ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-06-26 18:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- refactored random mp_int generation and byte->mp_int code

Browse Source 
- added RSA blinding

--HG--
extra : convert_revision : 5d5b4657a24a1c8f53c6fc45d5ec29ddb85fb45a
This commit is contained in:
Matt Johnston
2005-05-05 03:58:21 +00:00
parent 298a5717bc
commit cf585ba1de
9 changed files with 115 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
dss.c
View File

@@ -190,10 +190,8 @@ int buf_dss_verify(buffer* buf, dss_key *key, const unsigned char* data,
/* create the signature - s' and r' are the received signatures in buf */
/* w = (s')-1 mod q */
/* let val1 = s' */
if (mp_read_unsigned_bin(&val1, &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE)
!= MP_OKAY) {
goto out;
}
bytes_to_mp(&val1, &string[SHA1_HASH_SIZE], SHA1_HASH_SIZE);
if (mp_cmp(&val1, key->q) != MP_LT) {
TRACE(("verify failed, s' >= q"))
goto out;
@@ -205,9 +203,8 @@ int buf_dss_verify(buffer* buf, dss_key *key, const unsigned char* data,
/* u1 = ((SHA(M')w) mod q */
/* let val1 = SHA(M') = msghash */
if (mp_read_unsigned_bin(&val1, msghash, SHA1_HASH_SIZE) != MP_OKAY) {
goto out;
}
bytes_to_mp(&val1, msghash, SHA1_HASH_SIZE);
/* let val3 = u1 = ((SHA(M')w) mod q */
if (mp_mulmod(&val1, &val2, key->q, &val3) != MP_OKAY) {
goto out;
@@ -215,10 +212,7 @@ int buf_dss_verify(buffer* buf, dss_key *key, const unsigned char* data,
/* u2 = ((r')w) mod q */
/* let val1 = r' */
if (mp_read_unsigned_bin(&val1, &string[0], SHA1_HASH_SIZE)
!= MP_OKAY) {
goto out;
}
bytes_to_mp(&val1, &string[0], SHA1_HASH_SIZE);
if (mp_cmp(&val1, key->q) != MP_LT) {
TRACE(("verify failed, r' >= q"))
goto out;
@@ -306,8 +300,6 @@ void buf_put_dss_sign(buffer* buf, dss_key *key, const unsigned char* data,
unsigned char *privkeytmp;
unsigned char proto_k[SHA512_HASH_SIZE];
DEF_MP_INT(dss_protok);
#else
unsigned char kbuf[SHA1_HASH_SIZE];
#endif
DEF_MP_INT(dss_k);
DEF_MP_INT(dss_m);
@@ -345,22 +337,16 @@ void buf_put_dss_sign(buffer* buf, dss_key *key, const unsigned char* data,
/* generate k */
m_mp_init(&dss_protok);
bytestomp(&dss_protok, proto_k, SHA512_HASH_SIZE);
bytes_to_mp(&dss_protok, proto_k, SHA512_HASH_SIZE);
mp_mod(&dss_protok, key->q, &dss_k);
mp_clear(&dss_protok);
m_burn(proto_k, SHA512_HASH_SIZE);
#else /* DSS_PROTOK not defined*/
do {
genrandom(kbuf, SHA1_HASH_SIZE);
if (mp_read_unsigned_bin(&dss_k, kbuf, SHA1_HASH_SIZE) != MP_OKAY) {
dropbear_exit("dss error");
}
} while (mp_cmp(&dss_k, key->q) == MP_GT || mp_cmp_d(&dss_k, 0) != MP_GT);
m_burn(kbuf, SHA1_HASH_SIZE);
gen_random_mpint(key->q, &dss_k);
#endif
/* now generate the actual signature */
bytestomp(&dss_m, msghash, SHA1_HASH_SIZE);
bytes_to_mp(&dss_m, msghash, SHA1_HASH_SIZE);
/* g^k mod p */
if (mp_exptmod(key->g, &dss_k, key->p, &dss_temp1) != MP_OKAY) {