Lines Matching full:dsa
11 * DSA low level APIs are deprecated for public use, but still ok for
27 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
28 static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
30 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
33 DSA_SIG *sig, DSA *dsa);
34 static int dsa_init(DSA *dsa);
35 static int dsa_finish(DSA *dsa);
40 "OpenSSL DSA method",
73 DSA_SIG *ossl_dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
83 if (dsa->params.p == NULL
84 || dsa->params.q == NULL
85 || dsa->params.g == NULL) {
89 if (dsa->priv_key == NULL) {
102 ctx = BN_CTX_new_ex(dsa->libctx);
113 if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen))
116 if (dlen > BN_num_bytes(dsa->params.q))
119 * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
122 dlen = BN_num_bytes(dsa->params.q);
141 if (!BN_priv_rand_ex(blind, BN_num_bits(dsa->params.q) - 1,
150 if (!BN_mod_mul(tmp, blind, dsa->priv_key, dsa->params.q, ctx))
152 if (!BN_mod_mul(tmp, tmp, ret->r, dsa->params.q, ctx))
156 if (!BN_mod_mul(blindm, blind, m, dsa->params.q, ctx))
160 if (!BN_mod_add_quick(ret->s, tmp, blindm, dsa->params.q))
164 if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->params.q, ctx))
168 if (BN_mod_inverse(blind, blind, dsa->params.q, ctx) == NULL)
170 if (!BN_mod_mul(ret->s, ret->s, blind, dsa->params.q, ctx))
198 static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
200 return ossl_dsa_do_sign_int(dgst, dlen, dsa);
203 static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in,
206 return dsa_sign_setup(dsa, ctx_in, kinvp, rp, NULL, 0);
209 static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
219 if (!dsa->params.p || !dsa->params.q || !dsa->params.g) {
225 if (BN_is_zero(dsa->params.p)
226 || BN_is_zero(dsa->params.q)
227 || BN_is_zero(dsa->params.g)
228 || BN_is_negative(dsa->params.p)
229 || BN_is_negative(dsa->params.q)
230 || BN_is_negative(dsa->params.g)) {
234 if (dsa->priv_key == NULL) {
251 q_bits = BN_num_bits(dsa->params.q);
252 q_words = bn_get_top(dsa->params.q);
265 if (!ossl_bn_gen_dsa_nonce_fixed_top(k, dsa->params.q,
266 dsa->priv_key, dgst,
269 } else if (!ossl_bn_priv_rand_range_fixed_top(k, dsa->params.q, 0, ctx))
276 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
277 if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
278 dsa->lock, dsa->params.p, ctx))
297 if (!BN_add(l, k, dsa->params.q)
298 || !BN_add(k, l, dsa->params.q))
303 if ((dsa)->meth->bn_mod_exp != NULL) {
304 if (!dsa->meth->bn_mod_exp(dsa, r, dsa->params.g, k, dsa->params.p,
305 ctx, dsa->method_mont_p))
308 if (!BN_mod_exp_mont(r, dsa->params.g, k, dsa->params.p, ctx,
309 dsa->method_mont_p))
313 if (!BN_mod(r, r, dsa->params.q, ctx))
317 if ((kinv = dsa_mod_inverse_fermat(k, dsa->params.q, ctx)) == NULL)
335 DSA_SIG *sig, DSA *dsa)
343 if (dsa->params.p == NULL
344 || dsa->params.q == NULL
345 || dsa->params.g == NULL) {
350 i = BN_num_bits(dsa->params.q);
357 if (BN_num_bits(dsa->params.p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
371 BN_ucmp(r, dsa->params.q) >= 0) {
376 BN_ucmp(s, dsa->params.q) >= 0) {
384 if ((BN_mod_inverse(u2, s, dsa->params.q, ctx)) == NULL)
391 * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
399 if (!BN_mod_mul(u1, u1, u2, dsa->params.q, ctx))
403 if (!BN_mod_mul(u2, r, u2, dsa->params.q, ctx))
406 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
407 mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
408 dsa->lock, dsa->params.p, ctx);
413 if (dsa->meth->dsa_mod_exp != NULL) {
414 if (!dsa->meth->dsa_mod_exp(dsa, t1, dsa->params.g, u1, dsa->pub_key, u2,
415 dsa->params.p, ctx, mont))
418 if (!BN_mod_exp2_mont(t1, dsa->params.g, u1, dsa->pub_key, u2,
419 dsa->params.p, ctx, mont))
424 if (!BN_mod(u1, t1, dsa->params.q, ctx))
442 static int dsa_init(DSA *dsa)
444 dsa->flags |= DSA_FLAG_CACHE_MONT_P;
445 dsa->dirty_cnt++;
449 static int dsa_finish(DSA *dsa)
451 BN_MONT_CTX_free(dsa->method_mont_p);