X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/8b810a45dec25017a6256e4ef134236444a00921..ab9168949ec2762698d6293adf17b637f30b891e:/dsa-verify.c diff --git a/dsa-verify.c b/dsa-verify.c index 217cede..90895b4 100644 --- a/dsa-verify.c +++ b/dsa-verify.c @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: dsa-verify.c,v 1.1 1999/11/19 19:28:00 mdw Exp $ + * $Id: dsa-verify.c,v 1.7 2004/04/08 01:36:15 mdw Exp $ * * DSA signature verification * * (c) 1999 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,26 +15,18 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. */ -/*----- Revision history --------------------------------------------------* - * - * $Log: dsa-verify.c,v $ - * Revision 1.1 1999/11/19 19:28:00 mdw - * Implementation of the Digital Signature Algorithm. - * - */ - /*----- Header files ------------------------------------------------------*/ #include "dsa.h" @@ -46,23 +38,20 @@ /* --- @dsa_vrfy@ --- * * * Arguments: @const dsa_param *dp@ = pointer to DSA parameters - * @const mp *y@ = public verification key - * @const mp *m@ = message which was signed - * @const mp *r, *s@ = the signature + * @mp *y@ = public verification key + * @mp *m@ = message which was signed + * @mp *r, *s@ = the signature * * Returns: Zero if the signature is a forgery, nonzero if it's valid. * * Use: Verifies a DSA digital signature. */ -#define SHOW(x) do { fputs(#x " = ", stdout); mp_writefile(x, stdout, 16); fputc('\n', stdout); } while (0) - -int dsa_vrfy(const dsa_param *dp, const mp *y, - const mp *m, const mp *r, const mp *s) +int dsa_vrfy(const dsa_param *dp, mp *y, mp *m, mp *r, mp *s) { mpmont pm, qm; mp *w; - mpmont_factor f[2]; + mp_expfactor f[2]; int ok; /* --- Ensure that all of the signature bits are in range --- */ @@ -80,13 +69,12 @@ int dsa_vrfy(const dsa_param *dp, const mp *y, /* --- Compute %$w = s^{-1} \bmod q$% --- */ { - mp *z; - mp_gcd(0, 0, &z, dp->q, (mp *)s); + mp *z = mp_modinv(MP_NEW, s, dp->q); w = mpmont_mul(&qm, MP_NEW, z, qm.r2); mp_drop(z); } - /* --- Compute %$wr%$ and %$wm$% --- */ + /* --- Compute %$wr$% and %$wm$% --- */ f[0].exp = mpmont_mul(&qm, MP_NEW, w, m); f[1].exp = mpmont_mul(&qm, MP_NEW, w, r); @@ -96,10 +84,10 @@ int dsa_vrfy(const dsa_param *dp, const mp *y, /* --- Do the exponentiation and take residue mod @q@ --- */ f[0].base = dp->g; - f[1].base = (mp *)y; - w = mpmont_mexp(&pm, f, 2); + f[1].base = y; + w = mpmont_mexp(&pm, MP_NEW, f, 2); mp_div(0, &w, w, dp->q); - ok = MP_CMP(w, ==, r); + ok = MP_EQ(w, r); /* --- Tidy up --- */ @@ -113,7 +101,7 @@ int dsa_vrfy(const dsa_param *dp, const mp *y, /* --- @dsa_verify@ --- * * * Arguments: @const dsa_param *dp@ = pointer to DSA parameters - * @const mp *y@ = public verification key + * @mp *y@ = public verification key * @const void *m@ = pointer to message block * @size_t msz@ = size of message block * @const void *r@ = pointer to @r@ signature half @@ -126,12 +114,12 @@ int dsa_vrfy(const dsa_param *dp, const mp *y, * Use: Verifies a DSA digital signature. */ -int dsa_verify(const dsa_param *dp, const mp *y, +int dsa_verify(const dsa_param *dp, mp *y, const void *m, size_t msz, const void *r, size_t rsz, const void *s, size_t ssz) { - mp *mm = mp_loadb(MP_NEW, m, msz); + mp *mm = dsa_h2n(MP_NEW, dp->q, m, msz); mp *rm = mp_loadb(MP_NEW, r, rsz); mp *sm = mp_loadb(MP_NEW, s, ssz); int ok = dsa_vrfy(dp, y, mm, rm, sm); @@ -190,6 +178,7 @@ static int verify(int good, dstr *v) mp_drop(dp.q); mp_drop(dp.g); mp_drop(y); + assert(mparena_count(MPARENA_GLOBAL) == 0); return (ok); }