mirror of
https://github.com/jbop1626/ninty-233.git
synced 2024-09-20 20:09:58 +02:00
fix alignment
This commit is contained in:
parent
162c3771c8
commit
429fb0916a
@ -173,39 +173,39 @@ void ecdsa_sign(const mpz_t z, const element private_key, element r_out, element
|
|||||||
}
|
}
|
||||||
|
|
||||||
int ecdsa_verify(const mpz_t z, const ec_point * public_key, const element r_input, const element s_input) {
|
int ecdsa_verify(const mpz_t z, const ec_point * public_key, const element r_input, const element s_input) {
|
||||||
ec_point Q, test;
|
ec_point Q, test;
|
||||||
ec_point_copy(public_key, &Q);
|
ec_point_copy(public_key, &Q);
|
||||||
element zero = { 0 };
|
element zero = { 0 };
|
||||||
|
|
||||||
// If Q is the identity, Q is invalid
|
// If Q is the identity, Q is invalid
|
||||||
if (gf2m_is_equal(Q.x, zero) && gf2m_is_equal(Q.y, zero)) {
|
if (gf2m_is_equal(Q.x, zero) && gf2m_is_equal(Q.y, zero)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
// If Q is not a point on the curve, Q is invalid
|
// If Q is not a point on the curve, Q is invalid
|
||||||
if (!ec_point_on_curve(&Q)) {
|
if (!ec_point_on_curve(&Q)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
// If nQ is not the identity, Q is invalid (or n is messed up)
|
// If nQ is not the identity, Q is invalid (or n is messed up)
|
||||||
ec_point_mul(G_ORDER, &Q, &test);
|
ec_point_mul(G_ORDER, &Q, &test);
|
||||||
if (!(gf2m_is_equal(test.x, zero) && gf2m_is_equal(test.y, zero))) {
|
if (!(gf2m_is_equal(test.x, zero) && gf2m_is_equal(test.y, zero))) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Public key is valid, now verify signature...
|
// Public key is valid, now verify signature...
|
||||||
mpz_t r, s, n;
|
mpz_t r, s, n;
|
||||||
init_mpz_list(3, r, s, n);
|
init_mpz_list(3, r, s, n);
|
||||||
gf2m_to_mpz(r_input, r);
|
gf2m_to_mpz(r_input, r);
|
||||||
gf2m_to_mpz(s_input, s);
|
gf2m_to_mpz(s_input, s);
|
||||||
gf2m_to_mpz(G_ORDER, n);
|
gf2m_to_mpz(G_ORDER, n);
|
||||||
|
|
||||||
// If r or s are not in [1, n - 1], sig is invalid
|
// If r or s are not in [1, n - 1], sig is invalid
|
||||||
if ( (mpz_cmp_ui(r, 1) < 0 || mpz_cmp(r, n) > 0 || mpz_cmp(r, n) == 0) ||
|
if ( (mpz_cmp_ui(r, 1) < 0 || mpz_cmp(r, n) > 0 || mpz_cmp(r, n) == 0) ||
|
||||||
(mpz_cmp_ui(s, 1) < 0 || mpz_cmp(s, n) > 0 || mpz_cmp(s, n) == 0) ) {
|
(mpz_cmp_ui(s, 1) < 0 || mpz_cmp(s, n) > 0 || mpz_cmp(s, n) == 0) ) {
|
||||||
clear_mpz_list(3, r, s, n);
|
clear_mpz_list(3, r, s, n);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Calculate u_1 and u_2
|
// Calculate u_1 and u_2
|
||||||
mpz_t s_inv, u_1, u_2;
|
mpz_t s_inv, u_1, u_2;
|
||||||
init_mpz_list(3, s_inv, u_1, u_2);
|
init_mpz_list(3, s_inv, u_1, u_2);
|
||||||
|
|
||||||
@ -219,28 +219,28 @@ int ecdsa_verify(const mpz_t z, const ec_point * public_key, const element r_inp
|
|||||||
mpz_mul(u_2, r, s_inv);
|
mpz_mul(u_2, r, s_inv);
|
||||||
mpz_mod(u_2, u_2, n);
|
mpz_mod(u_2, u_2, n);
|
||||||
|
|
||||||
// Calculate P3 = u_1G + u_2Q
|
// Calculate P3 = u_1G + u_2Q
|
||||||
element u_1_elem, u_2_elem;
|
element u_1_elem, u_2_elem;
|
||||||
mpz_to_gf2m(u_1, u_1_elem);
|
mpz_to_gf2m(u_1, u_1_elem);
|
||||||
mpz_to_gf2m(u_2, u_2_elem);
|
mpz_to_gf2m(u_2, u_2_elem);
|
||||||
ec_point G, P1, P2, P3;
|
ec_point G, P1, P2, P3;
|
||||||
gf2m_copy(G_X, G.x);
|
gf2m_copy(G_X, G.x);
|
||||||
gf2m_copy(G_Y, G.y);
|
gf2m_copy(G_Y, G.y);
|
||||||
|
|
||||||
ec_point_mul(u_1_elem, &G, &P1);
|
ec_point_mul(u_1_elem, &G, &P1);
|
||||||
ec_point_mul(u_2_elem, &Q, &P2);
|
ec_point_mul(u_2_elem, &Q, &P2);
|
||||||
ec_point_add(&P1, &P2, &P3);
|
ec_point_add(&P1, &P2, &P3);
|
||||||
|
|
||||||
// If P3 is the identity, sig is invalid
|
// If P3 is the identity, sig is invalid
|
||||||
if (gf2m_is_equal(P3.x, zero) && gf2m_is_equal(P3.y, zero)) {
|
if (gf2m_is_equal(P3.x, zero) && gf2m_is_equal(P3.y, zero)) {
|
||||||
clear_mpz_list(6, r, s, n, s_inv, u_1, u_2);
|
clear_mpz_list(6, r, s, n, s_inv, u_1, u_2);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// And finally, is r congruent to P3.x mod n?
|
// And finally, is r congruent to P3.x mod n?
|
||||||
mpz_t x_p;
|
mpz_t x_p;
|
||||||
mpz_init(x_p);
|
mpz_init(x_p);
|
||||||
gf2m_to_mpz(P3.x, x_p);
|
gf2m_to_mpz(P3.x, x_p);
|
||||||
|
|
||||||
int is_congruent = mpz_congruent_p(r, x_p, n) != 0;
|
int is_congruent = mpz_congruent_p(r, x_p, n) != 0;
|
||||||
clear_mpz_list(7, r, s, n, s_inv, u_1, u_2, x_p);
|
clear_mpz_list(7, r, s, n, s_inv, u_1, u_2, x_p);
|
||||||
|
Loading…
Reference in New Issue
Block a user