// h=hash(g, g^r, g^x, name)
static void zkpHash(BIGNUM *h, const JPakeZKP *zkp, const BIGNUM *gx,
const JPakeUserPublic *from, const JPakeParameters *params)
{
unsigned char md[SHA_DIGEST_LENGTH];
SHA_CTX sha;
// XXX: hash should not allow moving of the boundaries - Java code
// is flawed in this respect. Length encoding seems simplest.
SHA1_Init(&sha);
hashbn(&sha, params->g);
hashbn(&sha, zkp->gr);
hashbn(&sha, gx);
hashstring(&sha, from->name);
SHA1_Final(md, &sha);
BN_bin2bn(md, SHA_DIGEST_LENGTH, h);
}
static void quickhashbn(unsigned char *md, const BIGNUM *bn)
{
SHA_CTX sha;
SHA1_Init(&sha);
hashbn(&sha, bn);
SHA1_Final(md, &sha);
}
/* h=hash(g, g^r, g^x, name) */
static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p,
const char *proof_name)
{
unsigned char md[SHA_DIGEST_LENGTH];
SHA_CTX sha;
/*
* XXX: hash should not allow moving of the boundaries - Java code
* is flawed in this respect. Length encoding seems simplest.
*/
SHA1_Init(&sha);
hashbn(&sha, zkpg);
OPENSSL_assert(!BN_is_zero(p->zkpx.gr));
hashbn(&sha, p->zkpx.gr);
hashbn(&sha, p->gx);
hashstring(&sha, proof_name);
SHA1_Final(md, &sha);
BN_bin2bn(md, SHA_DIGEST_LENGTH, h);
}
static int quickhashbn(unsigned char *md, const BIGNUM *bn)
{
SHA_CTX sha;
SHA1_Init(&sha);
if (!hashbn(&sha, bn))
return 0;
SHA1_Final(md, &sha);
return 1;
}