|
|
@@ -34,7 +34,7 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
|
|
|
{
|
|
|
void *k, *kinv, *tmp;
|
|
|
unsigned char *buf;
|
|
|
- int err;
|
|
|
+ int err, qbits;
|
|
|
|
|
|
LTC_ARGCHK(in != NULL);
|
|
|
LTC_ARGCHK(r != NULL);
|
|
|
@@ -61,20 +61,15 @@ int dsa_sign_hash_raw(const unsigned char *in, unsigned long inlen,
|
|
|
/* Init our temps */
|
|
|
if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK) { goto ERRBUF; }
|
|
|
|
|
|
+ qbits = mp_count_bits(key->q);
|
|
|
retry:
|
|
|
|
|
|
do {
|
|
|
/* gen random k */
|
|
|
- if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) {
|
|
|
- err = CRYPT_ERROR_READPRNG;
|
|
|
- goto error;
|
|
|
- }
|
|
|
+ if ((err = rand_bn_bits(k, qbits, prng, wprng)) != CRYPT_OK) { goto error; }
|
|
|
|
|
|
- /* read k */
|
|
|
- if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK) { goto error; }
|
|
|
-
|
|
|
- /* k > 1 and k < q ? */
|
|
|
- if (mp_cmp_d(k, 1) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT) { goto retry; }
|
|
|
+ /* k should be from range: 1 <= k <= q-1 (see FIPS 186-4 B.2.2) */
|
|
|
+ if (mp_cmp_d(k, 0) != LTC_MP_GT || mp_cmp(k, key->q) != LTC_MP_LT) { goto retry; }
|
|
|
|
|
|
/* test gcd */
|
|
|
if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK) { goto error; }
|
Karel Miko