1*3ff48bf5SDavid du Colombier #include "os.h" 2*3ff48bf5SDavid du Colombier #include <mp.h> 3*3ff48bf5SDavid du Colombier #include <libsec.h> 4*3ff48bf5SDavid du Colombier 5*3ff48bf5SDavid du Colombier DSAsig* 6*3ff48bf5SDavid du Colombier dsasign(DSApriv *priv, mpint *m) 7*3ff48bf5SDavid du Colombier { 8*3ff48bf5SDavid du Colombier DSApub *pub = &priv->pub; 9*3ff48bf5SDavid du Colombier DSAsig *sig; 10*3ff48bf5SDavid du Colombier mpint *qm1, *k, *kinv, *r, *s; 11*3ff48bf5SDavid du Colombier mpint *q = pub->q, *p = pub->p, *alpha = pub->alpha; 12*3ff48bf5SDavid du Colombier int qlen = mpsignif(q); 13*3ff48bf5SDavid du Colombier 14*3ff48bf5SDavid du Colombier qm1 = mpnew(0); 15*3ff48bf5SDavid du Colombier kinv = mpnew(0); 16*3ff48bf5SDavid du Colombier r = mpnew(0); 17*3ff48bf5SDavid du Colombier s = mpnew(0); 18*3ff48bf5SDavid du Colombier k = mpnew(0); 19*3ff48bf5SDavid du Colombier mpsub(pub->q, mpone, qm1); 20*3ff48bf5SDavid du Colombier 21*3ff48bf5SDavid du Colombier // find a k that has an inverse mod q 22*3ff48bf5SDavid du Colombier while(1){ 23*3ff48bf5SDavid du Colombier mprand(qlen, genrandom, k); 24*3ff48bf5SDavid du Colombier if((mpcmp(mpone, k) > 0) || (mpcmp(k, qm1) >= 0)) 25*3ff48bf5SDavid du Colombier continue; 26*3ff48bf5SDavid du Colombier mpextendedgcd(k, q, r, kinv, s); 27*3ff48bf5SDavid du Colombier if(mpcmp(r, mpone) != 0) 28*3ff48bf5SDavid du Colombier continue; 29*3ff48bf5SDavid du Colombier break; 30*3ff48bf5SDavid du Colombier } 31*3ff48bf5SDavid du Colombier 32*3ff48bf5SDavid du Colombier // make kinv positive 33*3ff48bf5SDavid du Colombier mpmod(kinv, qm1, kinv); 34*3ff48bf5SDavid du Colombier 35*3ff48bf5SDavid du Colombier // r = ((alpha**k) mod p) mod q 36*3ff48bf5SDavid du Colombier mpexp(alpha, k, p, r); 37*3ff48bf5SDavid du Colombier mpmod(r, q, r); 38*3ff48bf5SDavid du Colombier 39*3ff48bf5SDavid du Colombier // s = (kinv*(m + ar)) mod q 40*3ff48bf5SDavid du Colombier mpmul(r, priv->secret, s); 41*3ff48bf5SDavid du Colombier mpadd(s, m, s); 42*3ff48bf5SDavid du Colombier mpmul(s, kinv, s); 43*3ff48bf5SDavid du Colombier mpmod(s, q, s); 44*3ff48bf5SDavid du Colombier 45*3ff48bf5SDavid du Colombier sig = dsasigalloc(); 46*3ff48bf5SDavid du Colombier sig->r = r; 47*3ff48bf5SDavid du Colombier sig->s = s; 48*3ff48bf5SDavid du Colombier mpfree(qm1); 49*3ff48bf5SDavid du Colombier mpfree(k); 50*3ff48bf5SDavid du Colombier mpfree(kinv); 51*3ff48bf5SDavid du Colombier return sig; 52*3ff48bf5SDavid du Colombier } 53