SecureVector<byte>
DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
rng.add_entropy(msg, msg_len);
BigInt i(msg, msg_len);
BigInt r = 0, s = 0;
while(r == 0 || s == 0)
{
BigInt k;
do
k.randomize(rng, q.bits());
while(k >= q);
r = mod_q.reduce(powermod_g_p(k));
s = mod_q.multiply(inverse_mod(k, q), mul_add(x, r, i));
}
SecureVector<byte> output(2*q.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
}
/*
* Default ElGamal Encrypt Operation
*/
SecureVector<byte> Default_ELG_Op::encrypt(const byte in[], u32bit length,
const BigInt& k) const
{
BigInt m(in, length);
if(m >= p)
throw Invalid_Argument("Default_ELG_Op::encrypt: Input is too large");
BigInt a = powermod_g_p(k);
BigInt b = mod_p.multiply(m, powermod_y_p(k));
SecureVector<byte> output(2*p.bytes());
a.binary_encode(output + (p.bytes() - a.bytes()));
b.binary_encode(output + output.size() / 2 + (p.bytes() - b.bytes()));
return output;
}
bool DSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len)
{
const BigInt& q = mod_q.get_modulus();
if(sig_len != 2*q.bytes() || msg_len > q.bytes())
return false;
BigInt r(sig, q.bytes());
BigInt s(sig + q.bytes(), q.bytes());
BigInt i(msg, msg_len);
if(r <= 0 || r >= q || s <= 0 || s >= q)
return false;
s = inverse_mod(s, q);
s = mod_p.multiply(powermod_g_p(mod_q.multiply(s, i)),
powermod_y_p(mod_q.multiply(s, r)));
return (mod_q.reduce(s) == r);
}
