dsa_encrypt_key small correction
Karel Miko
10 years ago
36 | 36 | unsigned char *expt, *skey; |
37 | 37 | void *g_pub, *g_priv; |
38 | 38 | unsigned long x, y; |
39 | int err; | |
39 | int err, qbits; | |
40 | 40 | |
41 | 41 | LTC_ARGCHK(in != NULL); |
42 | 42 | LTC_ARGCHK(out != NULL); |
74 | 74 | return CRYPT_MEM; |
75 | 75 | } |
76 | 76 | |
77 | /* make a random x, g^x pair */ | |
78 | x = mp_unsigned_bin_size(key->q); | |
79 | if (prng_descriptor[wprng].read(expt, x, prng) != x) { | |
80 | err = CRYPT_ERROR_READPRNG; | |
81 | goto LBL_ERR; | |
82 | } | |
83 | ||
84 | /* load x */ | |
85 | if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) { | |
86 | goto LBL_ERR; | |
87 | } | |
88 | ||
77 | /* make a random g_priv, g_pub = g^x pair */ | |
78 | qbits = mp_count_bits(key->q); | |
79 | do { | |
80 | if ((err = rand_bn_bits(g_priv, qbits, prng, wprng)) != CRYPT_OK) { | |
81 | goto LBL_ERR; | |
82 | } | |
83 | /* private key x should be from range: 1 <= x <= q-1 (see FIPS 186-4 B.1.2) */ | |
84 | } while (mp_cmp_d(g_priv, 0) != LTC_MP_GT || mp_cmp(g_priv, key->q) != LTC_MP_LT); | |
85 | ||
89 | 86 | /* compute y */ |
90 | 87 | if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) { |
91 | 88 | goto LBL_ERR; |