X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/79ba130cb5776f994f6a3f0f87159d8cbc5ff129..ef5f48103e83977bda6ef4d7d1aacbb66a629b10:/dsa-sign.c diff --git a/dsa-sign.c b/dsa-sign.c index 8e5c997..613a07e 100644 --- a/dsa-sign.c +++ b/dsa-sign.c @@ -1,6 +1,6 @@ /* -*-c-*- * - * $Id: dsa-sign.c,v 1.1 1999/11/19 19:28:00 mdw Exp $ + * $Id: dsa-sign.c,v 1.2 1999/12/10 23:18:38 mdw Exp $ * * DSA signing operation * @@ -30,6 +30,9 @@ /*----- Revision history --------------------------------------------------* * * $Log: dsa-sign.c,v $ + * Revision 1.2 1999/12/10 23:18:38 mdw + * Change interface for suggested destinations. + * * Revision 1.1 1999/11/19 19:28:00 mdw * Implementation of the Digital Signature Algorithm. * @@ -39,6 +42,7 @@ #include "dsa.h" #include "mp.h" +#include "mpbarrett.h" #include "mpmont.h" /*----- Main code ---------------------------------------------------------*/ @@ -46,9 +50,9 @@ /* --- @dsa_mksig@ --- * * * Arguments: @const dsa_param *dp@ = pointer to DSA parameters - * @const mp *a@ = secret signing key - * @const mp *m@ = message to be signed - * @const mp *k@ = random data + * @mp *a@ = secret signing key + * @mp *m@ = message to be signed + * @mp *k@ = random data * @mp **rr, **ss@ = where to put output parameters * * Returns: --- @@ -56,45 +60,38 @@ * Use: Computes a DSA signature of a message. */ -void dsa_mksig(const dsa_param *dp, const mp *a, const mp *m, const mp *k, - mp **rr, mp **ss) +void dsa_mksig(const dsa_param *dp, mp *a, mp *m, mp *k, mp **rr, mp **ss) { - mpmont pm, qm; - mp *k1, *r; - mp *rrr, *ar; - - /* --- Create the Montgomery contexts --- */ - - mpmont_create(&pm, dp->p); - mpmont_create(&qm, dp->q); + mpmont pm; + mpbarrett qb; + mp *k1 = MP_NEW, *r; + mp *ar; /* --- Compute %$r = (g^k \bmod p) \bmod q$% --- */ - r = mpmont_exp(&pm, dp->g, k); + mpmont_create(&pm, dp->p); + r = mpmont_exp(&pm, MP_NEW, dp->g, k); + mpmont_destroy(&pm); mp_div(0, &r, r, dp->q); - *rr = r; /* --- Compute %$k^{-1} \bmod q$% --- */ - mp_gcd(0, 0, &k1, dp->q, (mp *)k); + mp_gcd(0, 0, &k1, dp->q, k); /* --- Now for %$k^{-1}(m + ar)$% --- */ - rrr = mpmont_mul(&qm, MP_NEW, r, qm.r2); - ar = mpmont_mul(&qm, MP_NEW, a, rrr); + mpbarrett_create(&qb, dp->q); + ar = mp_mul(MP_NEW, a, r); ar = mp_add(ar, ar, m); - if (MP_CMP(ar, >=, dp->q)) - ar = mp_sub(ar, ar, dp->q); - rrr = mpmont_mul(&qm, rrr, ar, qm.r2); - ar = mpmont_mul(&qm, ar, rrr, k1); + ar = mpbarrett_reduce(&qb, ar, ar); + ar = mp_mul(ar, ar, k1); + ar = mpbarrett_reduce(&qb, ar, ar); + mpbarrett_destroy(&qb); + MP_DROP(k1); + if (*rr) MP_DROP(*rr); + if (*ss) MP_DROP(*ss); + *rr = r; *ss = ar; - - /* --- Tidy things up a little --- */ - - mp_drop(rrr); - mp_drop(k1); - mpmont_destroy(&pm); - mpmont_destroy(&qm); } /* --- @dsa_sign@ --- * @@ -122,7 +119,7 @@ void dsa_sign(dsa_param *dp, mp *a, { mp *mm = mp_loadb(MP_NEW, m, msz); mp *km = mp_loadb(MP_NEW, k, ksz); - mp *rm, *sm; + mp *rm = MP_NEW, *sm = MP_NEW; dsa_mksig(dp, a, mm, km, &rm, &sm); mp_storeb(rm, r, rsz); mp_storeb(sm, s, ssz); @@ -191,6 +188,7 @@ static int verify(dstr *v) mp_drop(dp.q); mp_drop(dp.g); mp_drop(x); + assert(mparena_count(MPARENA_GLOBAL) == 0); return (ok); }