1*3ff48bf5SDavid du Colombier #include "os.h"
2*3ff48bf5SDavid du Colombier #include <mp.h>
3*3ff48bf5SDavid du Colombier #include <libsec.h>
4*3ff48bf5SDavid du Colombier
5*3ff48bf5SDavid du Colombier DSApriv*
dsagen(DSApub * opub)6*3ff48bf5SDavid du Colombier dsagen(DSApub *opub)
7*3ff48bf5SDavid du Colombier {
8*3ff48bf5SDavid du Colombier DSApub *pub;
9*3ff48bf5SDavid du Colombier DSApriv *priv;
10*3ff48bf5SDavid du Colombier mpint *exp;
11*3ff48bf5SDavid du Colombier mpint *g;
12*3ff48bf5SDavid du Colombier mpint *r;
13*3ff48bf5SDavid du Colombier int bits;
14*3ff48bf5SDavid du Colombier
15*3ff48bf5SDavid du Colombier priv = dsaprivalloc();
16*3ff48bf5SDavid du Colombier pub = &priv->pub;
17*3ff48bf5SDavid du Colombier
18*3ff48bf5SDavid du Colombier if(opub != nil){
19*3ff48bf5SDavid du Colombier pub->p = mpcopy(opub->p);
20*3ff48bf5SDavid du Colombier pub->q = mpcopy(opub->q);
21*3ff48bf5SDavid du Colombier } else {
22*3ff48bf5SDavid du Colombier pub->p = mpnew(0);
23*3ff48bf5SDavid du Colombier pub->q = mpnew(0);
24*3ff48bf5SDavid du Colombier DSAprimes(pub->q, pub->p, nil);
25*3ff48bf5SDavid du Colombier }
26*3ff48bf5SDavid du Colombier bits = Dbits*pub->p->top;
27*3ff48bf5SDavid du Colombier
28*3ff48bf5SDavid du Colombier pub->alpha = mpnew(0);
29*3ff48bf5SDavid du Colombier pub->key = mpnew(0);
30*3ff48bf5SDavid du Colombier priv->secret = mpnew(0);
31*3ff48bf5SDavid du Colombier
32*3ff48bf5SDavid du Colombier // find a generator alpha of the multiplicative
33*3ff48bf5SDavid du Colombier // group Z*p, i.e., of order n = p-1. We use the
34*3ff48bf5SDavid du Colombier // fact that q divides p-1 to reduce the exponent.
35*3ff48bf5SDavid du Colombier exp = mpnew(0);
36*3ff48bf5SDavid du Colombier g = mpnew(0);
37*3ff48bf5SDavid du Colombier r = mpnew(0);
38*3ff48bf5SDavid du Colombier mpsub(pub->p, mpone, exp);
39*3ff48bf5SDavid du Colombier mpdiv(exp, pub->q, exp, r);
40*3ff48bf5SDavid du Colombier if(mpcmp(r, mpzero) != 0)
41*3ff48bf5SDavid du Colombier sysfatal("dsagen foul up");
42*3ff48bf5SDavid du Colombier while(1){
43*3ff48bf5SDavid du Colombier mprand(bits, genrandom, g);
44*3ff48bf5SDavid du Colombier mpmod(g, pub->p, g);
45*3ff48bf5SDavid du Colombier mpexp(g, exp, pub->p, pub->alpha);
46*3ff48bf5SDavid du Colombier if(mpcmp(pub->alpha, mpone) != 0)
47*3ff48bf5SDavid du Colombier break;
48*3ff48bf5SDavid du Colombier }
49*3ff48bf5SDavid du Colombier mpfree(g);
50*3ff48bf5SDavid du Colombier mpfree(exp);
51*3ff48bf5SDavid du Colombier
52*3ff48bf5SDavid du Colombier // create the secret key
53*3ff48bf5SDavid du Colombier mprand(bits, genrandom, priv->secret);
54*3ff48bf5SDavid du Colombier mpmod(priv->secret, pub->p, priv->secret);
55*3ff48bf5SDavid du Colombier mpexp(pub->alpha, priv->secret, pub->p, pub->key);
56*3ff48bf5SDavid du Colombier
57*3ff48bf5SDavid du Colombier return priv;
58*3ff48bf5SDavid du Colombier }
59