DSA sign improvement

This commit is contained in:
Karel Miko 2014-01-13 12:59:02 +01:00 committed by Steffen Jaeckel
parent 3908c70d68
commit 67a547086c
2 changed files with 6 additions and 11 deletions

View File

@ -107,7 +107,7 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
qbits = mp_count_bits(key->q);
do {
if ((err = rand_bn_bits(key->x, qbits, prng, wprng)) != CRYPT_OK) { goto error; }
/* private key x should be from range: 1 <= x <= q-1 */
/* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */
} while (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT);
if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; }

View File

@ -34,7 +34,7 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
{
void *k, *kinv, *tmp;
unsigned char *buf;
int err;
int err, qbits;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(r != NULL);
@ -61,20 +61,15 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
/* Init our temps */
if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK) { goto ERRBUF; }
qbits = mp_count_bits(key->q);
retry:
do {
/* gen random k */
if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) {
err = CRYPT_ERROR_READPRNG;
goto error;
}
if ((err = rand_bn_bits(k, qbits, prng, wprng)) != CRYPT_OK) { goto error; }
/* read k */
if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; }
/* k > 1 and k < q ? */
if (mp_cmp_d(k, 1) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT) { goto retry; }
/* k should be from range: 1 <= k <= q-1 (see FIPS 186-4 B.2.2) */
if (mp_cmp_d(k, 0) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT) { goto retry; }
/* test gcd */
if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; }