return 0;
}
+ BOOL d0_rsa_generate_key_fastreject(size_t size, d0_fastreject_function reject, d0_blind_id_t *ctx, void *pass)
+ {
+ // uses temp0 to temp4
+ int fail = 0;
+ int gcdfail = 0;
+ int pb = (size + 1)/2;
+ int qb = size - pb;
+ if(pb < 8)
+ pb = 8;
+ if(qb < 8)
+ qb = 8;
+ for (;;)
+ {
+ CHECK(d0_bignum_rand_bit_exact(temp0, pb));
+ if(d0_bignum_isprime(temp0, 10) == 0)
+ continue;
+ CHECK(d0_bignum_sub(temp2, temp0, one));
+ CHECK(d0_bignum_gcd(temp4, NULL, NULL, temp2, ctx->rsa_e));
+ if(!d0_bignum_cmp(temp4, one))
+ break;
+ if(++gcdfail == 3)
+ return 0;
+ ++gcdfail;
+ }
+ gcdfail = 0;
+ for (;;)
+ {
+ CHECK(d0_bignum_rand_bit_exact(temp1, qb));
+ if(!d0_bignum_cmp(temp1, temp0))
+ {
+ if(++fail == 3)
+ return 0;
+ }
+ fail = 0;
+
+ // n = temp0*temp1
+ CHECK(d0_bignum_mul(ctx->rsa_n, temp0, temp1));
+ if(reject(ctx, pass))
+ continue;
+
+ if(d0_bignum_isprime(temp1, 10) == 0)
+ continue;
+ CHECK(d0_bignum_sub(temp3, temp1, one));
+ CHECK(d0_bignum_gcd(temp4, NULL, NULL, temp3, ctx->rsa_e));
+ if(!d0_bignum_cmp(temp4, one))
+ break;
+ if(++gcdfail == 3)
+ return 0;
+ ++gcdfail;
+ }
+
+ // ctx->rsa_d = ctx->rsa_e^-1 mod (temp0-1)(temp1-1)
+ CHECK(d0_bignum_mul(temp0, temp2, temp3));
+ CHECK(d0_bignum_mod_inv(ctx->rsa_d, ctx->rsa_e, temp0));
+ return 1;
+ fail:
+ return 0;
+ }
+
+WARN_UNUSED_RESULT BOOL d0_longhash_destructive(d0_bignum_t *clobberme, char *outbuf, size_t *outbuflen)
+{
+ d0_iobuf_t *out = NULL;
+ static unsigned char convbuf[1024];
+ d0_iobuf_t *conv = NULL;
+ size_t n, sz;
+
+ n = *outbuflen;
+ while(n > SHA_DIGESTSIZE)
+ {
+ conv = d0_iobuf_open_write(convbuf, sizeof(convbuf));
+ CHECK(d0_iobuf_write_bignum(conv, temp0));
+ CHECK(d0_iobuf_close(conv, &sz));
+ conv = NULL;
+ memcpy(outbuf, sha(convbuf, sz), SHA_DIGESTSIZE);
+ outbuf += SHA_DIGESTSIZE;
+ n -= SHA_DIGESTSIZE;
+ CHECK(d0_bignum_add(temp0, temp0, one));
+ }
+ conv = d0_iobuf_open_write(convbuf, sizeof(convbuf));
+ CHECK(d0_iobuf_write_bignum(conv, temp0));
+ CHECK(d0_iobuf_close(conv, &sz));
+ conv = NULL;
+ memcpy(outbuf, sha(convbuf, sz), n);
+
+ return d0_iobuf_close(out, outbuflen);
+
+fail:
+ if(conv)
+ d0_iobuf_close(conv, &sz);
+ return 0;
+}
+
void d0_blind_id_clear(d0_blind_id_t *ctx)
{
if(ctx->rsa_n) d0_bignum_free(ctx->rsa_n);
return 0;
}
- BOOL d0_blind_id_sessionkey_public_id(d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
+ BOOL d0_blind_id_sessionkey_public_id(const d0_blind_id_t *ctx, char *outbuf, size_t *outbuflen)
{
- d0_iobuf_t *out = NULL;
- static unsigned char convbuf[1024];
- d0_iobuf_t *conv = NULL;
- size_t n, sz;
-
USING(r); USING(other_4_to_r); USING(schnorr_G);
- out = d0_iobuf_open_write(outbuf, *outbuflen);
- conv = d0_iobuf_open_write(convbuf, sizeof(convbuf));
-
// temps: temp0 result
CHECK(d0_bignum_mod_pow(temp0, ctx->other_4_to_r, ctx->r, ctx->schnorr_G));
- CHECK(d0_iobuf_write_bignum(conv, temp0));
- CHECK(d0_iobuf_close(conv, &sz));
- conv = NULL;
-
- n = *outbuflen;
- if(n > SHA_DIGESTSIZE)
- n = SHA_DIGESTSIZE;
- CHECK(d0_iobuf_write_raw(out, sha(convbuf, sz), n) == n);
-
- return d0_iobuf_close(out, outbuflen);
+ return d0_longhash_destructive(temp0, outbuf, outbuflen);
fail:
- if(conv)
- d0_iobuf_close(conv, &sz);
- d0_iobuf_close(out, outbuflen);
return 0;
}
projects / xonotic / d0_blind_id.git / commitdiff