dh_ctxt_t *dh_init(bn_t *p, bn_t *g)
{
dh_ctxt_t *res;
bn_t *t;
if (p == NULL || g == NULL)
return NULL;
assert(p->n == g->n);
if ((res = (dh_ctxt_t *)mem_alloc(sizeof(dh_ctxt_t))) == NULL)
return NULL;
res->g = g;
res->p = p;
t = bn_copy(bn_alloc(p->n), p);
bn_sub_ui(t, t, 2, p);
// Check g \in [2, p - 2].
if (bn_cmp_ui(g, 2) < 0 || bn_cmp(g, t) > 0)
goto outerr;
// Generate c \in [1, p - 2].
res->c = bn_alloc(p->n);
bn_rand_range(res->c, 1, p, 2);
// C = g^c mod p
res->C = bn_alloc(p->n);
bn_pow_mod(res->C, res->g, res->c, p);
goto outok;
outerr:;
mem_free(res);
res = NULL;
outok:;
bn_free(t);
return res;
}
int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
{
return bn_rand_range(1, r, range);
}
int BN_rand_range(BIGNUM *r, const BIGNUM *range)
{
return bn_rand_range(0, r, range);
}
