DSA: properly handle FIPS 186-4 (4.6 + 4.7)
Karel Miko
7 years ago
83 | 83 | |
84 | 84 | if (mp_iszero(r) == LTC_MP_YES) { goto retry; } |
85 | 85 | |
86 | /* FIPS 186-4 4.6: use leftmost min(bitlen(q), bitlen(hash)) */ | |
87 | if (inlen > key->qord) inlen = key->qord; | |
88 | ||
86 | 89 | /* now find s = (in + xr)/k mod q */ |
87 | 90 | if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } |
88 | 91 | if ((err = mp_mul(key->x, r, s)) != CRYPT_OK) { goto error; } |