uint8_t dsa_verify_bigint(const dsa_signature_t* s, const bigint_t* m,
const dsa_ctx_t* ctx) {
if(s->r.length_B==0 || s->s.length_B==0) {
return DSA_SIGNATURE_FAIL;
}
if(bigint_cmp_u(&(s->r), &(ctx->domain.q))>=0 || bigint_cmp_u(&(s->s), &(ctx->domain.q))>=0) {
return DSA_SIGNATURE_FAIL;
}
bigint_t w, u1, u2, v1, v2;
uint8_t w_b[ctx->domain.q.length_B], u1_b[ctx->domain.q.length_B*2], u2_b[ctx->domain.q.length_B*2];
uint8_t v1_b[ctx->domain.p.length_B*2], v2_b[ctx->domain.p.length_B];
w.wordv = w_b;
u1.wordv = u1_b;
u2.wordv = u2_b;
v1.wordv = v1_b;
v2.wordv = v2_b;
bigint_inverse(&w, &(s->s), &(ctx->domain.q));
bigint_mul_u(&u1, &w, m);
bigint_reduce(&u1, &(ctx->domain.q));
bigint_mul_u(&u2, &w, &(s->r));
bigint_reduce(&u2, &(ctx->domain.q));
bigint_expmod_u(&v1, &(ctx->domain.g), &u1, &(ctx->domain.p));
bigint_expmod_u(&v2, &(ctx->pub), &u2, &(ctx->domain.p));
bigint_mul_u(&v1, &v1, &v2);
bigint_reduce(&v1, &(ctx->domain.p));
bigint_reduce(&v1, &(ctx->domain.q));
if(bigint_cmp_u(&v1, &(s->r))==0) {
return DSA_SIGNATURE_OK;
}
return DSA_SIGNATURE_FAIL;
}
void test_reduce_bigint(void){
bigint_t a, b;
cli_putstr_P(PSTR("\r\nreduce test\r\n"));
for(;;){
cli_putstr_P(PSTR("\r\nenter a:"));
if(bigint_read_hex_echo(&a)){
cli_putstr_P(PSTR("\r\n end reduce test"));
return;
}
cli_putstr_P(PSTR("\r\nenter b:"));
if(bigint_read_hex_echo(&b)){
free(a.wordv);
cli_putstr_P(PSTR("\r\n end reduce test"));
return;
}
cli_putstr_P(PSTR("\r\n "));
bigint_print_hex(&a);
cli_putstr_P(PSTR(" % "));
bigint_print_hex(&b);
cli_putstr_P(PSTR(" = "));
bigint_reduce(&a, &b);
bigint_print_hex(&a);
cli_putstr_P(PSTR("\r\n"));
free(a.wordv);
free(b.wordv);
}
}
// [fail (c)]: A862 % 2752 = 0D1A ; should a862 % 2752 = b1a
void test_reduce_simple(void){
bigint_t a, b, c;
uint8_t a_b[2] = {0x62, 0xA8};
uint8_t b_b[2] = {0x52, 0x27};
uint8_t c_b[2];
a.wordv=a_b;
a.length_B = 2;
a.info=0x00;
bigint_adjust(&a);
b.wordv=b_b;
b.length_B = 2;
b.info=0x00;
bigint_adjust(&b);
c.wordv = c_b;
bigint_copy(&c, &a);
bigint_reduce(&c, &b);
cli_putstr_P(PSTR("\r\n test: "));
bigint_print_hex(&a);
cli_putstr_P(PSTR(" % "));
bigint_print_hex(&b);
cli_putstr_P(PSTR(" = "));
bigint_print_hex(&c);
}
void testrun_performance_reduce_bigint(void){
printf_P(PSTR("\n=== performance measurement (reduce) ===\n"));
unsigned i, j;
bigint_t a,b,v;
bigint_word_t v_w[192 * 2 / BIGINT_WORD_SIZE];
bigint_word_t a_w[192 * 2 / BIGINT_WORD_SIZE];
bigint_word_t b_w[192 * 2 / BIGINT_WORD_SIZE];
uint32_t time_a, time_b;
int32_t time_diff;
int16_t faster_percent;
v.wordv = v_w;
for(j = 0; j < 32; ++j){
do{
for(i = 0; i < 192 * 2 / BIGINT_WORD_SIZE; ++i){
((uint8_t*)v_w)[i] = random();
}
v.length_W = 192 * 2 / BIGINT_WORD_SIZE;
v.info = 0;
bigint_adjust(&v);
}while(0);
// printf_P(PSTR("candidate:\n"));
// bigint_print_hex(&v);
a.wordv = a_w;
b.wordv = b_w;
calibrateTimer();
// printf_P(PSTR("\n going to test optimized version: ...\n"));
uart0_flush();
time_a = 0;
for(i = 0; i < 16; ++i){
bigint_copy(&a, &v);
startTimer(1);
START_TIMER;
bigint_reduce_p192(&a);
STOP_TIMER;
time_a += stopTimer();
}
// printf_P(PSTR(" took: %"PRIu32" cycles\nresult:"), time);
// bigint_print_hex(&a);
// printf_P(PSTR("\n going to test not-optimized version: ...\n"));
// uart0_flush();
time_b = 0;
for(i = 0; i < 16; ++i){
bigint_copy(&b, &v);
startTimer(1);
START_TIMER;
bigint_reduce(&b, &nist_curve_p192_p);
STOP_TIMER;
time_b += stopTimer();
}
// printf_P(PSTR(" took: %"PRIu32" cycles\nresult:"), time);
// bigint_print_hex(&b);
time_diff = time_b - time_a;
faster_percent = (time_diff * 100) / time_b;
printf_P(PSTR(" delta: %7"PRId32" (%3"PRId16"%%) :-"), time_diff, faster_percent);
if(bigint_cmp_u(&a, &b)){
printf_P(PSTR("(\n"));
} else {
printf_P(PSTR(")\n"));
}
uart0_flush();
}
}
