Mercurial > dropbear
comparison libtomcrypt/src/pk/dsa/dsa_sign_hash.c @ 382:0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
to branch 'au.asn.ucc.matt.dropbear' (head 02c413252c90e9de8e03d91e9939dde3029f5c0a)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 11 Jan 2007 02:41:05 +0000 |
| parents | 1b9e69c058d2 |
| children | f849a5ca2efc |
comparison
equal
deleted
inserted
replaced
| 379:b66a00272a90 | 382:0cbe8f6dbf9e |
|---|---|
| 4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
| 5 * | 5 * |
| 6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
| 7 * guarantee it works. | 7 * guarantee it works. |
| 8 * | 8 * |
| 9 * Tom St Denis, [email protected], http://libtomcrypt.org | 9 * Tom St Denis, [email protected], http://libtomcrypt.com |
| 10 */ | 10 */ |
| 11 #include "tomcrypt.h" | 11 #include "tomcrypt.h" |
| 12 | 12 |
| 13 /** | 13 /** |
| 14 @file dsa_sign_hash.c | 14 @file dsa_sign_hash.c |
| 27 @param wprng The index of the PRNG desired | 27 @param wprng The index of the PRNG desired |
| 28 @param key A private DSA key | 28 @param key A private DSA key |
| 29 @return CRYPT_OK if successful | 29 @return CRYPT_OK if successful |
| 30 */ | 30 */ |
| 31 int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, | 31 int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen, |
| 32 mp_int *r, mp_int *s, | 32 void *r, void *s, |
| 33 prng_state *prng, int wprng, dsa_key *key) | 33 prng_state *prng, int wprng, dsa_key *key) |
| 34 { | 34 { |
| 35 mp_int k, kinv, tmp; | 35 void *k, *kinv, *tmp; |
| 36 unsigned char *buf; | 36 unsigned char *buf; |
| 37 int err; | 37 int err; |
| 38 | 38 |
| 39 LTC_ARGCHK(in != NULL); | 39 LTC_ARGCHK(in != NULL); |
| 40 LTC_ARGCHK(r != NULL); | 40 LTC_ARGCHK(r != NULL); |
| 57 if (buf == NULL) { | 57 if (buf == NULL) { |
| 58 return CRYPT_MEM; | 58 return CRYPT_MEM; |
| 59 } | 59 } |
| 60 | 60 |
| 61 /* Init our temps */ | 61 /* Init our temps */ |
| 62 if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != MP_OKAY) { goto error; } | 62 if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK) { goto ERRBUF; } |
| 63 | 63 |
| 64 retry: | 64 retry: |
| 65 | 65 |
| 66 do { | 66 do { |
| 67 /* gen random k */ | 67 /* gen random k */ |
| 68 if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) { | 68 if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) { |
| 69 err = CRYPT_ERROR_READPRNG; | 69 err = CRYPT_ERROR_READPRNG; |
| 70 goto LBL_ERR; | 70 goto error; |
| 71 } | 71 } |
| 72 | 72 |
| 73 /* read k */ | 73 /* read k */ |
| 74 if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != MP_OKAY) { goto error; } | 74 if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; } |
| 75 | 75 |
| 76 /* k > 1 ? */ | 76 /* k > 1 ? */ |
| 77 if (mp_cmp_d(&k, 1) != MP_GT) { goto retry; } | 77 if (mp_cmp_d(k, 1) != LTC_MP_GT) { goto retry; } |
| 78 | 78 |
| 79 /* test gcd */ | 79 /* test gcd */ |
| 80 if ((err = mp_gcd(&k, &key->q, &tmp)) != MP_OKAY) { goto error; } | 80 if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; } |
| 81 } while (mp_cmp_d(&tmp, 1) != MP_EQ); | 81 } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ); |
| 82 | 82 |
| 83 /* now find 1/k mod q */ | 83 /* now find 1/k mod q */ |
| 84 if ((err = mp_invmod(&k, &key->q, &kinv)) != MP_OKAY) { goto error; } | 84 if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK) { goto error; } |
| 85 | 85 |
| 86 /* now find r = g^k mod p mod q */ | 86 /* now find r = g^k mod p mod q */ |
| 87 if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != MP_OKAY) { goto error; } | 87 if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK) { goto error; } |
| 88 if ((err = mp_mod(r, &key->q, r)) != MP_OKAY) { goto error; } | 88 if ((err = mp_mod(r, key->q, r)) != CRYPT_OK) { goto error; } |
| 89 | 89 |
| 90 if (mp_iszero(r) == MP_YES) { goto retry; } | 90 if (mp_iszero(r) == LTC_MP_YES) { goto retry; } |
| 91 | 91 |
| 92 /* now find s = (in + xr)/k mod q */ | 92 /* now find s = (in + xr)/k mod q */ |
| 93 if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != MP_OKAY) { goto error; } | 93 if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } |
| 94 if ((err = mp_mul(&key->x, r, s)) != MP_OKAY) { goto error; } | 94 if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; } |
| 95 if ((err = mp_add(s, &tmp, s)) != MP_OKAY) { goto error; } | 95 if ((err = mp_add(s, tmp, s)) != CRYPT_OK) { goto error; } |
| 96 if ((err = mp_mulmod(s, &kinv, &key->q, s)) != MP_OKAY) { goto error; } | 96 if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK) { goto error; } |
| 97 | 97 |
| 98 if (mp_iszero(s) == MP_YES) { goto retry; } | 98 if (mp_iszero(s) == LTC_MP_YES) { goto retry; } |
| 99 | 99 |
| 100 err = CRYPT_OK; | 100 err = CRYPT_OK; |
| 101 goto LBL_ERR; | |
| 102 | |
| 103 error: | 101 error: |
| 104 err = mpi_to_ltc_error(err); | 102 mp_clear_multi(k, kinv, tmp, NULL); |
| 105 LBL_ERR: | 103 ERRBUF: |
| 106 mp_clear_multi(&k, &kinv, &tmp, NULL); | |
| 107 #ifdef LTC_CLEAN_STACK | 104 #ifdef LTC_CLEAN_STACK |
| 108 zeromem(buf, MDSA_MAX_GROUP); | 105 zeromem(buf, MDSA_MAX_GROUP); |
| 109 #endif | 106 #endif |
| 110 XFREE(buf); | 107 XFREE(buf); |
| 111 return err; | 108 return err; |
| 124 */ | 121 */ |
| 125 int dsa_sign_hash(const unsigned char *in, unsigned long inlen, | 122 int dsa_sign_hash(const unsigned char *in, unsigned long inlen, |
| 126 unsigned char *out, unsigned long *outlen, | 123 unsigned char *out, unsigned long *outlen, |
| 127 prng_state *prng, int wprng, dsa_key *key) | 124 prng_state *prng, int wprng, dsa_key *key) |
| 128 { | 125 { |
| 129 mp_int r, s; | 126 void *r, *s; |
| 130 int err; | 127 int err; |
| 131 | 128 |
| 132 LTC_ARGCHK(in != NULL); | 129 LTC_ARGCHK(in != NULL); |
| 133 LTC_ARGCHK(out != NULL); | 130 LTC_ARGCHK(out != NULL); |
| 134 LTC_ARGCHK(outlen != NULL); | 131 LTC_ARGCHK(outlen != NULL); |
| 135 LTC_ARGCHK(key != NULL); | 132 LTC_ARGCHK(key != NULL); |
| 136 | 133 |
| 137 if (mp_init_multi(&r, &s, NULL) != MP_OKAY) { | 134 if (mp_init_multi(&r, &s, NULL) != CRYPT_OK) { |
| 138 return CRYPT_MEM; | 135 return CRYPT_MEM; |
| 139 } | 136 } |
| 140 | 137 |
| 141 if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, prng, wprng, key)) != CRYPT_OK) { | 138 if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, wprng, key)) != CRYPT_OK) { |
| 142 goto LBL_ERR; | 139 goto error; |
| 143 } | 140 } |
| 144 | 141 |
| 145 err = der_encode_sequence_multi(out, outlen, | 142 err = der_encode_sequence_multi(out, outlen, |
| 146 LTC_ASN1_INTEGER, 1UL, &r, | 143 LTC_ASN1_INTEGER, 1UL, r, |
| 147 LTC_ASN1_INTEGER, 1UL, &s, | 144 LTC_ASN1_INTEGER, 1UL, s, |
| 148 LTC_ASN1_EOL, 0UL, NULL); | 145 LTC_ASN1_EOL, 0UL, NULL); |
| 149 | 146 |
| 150 LBL_ERR: | 147 error: |
| 151 mp_clear_multi(&r, &s, NULL); | 148 mp_clear_multi(r, s, NULL); |
| 152 return err; | 149 return err; |
| 153 } | 150 } |
| 154 | 151 |
| 155 #endif | 152 #endif |
| 156 | 153 |
| 157 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */ | 154 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */ |
| 158 /* $Revision: 1.6 $ */ | 155 /* $Revision: 1.12 $ */ |
| 159 /* $Date: 2005/05/15 21:48:59 $ */ | 156 /* $Date: 2006/12/04 22:27:56 $ */ |