Mercurial > dropbear
comparison libtomcrypt/src/pk/dsa/dsa_verify_hash.c @ 382:0cbe8f6dbf9e
propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)
to branch 'au.asn.ucc.matt.dropbear' (head 02c413252c90e9de8e03d91e9939dde3029f5c0a)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 11 Jan 2007 02:41:05 +0000 |
parents | 1b9e69c058d2 |
children | f849a5ca2efc |
comparison
equal
deleted
inserted
replaced
379:b66a00272a90 | 382:0cbe8f6dbf9e |
---|---|
4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
5 * | 5 * |
6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
7 * guarantee it works. | 7 * guarantee it works. |
8 * | 8 * |
9 * Tom St Denis, [email protected], http://libtomcrypt.org | 9 * Tom St Denis, [email protected], http://libtomcrypt.com |
10 */ | 10 */ |
11 #include "tomcrypt.h" | 11 #include "tomcrypt.h" |
12 | 12 |
13 /** | 13 /** |
14 @file dsa_verify_hash.c | 14 @file dsa_verify_hash.c |
26 @param hashlen The length of the hash that was signed | 26 @param hashlen The length of the hash that was signed |
27 @param stat [out] The result of the signature verification, 1==valid, 0==invalid | 27 @param stat [out] The result of the signature verification, 1==valid, 0==invalid |
28 @param key The corresponding public DH key | 28 @param key The corresponding public DH key |
29 @return CRYPT_OK if successful (even if the signature is invalid) | 29 @return CRYPT_OK if successful (even if the signature is invalid) |
30 */ | 30 */ |
31 int dsa_verify_hash_raw( mp_int *r, mp_int *s, | 31 int dsa_verify_hash_raw( void *r, void *s, |
32 const unsigned char *hash, unsigned long hashlen, | 32 const unsigned char *hash, unsigned long hashlen, |
33 int *stat, dsa_key *key) | 33 int *stat, dsa_key *key) |
34 { | 34 { |
35 mp_int w, v, u1, u2; | 35 void *w, *v, *u1, *u2; |
36 int err; | 36 int err; |
37 | 37 |
38 LTC_ARGCHK(r != NULL); | 38 LTC_ARGCHK(r != NULL); |
39 LTC_ARGCHK(s != NULL); | 39 LTC_ARGCHK(s != NULL); |
40 LTC_ARGCHK(stat != NULL); | 40 LTC_ARGCHK(stat != NULL); |
42 | 42 |
43 /* default to invalid signature */ | 43 /* default to invalid signature */ |
44 *stat = 0; | 44 *stat = 0; |
45 | 45 |
46 /* init our variables */ | 46 /* init our variables */ |
47 if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) { | 47 if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != CRYPT_OK) { |
48 return mpi_to_ltc_error(err); | 48 return err; |
49 } | 49 } |
50 | 50 |
51 /* neither r or s can be null or >q*/ | 51 /* neither r or s can be null or >q*/ |
52 if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { | 52 if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) { |
53 err = CRYPT_INVALID_PACKET; | 53 err = CRYPT_INVALID_PACKET; |
54 goto done; | 54 goto error; |
55 } | 55 } |
56 | 56 |
57 /* w = 1/s mod q */ | 57 /* w = 1/s mod q */ |
58 if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY) { goto error; } | 58 if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK) { goto error; } |
59 | 59 |
60 /* u1 = m * w mod q */ | 60 /* u1 = m * w mod q */ |
61 if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error; } | 61 if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK) { goto error; } |
62 if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY) { goto error; } | 62 if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK) { goto error; } |
63 | 63 |
64 /* u2 = r*w mod q */ | 64 /* u2 = r*w mod q */ |
65 if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY) { goto error; } | 65 if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK) { goto error; } |
66 | 66 |
67 /* v = g^u1 * y^u2 mod p mod q */ | 67 /* v = g^u1 * y^u2 mod p mod q */ |
68 if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY) { goto error; } | 68 if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK) { goto error; } |
69 if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY) { goto error; } | 69 if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK) { goto error; } |
70 if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY) { goto error; } | 70 if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK) { goto error; } |
71 if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY) { goto error; } | 71 if ((err = mp_mod(v, key->q, v)) != CRYPT_OK) { goto error; } |
72 | 72 |
73 /* if r = v then we're set */ | 73 /* if r = v then we're set */ |
74 if (mp_cmp(r, &v) == MP_EQ) { | 74 if (mp_cmp(r, v) == LTC_MP_EQ) { |
75 *stat = 1; | 75 *stat = 1; |
76 } | 76 } |
77 | 77 |
78 err = CRYPT_OK; | 78 err = CRYPT_OK; |
79 goto done; | 79 error: |
80 | 80 mp_clear_multi(w, v, u1, u2, NULL); |
81 error : err = mpi_to_ltc_error(err); | |
82 done : mp_clear_multi(&w, &v, &u1, &u2, NULL); | |
83 return err; | 81 return err; |
84 } | 82 } |
85 | 83 |
86 /** | 84 /** |
87 Verify a DSA signature | 85 Verify a DSA signature |
96 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, | 94 int dsa_verify_hash(const unsigned char *sig, unsigned long siglen, |
97 const unsigned char *hash, unsigned long hashlen, | 95 const unsigned char *hash, unsigned long hashlen, |
98 int *stat, dsa_key *key) | 96 int *stat, dsa_key *key) |
99 { | 97 { |
100 int err; | 98 int err; |
101 mp_int r, s; | 99 void *r, *s; |
102 | 100 |
103 if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { | 101 if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) { |
104 return CRYPT_MEM; | 102 return CRYPT_MEM; |
105 } | 103 } |
106 | 104 |
107 /* decode the sequence */ | 105 /* decode the sequence */ |
108 if ((err = der_decode_sequence_multi(sig, siglen, | 106 if ((err = der_decode_sequence_multi(sig, siglen, |
109 LTC_ASN1_INTEGER, 1UL, &r, | 107 LTC_ASN1_INTEGER, 1UL, r, |
110 LTC_ASN1_INTEGER, 1UL, &s, | 108 LTC_ASN1_INTEGER, 1UL, s, |
111 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { | 109 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { |
112 goto LBL_ERR; | 110 goto LBL_ERR; |
113 } | 111 } |
114 | 112 |
115 /* do the op */ | 113 /* do the op */ |
116 err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key); | 114 err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key); |
117 | 115 |
118 LBL_ERR: | 116 LBL_ERR: |
119 mp_clear_multi(&r, &s, NULL); | 117 mp_clear_multi(r, s, NULL); |
120 return err; | 118 return err; |
121 } | 119 } |
122 | 120 |
123 #endif | 121 #endif |
124 | 122 |
125 | 123 |
126 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */ | 124 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */ |
127 /* $Revision: 1.8 $ */ | 125 /* $Revision: 1.13 $ */ |
128 /* $Date: 2005/05/15 21:48:59 $ */ | 126 /* $Date: 2006/12/04 03:18:43 $ */ |