introducing dsa_verify_key_ex
This commit is contained in:
parent
2505e3b609
commit
053ba6d600
@ -479,7 +479,9 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen,
|
||||
int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
|
||||
int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
|
||||
int dsa_verify_key(dsa_key *key, int *stat);
|
||||
|
||||
#ifdef LTC_SOURCE
|
||||
int dsa_verify_key_ex(dsa_key *key, int *stat, int mode);
|
||||
#endif
|
||||
int dsa_shared_secret(void *private_key, void *base,
|
||||
dsa_key *public_key,
|
||||
unsigned char *out, unsigned long *outlen);
|
||||
|
@ -45,12 +45,6 @@ int dsa_set_pqg(const unsigned char *p, unsigned long plen,
|
||||
|
||||
key->qord = mp_unsigned_bin_size(key->q);
|
||||
|
||||
/* just a quick, basic test - use dsa_verify_key if you want more */
|
||||
if (mp_cmp_d(key->p, 1) != LTC_MP_GT || mp_cmp_d(key->g, 1) != LTC_MP_GT || mp_cmp_d(key->q, 1) != LTC_MP_GT) {
|
||||
err= CRYPT_INVALID_ARG;
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
if (key->qord >= LTC_MDSA_MAX_GROUP || key->qord <= 15 ||
|
||||
(unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= LTC_MDSA_DELTA) {
|
||||
err = CRYPT_INVALID_PACKET;
|
||||
@ -76,7 +70,7 @@ LBL_ERR:
|
||||
*/
|
||||
int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key *key)
|
||||
{
|
||||
int err;
|
||||
int err, stat = 0;
|
||||
|
||||
LTC_ARGCHK(key != NULL);
|
||||
LTC_ARGCHK(key->x != NULL);
|
||||
@ -89,19 +83,17 @@ int dsa_set_key(const unsigned char *in, unsigned long inlen, int type, dsa_key
|
||||
if (type == PK_PRIVATE) {
|
||||
key->type = PK_PRIVATE;
|
||||
if ((err = mp_read_unsigned_bin(key->x, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; }
|
||||
if (mp_cmp_d(key->x, 1) != LTC_MP_GT) {
|
||||
err= CRYPT_INVALID_ARG;
|
||||
goto LBL_ERR;
|
||||
}
|
||||
if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK) { goto LBL_ERR; }
|
||||
}
|
||||
else {
|
||||
key->type = PK_PUBLIC;
|
||||
if ((err = mp_read_unsigned_bin(key->y, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; }
|
||||
if (mp_cmp_d(key->y, 1) != LTC_MP_GT || mp_cmp(key->y, key->p) != LTC_MP_LT) {
|
||||
err= CRYPT_INVALID_ARG;
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
if ((err = dsa_verify_key_ex(key, &stat, 0)) != CRYPT_OK) { goto LBL_ERR; }
|
||||
if (stat == 0) {
|
||||
err = CRYPT_INVALID_ARG;
|
||||
goto LBL_ERR;
|
||||
}
|
||||
|
||||
return CRYPT_OK;
|
||||
|
@ -22,6 +22,11 @@
|
||||
@return CRYPT_OK if successful
|
||||
*/
|
||||
int dsa_verify_key(dsa_key *key, int *stat)
|
||||
{
|
||||
return dsa_verify_key_ex(key, stat, 1); /* 1 = full check */
|
||||
}
|
||||
|
||||
int dsa_verify_key_ex(dsa_key *key, int *stat, int mode)
|
||||
{
|
||||
void *tmp, *tmp2;
|
||||
int res, err;
|
||||
@ -32,6 +37,7 @@ int dsa_verify_key(dsa_key *key, int *stat)
|
||||
/* default to an invalid key */
|
||||
*stat = 0;
|
||||
|
||||
if (mode == 1) {
|
||||
/* first make sure key->q and key->p are prime */
|
||||
if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) {
|
||||
return err;
|
||||
@ -46,6 +52,7 @@ int dsa_verify_key(dsa_key *key, int *stat)
|
||||
if (res == 0) {
|
||||
return CRYPT_OK;
|
||||
}
|
||||
}
|
||||
|
||||
/* now make sure that g is not -1, 0 or 1 and <p */
|
||||
if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) {
|
||||
|
Loading…
Reference in New Issue
Block a user