1 /* crypto/dsa/dsa_ossl.c */
64 #include <openssl/dsa.h>
70 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
71 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
74                          DSA_SIG *sig, DSA *dsa);
75 static int dsa_init(DSA *dsa);
76 static int dsa_finish(DSA *dsa);
98  *     if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
99  *                 dsa->method_mont_p)) goto err;
103  *     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
104  *                 dsa->method_mont_p);
107 # define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
110         if ((dsa)->meth->dsa_mod_exp) \
111                 _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
118 # define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
121         if ((dsa)->meth->bn_mod_exp) \
122                 _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
134 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
146     if (!dsa->p || !dsa->q || !dsa->g) {
155     i = BN_num_bytes(dsa->q);   /* should be 20 */
165     if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
166         if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
169         kinv = dsa->kinv;
170         dsa->kinv = NULL;
171         r = dsa->r;
172         dsa->r = NULL;
179     if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))
183     if (BN_cmp(s, dsa->q) > 0)
184         if (!BN_sub(s, s, dsa->q))
186     if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
205     if (kinv != NULL)           /* dsa->kinv is NULL now if we used it */
210 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
217     if (!dsa->p || !dsa->q || !dsa->g) {
236         if (!BN_rand_range(&k, dsa->q))
240     if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
245     if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
246         if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
247                                     CRYPTO_LOCK_DSA, dsa->p, ctx))
253     if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
266         if (!BN_add(&kq, &kq, dsa->q))
268         if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
269             if (!BN_add(&kq, &kq, dsa->q))
278     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
279                    dsa->method_mont_p);
280     if (!BN_mod(r, r, dsa->q, ctx))
284     if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
313                          DSA_SIG *sig, DSA *dsa)
319     if (!dsa->p || !dsa->q || !dsa->g) {
324     if (BN_num_bits(dsa->q) != 160) {
329     if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
342         BN_ucmp(sig->r, dsa->q) >= 0) {
347         BN_ucmp(sig->s, dsa->q) >= 0) {
355     if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
363     if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
367     if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
370     if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
371         mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
372                                       CRYPTO_LOCK_DSA, dsa->p, ctx);
377     DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p,
381     if (!BN_mod(&u1, &t1, dsa->q, ctx))
404 static int dsa_init(DSA *dsa)
406     dsa->flags |= DSA_FLAG_CACHE_MONT_P;
410 static int dsa_finish(DSA *dsa)
412     if (dsa->method_mont_p)
413         BN_MONT_CTX_free(dsa->method_mont_p);

Indexes created Thu Jun 20 12:38:36 MDT 2024