Commit 7e03ad14 authored by Niels Möller's avatar Niels Möller
Browse files

Use the correct modulo function: mpz_fdiv_r.

dh_verify_server_message now saves the exchange hash.

Rev: src/publickey_crypto.c:1.15
parent 695ce8ac
...@@ -105,7 +105,7 @@ static struct lsh_string *do_dss_sign(struct signer *c, ...@@ -105,7 +105,7 @@ static struct lsh_string *do_dss_sign(struct signer *c,
debug_mpz(r); debug_mpz(r);
debug("\n"); debug("\n");
mpz_tdiv_r(r, r, closure->public.q); mpz_fdiv_r(r, r, closure->public.q);
debug("do_dss_sign, r: "); debug("do_dss_sign, r: ");
debug_mpz(r); debug_mpz(r);
...@@ -127,10 +127,10 @@ static struct lsh_string *do_dss_sign(struct signer *c, ...@@ -127,10 +127,10 @@ static struct lsh_string *do_dss_sign(struct signer *c,
/* Compute signature s = k^-1(h + ar) (mod q) */ /* Compute signature s = k^-1(h + ar) (mod q) */
mpz_init(s); mpz_init(s);
mpz_mul(s, r, closure->a); mpz_mul(s, r, closure->a);
mpz_tdiv_r(s, s, closure->public.q); mpz_fdiv_r(s, s, closure->public.q);
mpz_add(s, s, tmp); mpz_add(s, s, tmp);
mpz_mul(s, s, k); mpz_mul(s, s, k);
mpz_tdiv_r(s, s, closure->public.q); mpz_fdiv_r(s, s, closure->public.q);
debug("do_dss_sign, s: "); debug("do_dss_sign, s: ");
debug_mpz(s); debug_mpz(s);
...@@ -227,24 +227,33 @@ static int do_dss_verify(struct verifier *c, ...@@ -227,24 +227,33 @@ static int do_dss_verify(struct verifier *c,
mpz_init(v); mpz_init(v);
mpz_mul(tmp, tmp, w); mpz_mul(tmp, tmp, w);
mpz_tdiv_r(tmp, tmp, closure->public.q); mpz_fdiv_r(tmp, tmp, closure->public.q);
debug("u1: ");
debug_mpz(tmp);
debug("\n");
mpz_powm(v, closure->public.g, tmp, closure->public.p); mpz_powm(v, closure->public.g, tmp, closure->public.p);
/* y^{w * r (mod q) } (mod p) */ /* y^{w * r (mod q) } (mod p) */
mpz_mul(tmp, r, w); mpz_mul(tmp, r, w);
mpz_tdiv_r(tmp, tmp, closure->public.q); mpz_fdiv_r(tmp, tmp, closure->public.q);
mpz_powm(tmp, closure->public.y, tmp, closure->public.p);
debug("u2: ");
debug_mpz(tmp);
debug("\n");
mpz_powm(tmp, closure->public.y, tmp, closure->public.p);
/* (g^{w * h} * y^{w * r} (mod p) ) (mod q) */ /* (g^{w * h} * y^{w * r} (mod p) ) (mod q) */
mpz_mul(v, v, tmp); mpz_mul(v, v, tmp);
mpz_tdiv_r(v, v, closure->public.p); mpz_fdiv_r(v, v, closure->public.p);
debug("do_dss_verify, group element: "); debug("do_dss_verify, group element: ");
debug_mpz(v); debug_mpz(v);
debug("\n"); debug("\n");
mpz_tdiv_r(v, v, closure->public.q); mpz_fdiv_r(v, v, closure->public.q);
debug("do_dss_verify, v: "); debug("do_dss_verify, v: ");
debug_mpz(v); debug_mpz(v);
...@@ -397,7 +406,7 @@ static void zn_invert(struct group *c, mpz_t res, mpz_t x) ...@@ -397,7 +406,7 @@ static void zn_invert(struct group *c, mpz_t res, mpz_t x)
if (!mpz_invert(res, x, closure->modulo)) if (!mpz_invert(res, x, closure->modulo))
fatal("zn_invert: element is non-invertible\n"); fatal("zn_invert: element is non-invertible\n");
mpz_tdiv_r(res, res, closure->modulo); mpz_fdiv_r(res, res, closure->modulo);
} }
static void zn_combine(struct group *c, mpz_t res, mpz_t a, mpz_t b) static void zn_combine(struct group *c, mpz_t res, mpz_t a, mpz_t b)
...@@ -405,7 +414,7 @@ static void zn_combine(struct group *c, mpz_t res, mpz_t a, mpz_t b) ...@@ -405,7 +414,7 @@ static void zn_combine(struct group *c, mpz_t res, mpz_t a, mpz_t b)
struct group_zn *closure = (struct group_zn *) c; struct group_zn *closure = (struct group_zn *) c;
mpz_mul(res, a, b); mpz_mul(res, a, b);
mpz_tdiv_r(res, res, closure->modulo); mpz_fdiv_r(res, res, closure->modulo);
} }
static void zn_power(struct group *c, mpz_t res, mpz_t g, mpz_t e) static void zn_power(struct group *c, mpz_t res, mpz_t g, mpz_t e)
...@@ -566,10 +575,10 @@ void dh_hash_digest(struct diffie_hellman_instance *self, UINT8 *digest) ...@@ -566,10 +575,10 @@ void dh_hash_digest(struct diffie_hellman_instance *self, UINT8 *digest)
self->server_key, self->server_key,
self->e, self->f, self->e, self->f,
self->K); self->K);
debug("dh_hash_digest()\n "); debug("dh_hash_digest()\n '");
debug_safe(s->length, debug_safe(s->length,
s->data); s->data);
debug("\n"); debug("'\n");
HASH_UPDATE(self->hash, s->length, s->data); HASH_UPDATE(self->hash, s->length, s->data);
lsh_string_free(s); lsh_string_free(s);
...@@ -622,12 +631,12 @@ int dh_process_server_msg(struct diffie_hellman_instance *self, ...@@ -622,12 +631,12 @@ int dh_process_server_msg(struct diffie_hellman_instance *self,
int dh_verify_server_msg(struct diffie_hellman_instance *self, int dh_verify_server_msg(struct diffie_hellman_instance *self,
struct verifier *v) struct verifier *v)
{ {
UINT8 *digest; self->exchange_hash = lsh_string_alloc(self->hash->hash_size);
digest = alloca(self->hash->hash_size); dh_hash_digest(self, self->exchange_hash->data);
dh_hash_digest(self, digest);
return VERIFY(v, self->hash->hash_size, digest, return VERIFY(v,
self->hash->hash_size, self->exchange_hash->data,
self->signature->length, self->signature->data); self->signature->length, self->signature->data);
} }
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment