to verify the signature.

Inferno provides three data types to represent the different components of the public key signature scheme.
The
 PK adt contains the data necessary to construct a public key;
the
 SK adt contains the data necessary to construct a secret key.
A key contains the public or secret parameters for the signature algorithm specified by the adt's pick tag.
Ownership of a key is not recorded in the key value itself but in a separate certificate.
Finally,
the
 PKsig adt contains one or more values representing a given form of digital signature.

Certificates and indeed signature representations are varied, and implemented by other modules.
 "Large Precision Arithmetic"
Many
 Crypt operations require integers much larger than
 int or
 big . It therefore uses the multiple-precision package
 ipints (2). That module's
 IPint adt
stands for infinite precision integer, though, for
space considerations, our
implementation limits the maximum integer to
2\u\s-28192\s0\d-1.

An
 IPint can be converted into two external formats.
The first is
an array of bytes in which the first byte is the highest order
byte of the integer. This format is useful when
communicating with the
 ssl (3) device.
The second is similar but represents the array of bytes as text, using either base 16 or a MIME base 64 format,
allowing
 IPint s to be stored in files or transmitted across
networks in a human readable form.
 SOURCE

 /libinterp/crypt.c
 /libinterp/ipint.c
 /libmp
 /libsec  SEE ALSO
 security-intro (2)
B. Schneier,
 "Applied Cryptography" , 1996, J. Wiley & Sons, Inc.