X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/8b810a45dec25017a6256e4ef134236444a00921..7fb0660b6d7237a7ec859459b2e511eebc0dcdb5:/dsa-sign.c diff --git a/dsa-sign.c b/dsa-sign.c index 8e5c997..9d30dd9 100644 --- a/dsa-sign.c +++ b/dsa-sign.c @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: dsa-sign.c,v 1.1 1999/11/19 19:28:00 mdw Exp $ + * $Id: dsa-sign.c,v 1.3 2004/04/08 01:36:15 mdw Exp $ * * DSA signing operation * * (c) 1999 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,30 +15,23 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-sign.c,v $ - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dsa.h" #include "mp.h" +#include "mpbarrett.h" #include "mpmont.h" /*----- Main code ---------------------------------------------------------*/ @@ -46,9 +39,9 @@ /* --- @dsa_mksig@ --- * * * Arguments: @const dsa_param *dp@ = pointer to DSA parameters - * @const mp *a@ = secret signing key - * @const mp *m@ = message to be signed - * @const mp *k@ = random data + * @mp *a@ = secret signing key + * @mp *m@ = message to be signed + * @mp *k@ = random data * @mp **rr, **ss@ = where to put output parameters * * Returns: --- @@ -56,45 +49,38 @@ * Use: Computes a DSA signature of a message. */ -void dsa_mksig(const dsa_param *dp, const mp *a, const mp *m, const mp *k, - mp **rr, mp **ss) +void dsa_mksig(const dsa_param *dp, mp *a, mp *m, mp *k, mp **rr, mp **ss) { - mpmont pm, qm; + mpmont pm; + mpbarrett qb; mp *k1, *r; - mp *rrr, *ar; - - /* --- Create the Montgomery contexts --- */ - - mpmont_create(&pm, dp->p); - mpmont_create(&qm, dp->q); + mp *ar; /* --- Compute %$r = (g^k \bmod p) \bmod q$% --- */ - r = mpmont_exp(&pm, dp->g, k); + mpmont_create(&pm, dp->p); + r = mpmont_exp(&pm, MP_NEW, dp->g, k); + mpmont_destroy(&pm); mp_div(0, &r, r, dp->q); - *rr = r; /* --- Compute %$k^{-1} \bmod q$% --- */ - mp_gcd(0, 0, &k1, dp->q, (mp *)k); + k1 = mp_modinv(MP_NEW, k, dp->q); /* --- Now for %$k^{-1}(m + ar)$% --- */ - rrr = mpmont_mul(&qm, MP_NEW, r, qm.r2); - ar = mpmont_mul(&qm, MP_NEW, a, rrr); + mpbarrett_create(&qb, dp->q); + ar = mp_mul(MP_NEW, a, r); ar = mp_add(ar, ar, m); - if (MP_CMP(ar, >=, dp->q)) - ar = mp_sub(ar, ar, dp->q); - rrr = mpmont_mul(&qm, rrr, ar, qm.r2); - ar = mpmont_mul(&qm, ar, rrr, k1); + ar = mpbarrett_reduce(&qb, ar, ar); + ar = mp_mul(ar, ar, k1); + ar = mpbarrett_reduce(&qb, ar, ar); + mpbarrett_destroy(&qb); + MP_DROP(k1); + if (*rr) MP_DROP(*rr); + if (*ss) MP_DROP(*ss); + *rr = r; *ss = ar; - - /* --- Tidy things up a little --- */ - - mp_drop(rrr); - mp_drop(k1); - mpmont_destroy(&pm); - mpmont_destroy(&qm); } /* --- @dsa_sign@ --- * @@ -120,9 +106,9 @@ void dsa_sign(dsa_param *dp, mp *a, const void *m, size_t msz, const void *k, size_t ksz, void *r, size_t rsz, void *s, size_t ssz) { - mp *mm = mp_loadb(MP_NEW, m, msz); + mp *mm = dsa_h2n(MP_NEW, dp->q, m, msz); mp *km = mp_loadb(MP_NEW, k, ksz); - mp *rm, *sm; + mp *rm = MP_NEW, *sm = MP_NEW; dsa_mksig(dp, a, mm, km, &rm, &sm); mp_storeb(rm, r, rsz); mp_storeb(sm, s, ssz); @@ -182,7 +168,7 @@ static int verify(dstr *v) fputs("\ns = ", stderr); mp_writefile(m, stderr, 16); mp_drop(m); } - + fputc('\n', stderr); ok = 0; } @@ -191,6 +177,7 @@ static int verify(dstr *v) mp_drop(dp.q); mp_drop(dp.g); mp_drop(x); + assert(mparena_count(MPARENA_GLOBAL) == 0); return (ok); }