12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- #include "os.h"
- #include <mp.h>
- #include <libsec.h>
- EGsig*
- egsign(EGpriv *priv, mpint *m)
- {
- EGpub *pub = &priv->pub;
- EGsig *sig;
- mpint *pm1, *k, *kinv, *r, *s;
- mpint *p = pub->p, *alpha = pub->alpha;
- int plen = mpsignif(p);
- pm1 = mpnew(0);
- kinv = mpnew(0);
- r = mpnew(0);
- s = mpnew(0);
- k = mpnew(0);
- mpsub(p, mpone, pm1);
- while(1){
- mprand(plen, genrandom, k);
- if((mpcmp(mpone, k) > 0) || (mpcmp(k, pm1) >= 0))
- continue;
- mpextendedgcd(k, pm1, r, kinv, s);
- if(mpcmp(r, mpone) != 0)
- continue;
- break;
- }
- mpmod(kinv, pm1, kinv); // make kinv positive
- mpexp(alpha, k, p, r);
- mpmul(priv->secret, r, s);
- mpmod(s, pm1, s);
- mpsub(m, s, s);
- mpmul(kinv, s, s);
- mpmod(s, pm1, s);
- sig = egsigalloc();
- sig->r = r;
- sig->s = s;
- mpfree(pm1);
- mpfree(k);
- mpfree(kinv);
- return sig;
- }
|