ltc sync (DSA)
Karel Miko
6 years ago
| 510 | 510 |
int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
|
| 511 | 511 |
int dsa_verify_key(dsa_key *key, int *stat);
|
| 512 | 512 |
#ifdef LTC_SOURCE
|
|
513 |
/* internal helper functions */
|
| 513 | 514 |
int dsa_int_validate_xy(dsa_key *key, int *stat);
|
| 514 | 515 |
int dsa_int_validate_pqg(dsa_key *key, int *stat);
|
| 515 | 516 |
int dsa_int_validate_primes(dsa_key *key, int *stat);
|
| 23 | 23 |
*/
|
| 24 | 24 |
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
|
| 25 | 25 |
{
|
| 26 | |
int err;
|
|
26 |
int err, stat;
|
| 27 | 27 |
unsigned long zero = 0;
|
| 28 | 28 |
unsigned char* tmpbuf = NULL;
|
| 29 | 29 |
unsigned char flags[1];
|
|
| 115 | 115 |
}
|
| 116 | 116 |
|
| 117 | 117 |
LBL_OK:
|
| 118 | |
key->qord = mp_unsigned_bin_size(key->q);
|
|
118 |
key->qord = mp_unsigned_bin_size(key->q);
|
| 119 | 119 |
|
| 120 | |
if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
| 121 | |
(unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
|
|
120 |
/* quick p, q, g validation, without primality testing */
|
|
121 |
if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
|
|
122 |
goto LBL_ERR;
|
|
123 |
}
|
|
124 |
if (stat == 0) {
|
|
125 |
err = CRYPT_INVALID_PACKET;
|
|
126 |
goto LBL_ERR;
|
|
127 |
}
|
|
128 |
/* validate x, y */
|
|
129 |
if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) {
|
|
130 |
goto LBL_ERR;
|
|
131 |
}
|
|
132 |
if (stat == 0) {
|
| 122 | 133 |
err = CRYPT_INVALID_PACKET;
|
| 123 | 134 |
goto LBL_ERR;
|
| 124 | 135 |
}
|
| 44 | 44 |
|
| 45 | 45 |
key->qord = mp_unsigned_bin_size(key->q);
|
| 46 | 46 |
|
| 47 | |
if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
| 48 | |
(unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
|
| 49 | |
err = CRYPT_INVALID_PACKET;
|
| 50 | |
goto LBL_ERR;
|
| 51 | |
}
|
| 52 | |
|
| 53 | 47 |
/* do only a quick validation, without primality testing */
|
| 54 | 48 |
if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) { goto LBL_ERR; }
|
| 55 | 49 |
if (stat == 0) {
|
| 56 | |
err = CRYPT_INVALID_ARG;
|
|
50 |
err = CRYPT_INVALID_PACKET;
|
| 57 | 51 |
goto LBL_ERR;
|
| 58 | 52 |
}
|
| 59 | 53 |
|
|
| 99 | 93 |
|
| 100 | 94 |
if ((err = dsa_int_validate_xy(key, &stat)) != CRYPT_OK) { goto LBL_ERR; }
|
| 101 | 95 |
if (stat == 0) {
|
| 102 | |
err = CRYPT_INVALID_ARG;
|
|
96 |
err = CRYPT_INVALID_PACKET;
|
| 103 | 97 |
goto LBL_ERR;
|
| 104 | 98 |
}
|
| 105 | 99 |
|
| 23 | 23 |
int dsa_set_pqg_dsaparam(const unsigned char *dsaparam, unsigned long dsaparamlen,
|
| 24 | 24 |
dsa_key *key)
|
| 25 | 25 |
{
|
| 26 | |
int err;
|
|
26 |
int err, stat;
|
| 27 | 27 |
|
| 28 | 28 |
LTC_ARGCHK(dsaparam != NULL);
|
| 29 | 29 |
LTC_ARGCHK(key != NULL);
|
|
| 43 | 43 |
|
| 44 | 44 |
key->qord = mp_unsigned_bin_size(key->q);
|
| 45 | 45 |
|
| 46 | |
if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
| 47 | |
(unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
|
|
46 |
/* quick p, q, g validation, without primality testing */
|
|
47 |
if ((err = dsa_int_validate_pqg(key, &stat)) != CRYPT_OK) {
|
|
48 |
goto LBL_ERR;
|
|
49 |
}
|
|
50 |
if (stat == 0) {
|
| 48 | 51 |
err = CRYPT_INVALID_PACKET;
|
| 49 | 52 |
goto LBL_ERR;
|
| 50 | 53 |
}
|
|
54 |
|
| 51 | 55 |
return CRYPT_OK;
|
| 52 | 56 |
|
| 53 | 57 |
LBL_ERR:
|
| 51 | 51 |
void *tmp1, *tmp2;
|
| 52 | 52 |
int err;
|
| 53 | 53 |
|
| 54 | |
*stat = 0;
|
| 55 | 54 |
LTC_ARGCHK(key != NULL);
|
| 56 | 55 |
LTC_ARGCHK(stat != NULL);
|
|
56 |
*stat = 0;
|
|
57 |
|
|
58 |
/* check q-order */
|
|
59 |
if ( key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
|
60 |
(unsigned long)key->qord >= mp_unsigned_bin_size(key->p) ||
|
|
61 |
(mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA ) {
|
|
62 |
err = CRYPT_OK;
|
|
63 |
goto error;
|
|
64 |
}
|
| 57 | 65 |
|
| 58 | 66 |
/* FIPS 186-4 chapter 4.1: 1 < g < p */
|
| 59 | 67 |
if (mp_cmp_d(key->g, 1) != LTC_MP_GT || mp_cmp(key->g, key->p) != LTC_MP_LT) {
|
|
| 82 | 90 |
err = CRYPT_OK;
|
| 83 | 91 |
*stat = 1;
|
| 84 | 92 |
error:
|
| 85 | |
mp_clear_multi(tmp1, tmp2, NULL);
|
|
93 |
mp_clear_multi(tmp2, tmp1, NULL);
|
| 86 | 94 |
return err;
|
| 87 | 95 |
}
|
| 88 | 96 |
|
|
| 102 | 110 |
LTC_ARGCHK(stat != NULL);
|
| 103 | 111 |
|
| 104 | 112 |
/* key->q prime? */
|
| 105 | |
if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) {
|
|
113 |
if ((err = mp_prime_is_prime(key->q, LTC_MILLER_RABIN_REPS, &res)) != CRYPT_OK) {
|
| 106 | 114 |
return err;
|
| 107 | 115 |
}
|
| 108 | 116 |
if (res == LTC_MP_NO) {
|
|
| 110 | 118 |
}
|
| 111 | 119 |
|
| 112 | 120 |
/* key->p prime? */
|
| 113 | |
if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) {
|
|
121 |
if ((err = mp_prime_is_prime(key->p, LTC_MILLER_RABIN_REPS, &res)) != CRYPT_OK) {
|
| 114 | 122 |
return err;
|
| 115 | 123 |
}
|
| 116 | 124 |
if (res == LTC_MP_NO) {
|