void
mpmod(mpint *b, mpint *m, mpint *remainder)
{
mpdiv(b, m, nil, remainder);
if(remainder->sign < 0)
mpadd(m, remainder, remainder);
}
DSApriv*
dsagen(DSApub *opub)
{
DSApub *pub;
DSApriv *priv;
mpint *exp;
mpint *g;
mpint *r;
int bits;
priv = dsaprivalloc();
pub = &priv->pub;
if(opub != nil){
pub->p = mpcopy(opub->p);
pub->q = mpcopy(opub->q);
} else {
pub->p = mpnew(0);
pub->q = mpnew(0);
DSAprimes(pub->q, pub->p, nil);
}
bits = Dbits*pub->p->top;
pub->alpha = mpnew(0);
pub->key = mpnew(0);
priv->secret = mpnew(0);
// find a generator alpha of the multiplicative
// group Z*p, i.e., of order n = p-1. We use the
// fact that q divides p-1 to reduce the exponent.
exp = mpnew(0);
g = mpnew(0);
r = mpnew(0);
mpsub(pub->p, mpone, exp);
mpdiv(exp, pub->q, exp, r);
if(mpcmp(r, mpzero) != 0)
sysfatal("dsagen foul up");
while(1){
mprand(bits, genrandom, g);
mpmod(g, pub->p, g);
mpexp(g, exp, pub->p, pub->alpha);
if(mpcmp(pub->alpha, mpone) != 0)
break;
}
mpfree(g);
mpfree(exp);
// create the secret key
mprand(bits, genrandom, priv->secret);
mpmod(priv->secret, pub->p, priv->secret);
mpexp(pub->alpha, priv->secret, pub->p, pub->key);
return priv;
}
void
base58enc(uchar *src, char *dst, int len)
{
mpint *n, *r, *b;
char *sdst, t;
sdst = dst;
n = betomp(src, len, nil);
b = uitomp(58, nil);
r = mpnew(0);
while(mpcmp(n, mpzero) != 0){
mpdiv(n, b, n, r);
*dst++ = code[mptoui(r)];
}
for(; *src == 0; src++)
*dst++ = code[0];
dst--;
while(dst > sdst){
t = *sdst;
*sdst++ = *dst;
*dst-- = t;
}
}
void
mpeuclid(mpint *a, mpint *b, mpint *d, mpint *x, mpint *y)
{
mpint *tmp, *x0, *x1, *x2, *y0, *y1, *y2, *q, *r;
if(a->sign<0 || b->sign<0)
sysfatal("mpeuclid: negative arg");
if(mpcmp(a, b) < 0){
tmp = a;
a = b;
b = tmp;
tmp = x;
x = y;
y = tmp;
}
if(b->top == 0){
mpassign(a, d);
mpassign(mpone, x);
mpassign(mpzero, y);
return;
}
a = mpcopy(a);
b = mpcopy(b);
x0 = mpnew(0);
x1 = mpcopy(mpzero);
x2 = mpcopy(mpone);
y0 = mpnew(0);
y1 = mpcopy(mpone);
y2 = mpcopy(mpzero);
q = mpnew(0);
r = mpnew(0);
while(b->top != 0 && b->sign > 0){
// q = a/b
// r = a mod b
mpdiv(a, b, q, r);
// x0 = x2 - qx1
mpmul(q, x1, x0);
mpsub(x2, x0, x0);
// y0 = y2 - qy1
mpmul(q, y1, y0);
mpsub(y2, y0, y0);
// rotate values
tmp = a;
a = b;
b = r;
r = tmp;
tmp = x2;
x2 = x1;
x1 = x0;
x0 = tmp;
tmp = y2;
y2 = y1;
y1 = y0;
y0 = tmp;
}
mpassign(a, d);
mpassign(x2, x);
mpassign(y2, y);
mpfree(x0);
mpfree(x1);
mpfree(x2);
mpfree(y0);
mpfree(y1);
mpfree(y2);
mpfree(q);
mpfree(r);
mpfree(a);
mpfree(b);
}