dsa_encrypt_key small correction
Karel Miko
10 years ago
| 36 | 36 | unsigned char *expt, *skey; |
| 37 | 37 | void *g_pub, *g_priv; |
| 38 | 38 | unsigned long x, y; |
| 39 | int err; | |
| 39 | int err, qbits; | |
| 40 | 40 | |
| 41 | 41 | LTC_ARGCHK(in != NULL); |
| 42 | 42 | LTC_ARGCHK(out != NULL); |
| 74 | 74 | return CRYPT_MEM; |
| 75 | 75 | } |
| 76 | 76 | |
| 77 | /* make a random x, g^x pair */ | |
| 78 | x = mp_unsigned_bin_size(key->q); | |
| 79 | if (prng_descriptor[wprng].read(expt, x, prng) != x) { | |
| 80 | err = CRYPT_ERROR_READPRNG; | |
| 81 | goto LBL_ERR; | |
| 82 | } | |
| 83 | ||
| 84 | /* load x */ | |
| 85 | if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) { | |
| 86 | goto LBL_ERR; | |
| 87 | } | |
| 88 | ||
| 77 | /* make a random g_priv, g_pub = g^x pair */ | |
| 78 | qbits = mp_count_bits(key->q); | |
| 79 | do { | |
| 80 | if ((err = rand_bn_bits(g_priv, qbits, prng, wprng)) != CRYPT_OK) { | |
| 81 | goto LBL_ERR; | |
| 82 | } | |
| 83 | /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ | |
| 84 | } while (mp_cmp_d(g_priv, 0) != LTC_MP_GT || mp_cmp(g_priv, key->q) != LTC_MP_LT); | |
| 85 | ||
| 89 | 86 | /* compute y */ |
| 90 | 87 | if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { |
| 91 | 88 | goto LBL_ERR; |