Mercurial > dropbear
comparison libtomcrypt/src/pk/dsa/dsa_verify_key.c @ 511:582cb38e4eb5 insecure-nocrypto
propagate from branch 'au.asn.ucc.matt.dropbear' (head cdcc3c729e29544e8b98a408e2dc60e4483dfd2a)
to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab)
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 06 Nov 2008 13:16:55 +0000 |
| parents | 0cbe8f6dbf9e |
| children | f849a5ca2efc |
comparison
equal
deleted
inserted
replaced
| 361:461c4b1fb35f | 511:582cb38e4eb5 |
|---|---|
| 4 * algorithms in a highly modular and flexible manner. | 4 * algorithms in a highly modular and flexible manner. |
| 5 * | 5 * |
| 6 * The library is free for all purposes without any express | 6 * The library is free for all purposes without any express |
| 7 * guarantee it works. | 7 * guarantee it works. |
| 8 * | 8 * |
| 9 * Tom St Denis, [email protected], http://libtomcrypt.org | 9 * Tom St Denis, [email protected], http://libtomcrypt.com |
| 10 */ | 10 */ |
| 11 #include "tomcrypt.h" | 11 #include "tomcrypt.h" |
| 12 | 12 |
| 13 /** | 13 /** |
| 14 @file dsa_verify_key.c | 14 @file dsa_verify_key.c |
| 23 @param stat [out] Result of test, 1==valid, 0==invalid | 23 @param stat [out] Result of test, 1==valid, 0==invalid |
| 24 @return CRYPT_OK if successful | 24 @return CRYPT_OK if successful |
| 25 */ | 25 */ |
| 26 int dsa_verify_key(dsa_key *key, int *stat) | 26 int dsa_verify_key(dsa_key *key, int *stat) |
| 27 { | 27 { |
| 28 mp_int tmp, tmp2; | 28 void *tmp, *tmp2; |
| 29 int res, err; | 29 int res, err; |
| 30 | 30 |
| 31 LTC_ARGCHK(key != NULL); | 31 LTC_ARGCHK(key != NULL); |
| 32 LTC_ARGCHK(stat != NULL); | 32 LTC_ARGCHK(stat != NULL); |
| 33 | 33 |
| 34 /* default to an invalid key */ | 34 /* default to an invalid key */ |
| 35 *stat = 0; | 35 *stat = 0; |
| 36 | 36 |
| 37 /* first make sure key->q and key->p are prime */ | 37 /* first make sure key->q and key->p are prime */ |
| 38 if ((err = is_prime(&key->q, &res)) != CRYPT_OK) { | 38 if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) { |
| 39 return err; | 39 return err; |
| 40 } | 40 } |
| 41 if (res == 0) { | 41 if (res == 0) { |
| 42 return CRYPT_OK; | 42 return CRYPT_OK; |
| 43 } | 43 } |
| 44 | 44 |
| 45 | 45 if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) { |
| 46 if ((err = is_prime(&key->p, &res)) != CRYPT_OK) { | |
| 47 return err; | 46 return err; |
| 48 } | 47 } |
| 49 if (res == 0) { | 48 if (res == 0) { |
| 50 return CRYPT_OK; | 49 return CRYPT_OK; |
| 51 } | 50 } |
| 52 | 51 |
| 53 /* now make sure that g is not -1, 0 or 1 and <p */ | 52 /* now make sure that g is not -1, 0 or 1 and <p */ |
| 54 if (mp_cmp_d(&key->g, 0) == MP_EQ || mp_cmp_d(&key->g, 1) == MP_EQ) { | 53 if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) { |
| 55 return CRYPT_OK; | 54 return CRYPT_OK; |
| 56 } | 55 } |
| 57 if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != MP_OKAY) { goto error; } | 56 if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK) { return err; } |
| 58 if ((err = mp_sub_d(&key->p, 1, &tmp)) != MP_OKAY) { goto error; } | 57 if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK) { goto error; } |
| 59 if (mp_cmp(&tmp, &key->g) == MP_EQ || mp_cmp(&key->g, &key->p) != MP_LT) { | 58 if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) { |
| 60 err = CRYPT_OK; | 59 err = CRYPT_OK; |
| 61 goto done; | 60 goto error; |
| 62 } | 61 } |
| 63 | 62 |
| 64 /* 1 < y < p-1 */ | 63 /* 1 < y < p-1 */ |
| 65 if (!(mp_cmp_d(&key->y, 1) == MP_GT && mp_cmp(&key->y, &tmp) == MP_LT)) { | 64 if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) { |
| 66 err = CRYPT_OK; | 65 err = CRYPT_OK; |
| 67 goto done; | 66 goto error; |
| 68 } | 67 } |
| 69 | 68 |
| 70 /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ | 69 /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */ |
| 71 if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != MP_OKAY) { goto error; } | 70 if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK) { goto error; } |
| 72 if (mp_iszero(&tmp2) != MP_YES) { | 71 if (mp_iszero(tmp2) != LTC_MP_YES) { |
| 73 err = CRYPT_OK; | 72 err = CRYPT_OK; |
| 74 goto done; | 73 goto error; |
| 75 } | 74 } |
| 76 | 75 |
| 77 if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; } | 76 if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } |
| 78 if (mp_cmp_d(&tmp, 1) != MP_EQ) { | 77 if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { |
| 79 err = CRYPT_OK; | 78 err = CRYPT_OK; |
| 80 goto done; | 79 goto error; |
| 81 } | 80 } |
| 82 | 81 |
| 83 /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ | 82 /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */ |
| 84 if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != MP_OKAY) { goto error; } | 83 if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK) { goto error; } |
| 85 if (mp_cmp_d(&tmp, 1) != MP_EQ) { | 84 if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) { |
| 86 err = CRYPT_OK; | 85 err = CRYPT_OK; |
| 87 goto done; | 86 goto error; |
| 88 } | 87 } |
| 89 | 88 |
| 90 /* at this point we are out of tests ;-( */ | 89 /* at this point we are out of tests ;-( */ |
| 91 err = CRYPT_OK; | 90 err = CRYPT_OK; |
| 92 *stat = 1; | 91 *stat = 1; |
| 93 goto done; | 92 error: |
| 94 error: err = mpi_to_ltc_error(err); | 93 mp_clear_multi(tmp, tmp2, NULL); |
| 95 done : mp_clear_multi(&tmp, &tmp2, NULL); | |
| 96 return err; | 94 return err; |
| 97 } | 95 } |
| 98 #endif | 96 #endif |
| 99 | 97 |
| 100 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */ | 98 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */ |
| 101 /* $Revision: 1.3 $ */ | 99 /* $Revision: 1.6 $ */ |
| 102 /* $Date: 2005/05/05 14:35:59 $ */ | 100 /* $Date: 2006/12/04 03:18:43 $ */ |