tuning DSA key generation
Karel Miko
10 years ago
28 | 28 | int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key) |
29 | 29 | { |
30 | 30 | void *tmp, *tmp2; |
31 | int err, res, q_size; | |
31 | int err, res, qbits; | |
32 | 32 | unsigned char *buf; |
33 | 33 | |
34 | 34 | LTC_ARGCHK(key != NULL); |
103 | 103 | /* so now we have our DH structure, generator g, order q, modulus p |
104 | 104 | Now we need a random exponent [mod q] and it's power g^x mod p |
105 | 105 | */ |
106 | q_size = mp_unsigned_bin_size(key->q); | |
106 | qbits = mp_count_bits(key->q); | |
107 | 107 | do { |
108 | if (prng_descriptor[wprng].read(buf, q_size, prng) != (unsigned long)q_size) { | |
109 | err = CRYPT_ERROR_READPRNG; | |
110 | goto error; | |
111 | } | |
112 | if ((err = mp_read_unsigned_bin(key->x, buf, q_size)) != CRYPT_OK) { goto error; } | |
113 | } while (mp_cmp_d(key->x, 1) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT); | |
108 | if ((err = rand_bn_bits(key->x, qbits, prng, wprng)) != CRYPT_OK) { goto error; } | |
109 | /* private key x should be from range: 1 <= x <= q-1 */ | |
110 | } while (mp_cmp_d(key->x, 0) != LTC_MP_GT || mp_cmp(key->x, key->q) != LTC_MP_LT); | |
114 | 111 | if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto error; } |
115 | 112 | |
116 | 113 | key->type = PK_PRIVATE; |