CRYPT-INTRO(2)CRYPT-INTRO(2)NAME
Crypt intro - introduction to the Crypt cryptography module
SYNOPSIS
include "ipints.m";
ipints := load IPints IPints->PATH;
IPint: import ipints;
include "crypt.m";
crypt := load Crypt Crypt->PATH;
DESCRIPTION
Crypt contains a mixed set of functions that variously:
· form cryptographically secure digests; see crypt-sha1(2)
· generate public/private key pairs; see crypt-gensk(2)
· encrypt data, using AES, DES, or IDEA; see crypt-crypt(2)
· create and verify cryptographic signatures using the public
keys; see crypt-sign(2)
Public Key Cryptography
Public key cryptography has many uses. Inferno relies on it only for
digital signatures. The private key may be used to digitally sign
data, the public one to verify the signature.
Inferno provides three data types to represent the different components
of the public key signature scheme. The PK adt contains the data nec‐
essary to construct a public key; the SK adt contains the data neces‐
sary to construct a secret key. A key contains the public or secret
parameters for the signature algorithm specified by the adt's pick tag.
Ownership of a key is not recorded in the key value itself but in a
separate certificate. Finally, the PKsig adt contains one or more val‐
ues representing a given form of digital signature.
Certificates and indeed signature representations are varied, and
implemented by other modules.
Large Precision Arithmetic
Many Crypt operations require integers much larger than int or big. It
therefore uses the multiple-precision package ipints(2). That module's
IPint adt stands for infinite precision integer, though, for space con‐
siderations, our implementation limits the maximum integer to 28192-1.
An IPint can be converted into two external formats. The first is an
array of bytes in which the first byte is the highest order byte of the
integer. This format is useful when communicating with the ssl(3)
device. The second is similar but represents the array of bytes as
text, using either base 16 or a MIME base 64 format, allowing IPints to
be stored in files or transmitted across networks in a human readable
form.
SOURCE
/libinterp/crypt.c
/libinterp/ipint.c
/libmp
/libsec
SEE ALSOsecurity-intro(2)
B. Schneier, Applied Cryptography, 1996, J. Wiley & Sons, Inc.
CRYPT-INTRO(2)