Home | History | Annotate | Download | only in dsa 
      1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
      2  *
      3  * LibTomCrypt is a library that provides various cryptographic
      4  * algorithms in a highly modular and flexible manner.
      5  *
      6  * The library is free for all purposes without any express
      7  * guarantee it works.
      8  *
      9  * Tom St Denis, tomstdenis (at) gmail.com, http://libtomcrypt.com
     10  */
     11 #include "tomcrypt.h"
     12 
     13 /**
     14    @file dsa_verify_key.c
     15    DSA implementation, verify a key, Tom St Denis
     16 */
     17 
     18 #ifdef MDSA
     19 
     20 /**
     21    Verify a DSA key for validity
     22    @param key   The key to verify
     23    @param stat  [out]  Result of test, 1==valid, 0==invalid
     24    @return CRYPT_OK if successful
     25 */
     26 int dsa_verify_key(dsa_key *key, int *stat)
     27 {
     28    void   *tmp, *tmp2;
     29    int    res, err;
     30 
     31    LTC_ARGCHK(key  != NULL);
     32    LTC_ARGCHK(stat != NULL);
     33 
     34    /* default to an invalid key */
     35    *stat = 0;
     36 
     37    /* first make sure key->q and key->p are prime */
     38    if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) {
     39       return err;
     40    }
     41    if (res == 0) {
     42       return CRYPT_OK;
     43    }
     44 
     45    if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) {
     46       return err;
     47    }
     48    if (res == 0) {
     49       return CRYPT_OK;
     50    }
     51 
     52    /* now make sure that g is not -1, 0 or 1 and <p */
     53    if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) {
     54       return CRYPT_OK;
     55    }
     56    if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK)               { return err; }
     57    if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK)                       { goto error; }
     58    if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) {
     59       err = CRYPT_OK;
     60       goto error;
     61    }
     62 
     63    /* 1 < y < p-1 */
     64    if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) {
     65       err = CRYPT_OK;
     66       goto error;
     67    }
     68 
     69    /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */
     70    if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK)             { goto error; }
     71    if (mp_iszero(tmp2) != LTC_MP_YES) {
     72       err = CRYPT_OK;
     73       goto error;
     74    }
     75 
     76    if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK)    { goto error; }
     77    if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
     78       err = CRYPT_OK;
     79       goto error;
     80    }
     81 
     82    /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */
     83    if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK)       { goto error; }
     84    if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
     85       err = CRYPT_OK;
     86       goto error;
     87    }
     88 
     89    /* at this point we are out of tests ;-( */
     90    err   = CRYPT_OK;
     91    *stat = 1;
     92 error:
     93    mp_clear_multi(tmp, tmp2, NULL);
     94    return err;
     95 }
     96 #endif
     97 
     98 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */
     99 /* $Revision: 1.6 $ */
    100 /* $Date: 2006/12/04 03:18:43 $ */
    101