Inferno's CRYPT-INTRO(2 )

NAME

Crypt intro - introduction to the Crypt cryptography module

SYNOPSIS

include "ipints.m";
ipints := load IPints IPints->PATH;
IPint: import ipints;

include "crypt.m";
crypt := load Crypt Crypt->PATH;

DESCRIPTION

Crypt contains a mixed set of functions that variously:

•: form cryptographically secure digests; see crypt-sha1(2)
•: generate public/private key pairs; see crypt-gensk(2)
•: encrypt data, using AES, DES, or IDEA; see crypt-crypt(2)
•: create and verify cryptographic signatures using the public keys; see crypt-sign(2)

Public Key Cryptography

Public key cryptography has many uses. Inferno relies on it only for digital signatures. The private key may be used to digitally sign data, the public one to verify the signature.

Inferno provides three data types to represent the different components of the public key signature scheme. The PK adt contains the data necessary to construct a public key; the SK adt contains the data necessary to construct a secret key. A key contains the public or secret parameters for the signature algorithm specified by the adt's pick tag. Ownership of a key is not recorded in the key value itself but in a separate certificate. Finally, the PKsig adt contains one or more values representing a given form of digital signature.

Certificates and indeed signature representations are varied, and implemented by other modules.

Large Precision Arithmetic: Many Crypt operations require integers much larger than int or big. It therefore uses the multiple-precision package ipints(2). That module's IPint adt stands for infinite precision integer, though, for space considerations, our implementation limits the maximum integer to 2u8192d-1.
An IPint can be converted into two external formats. The first is an array of bytes in which the first byte is the highest order byte of the integer. This format is useful when communicating with the ssl(3) device. The second is similar but represents the array of bytes as text, using either base 16 or a MIME base 64 format, allowing IPints to be stored in files or transmitted across networks in a human readable form.

SOURCE

/libinterp/crypt.c
/libinterp/ipint.c
/libmp
/libsec

SEE ALSO

security-intro(2)
B. Schneier, Applied Cryptography, 1996, J. Wiley & Sons, Inc.

CRYPT-INTRO(2 ) Rev: Tue Mar 31 02:42:39 GMT 2015