Lines Matching refs:dsa
27 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
28 static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
30 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
33 DSA_SIG *sig, DSA *dsa);
34 static int dsa_init(DSA *dsa);
35 static int dsa_finish(DSA *dsa);
73 DSA_SIG *ossl_dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
83 if (dsa->params.p == NULL
84 || dsa->params.q == NULL
85 || dsa->params.g == NULL) {
89 if (dsa->priv_key == NULL) {
102 ctx = BN_CTX_new_ex(dsa->libctx);
113 if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen))
116 if (dlen > BN_num_bytes(dsa->params.q))
119 * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
122 dlen = BN_num_bytes(dsa->params.q);
141 if (!BN_priv_rand_ex(blind, BN_num_bits(dsa->params.q) - 1,
150 if (!BN_mod_mul(tmp, blind, dsa->priv_key, dsa->params.q, ctx))
152 if (!BN_mod_mul(tmp, tmp, ret->r, dsa->params.q, ctx))
156 if (!BN_mod_mul(blindm, blind, m, dsa->params.q, ctx))
160 if (!BN_mod_add_quick(ret->s, tmp, blindm, dsa->params.q))
164 if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->params.q, ctx))
168 if (BN_mod_inverse(blind, blind, dsa->params.q, ctx) == NULL)
170 if (!BN_mod_mul(ret->s, ret->s, blind, dsa->params.q, ctx))
198 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
200 return ossl_dsa_do_sign_int(dgst, dlen, dsa);
203 static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in,
206 return dsa_sign_setup(dsa, ctx_in, kinvp, rp, NULL, 0);
209 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
219 if (!dsa->params.p || !dsa->params.q || !dsa->params.g) {
225 if (BN_is_zero(dsa->params.p)
226 || BN_is_zero(dsa->params.q)
227 || BN_is_zero(dsa->params.g)
228 || BN_is_negative(dsa->params.p)
229 || BN_is_negative(dsa->params.q)
230 || BN_is_negative(dsa->params.g)) {
234 if (dsa->priv_key == NULL) {
251 q_bits = BN_num_bits(dsa->params.q);
252 q_words = bn_get_top(dsa->params.q);
265 if (!BN_generate_dsa_nonce(k, dsa->params.q, dsa->priv_key, dgst,
268 } else if (!BN_priv_rand_range_ex(k, dsa->params.q, 0, ctx))
275 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
276 if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
277 dsa->lock, dsa->params.p, ctx))
296 if (!BN_add(l, k, dsa->params.q)
297 || !BN_add(k, l, dsa->params.q))
302 if ((dsa)->meth->bn_mod_exp != NULL) {
303 if (!dsa->meth->bn_mod_exp(dsa, r, dsa->params.g, k, dsa->params.p,
304 ctx, dsa->method_mont_p))
307 if (!BN_mod_exp_mont(r, dsa->params.g, k, dsa->params.p, ctx,
308 dsa->method_mont_p))
312 if (!BN_mod(r, r, dsa->params.q, ctx))
316 if ((kinv = dsa_mod_inverse_fermat(k, dsa->params.q, ctx)) == NULL)
334 DSA_SIG *sig, DSA *dsa)
342 if (dsa->params.p == NULL
343 || dsa->params.q == NULL
344 || dsa->params.g == NULL) {
349 i = BN_num_bits(dsa->params.q);
356 if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
370 BN_ucmp(r, dsa->params.q) >= 0) {
375 BN_ucmp(s, dsa->params.q) >= 0) {
383 if ((BN_mod_inverse(u2, s, dsa->params.q, ctx)) == NULL)
390 * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
398 if (!BN_mod_mul(u1, u1, u2, dsa->params.q, ctx))
402 if (!BN_mod_mul(u2, r, u2, dsa->params.q, ctx))
405 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
406 mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
407 dsa->lock, dsa->params.p, ctx);
412 if (dsa->meth->dsa_mod_exp != NULL) {
413 if (!dsa->meth->dsa_mod_exp(dsa, t1, dsa->params.g, u1, dsa->pub_key, u2,
414 dsa->params.p, ctx, mont))
417 if (!BN_mod_exp2_mont(t1, dsa->params.g, u1, dsa->pub_key, u2,
418 dsa->params.p, ctx, mont))
423 if (!BN_mod(u1, t1, dsa->params.q, ctx))
441 static int dsa_init(DSA *dsa)
443 dsa->flags |= DSA_FLAG_CACHE_MONT_P;
444 ossl_ffc_params_init(&dsa->params);
445 dsa->dirty_cnt++;
449 static int dsa_finish(DSA *dsa)
451 BN_MONT_CTX_free(dsa->method_mont_p);