📄 lib_dsa.c
字号:
/****************************************************************************
* *
* cryptlib DSA Encryption Routines *
* Copyright Peter Gutmann 1995-2002 *
* *
****************************************************************************/
#include <stdlib.h>
#include <string.h>
#include "crypt.h"
#include "cryptctx.h"
/****************************************************************************
* *
* Predefined DSA p, q, and g Parameters *
* *
****************************************************************************/
/* We never use shared DSA parameters because they allow forgery of
signatures on certificates. This works as follows: Suppose that the
certificate contains a copy of the certificate signer's DSA parameters,
and the verifier of the certificate has a copy of the signer's public key
but not the signer's DSA parameters (which are shared with other keys).
If the verifier uses the DSA parameters from the certificate along with
the signer's public key to verify the signature on the certificate, then
an attacker can create bogus certificates by choosing a random u and
finding its inverse v modulo q (uv is congruent to 1 modulo q). Then
take the certificate signer's public key g^x and compute g' = (g^x)^u.
Then g'^v = g^x. Using the DSA parameters p, q, g', the signer's public
key corresponds to the private key v, which the attacker knows. The
attacker can then create a bogus certificate, put parameters (p, q, g')
in it, and sign it with the DSA private key v to create an apparently
valid certificate. This works with the DSA OID which makes p, q, and g
unauthenticated public parameters and y the public key, but not the one
which makes p, q, g, and y the public key */
#if 0
/* DSA public values, generated by Colin Plumb for PGP 5. These values were
chosen as representative well-known public values to allay fears of
possible trapdoors in self-generated values. Note that the p values are
identical to the DH primes except for the last ~160 bits (see the code
used to generate them for the details). Also, once we move p over 1024
bits we need to correspondingly increase q above 160 bits to provide
protection from small-exponent attacks (a 4096-bit p isn't any good if q
remains at 160 bits) */
static const BYTE prime1024p[] = {
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD,
0x20, 0xB4, 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B,
0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D, 0x0F, 0x7C,
0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D,
0x38, 0xD3, 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43,
0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33, 0x21, 0x2C,
0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29,
0x7A, 0xCA, 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB,
0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46, 0xD3, 0x08,
0x3D, 0x66, 0xA4, 0xB0, 0xB6, 0x51, 0xE2, 0xBA,
0xE5, 0x4E, 0x44, 0x39, 0x7C, 0x9F, 0x2A, 0x5E,
0x31, 0x2F, 0xF6, 0xDB, 0x5C, 0x75, 0xAE, 0x81
};
static const BYTE prime1024q[] = {
0xFF, 0x9F, 0x9C, 0x7C, 0xBD, 0x89, 0x4B, 0x22,
0x19, 0x26, 0xBA, 0xAB, 0xA2, 0x5E, 0xC3, 0x55,
0xE9, 0x27, 0xC2, 0xB1
};
static const BYTE prime1536p[] = {
0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76, 0x52, 0x4F,
0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F,
0xC5, 0xFC, 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30,
0x61, 0xCE, 0x7C, 0xC9, 0x66, 0xFF, 0x15, 0xF9,
0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01, 0xAA, 0xD3,
0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5,
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD,
0x20, 0xB4, 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B,
0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D, 0x0F, 0x7C,
0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D,
0x38, 0xD3, 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43,
0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33, 0x21, 0x2C,
0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29,
0x7A, 0xCA, 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB,
0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x47, 0x2C, 0xCB,
0xA6, 0x82, 0xA5, 0xEB, 0xA2, 0x84, 0x3E, 0xE3,
0x3D, 0x56, 0xE7, 0xA9, 0xF3, 0xE1, 0xC4, 0x3D,
0x22, 0x98, 0x80, 0xF3, 0xC3, 0x08, 0x49, 0x8F
};
static const BYTE prime1536q[] = {
0x3F, 0xFD, 0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C,
0x7C, 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA,
0xAB, 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x27, 0xC2,
0x43
};
static const BYTE prime2048p[] = {
0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17,
0x72, 0xA2, 0xBA, 0xD6, 0xA9, 0x42, 0xF3, 0x05,
0xE8, 0xF9, 0x53, 0x11, 0x39, 0x4F, 0xB6, 0xF1,
0x6E, 0xB9, 0x4B, 0x38, 0x20, 0xDA, 0x01, 0xA7,
0x56, 0xA3, 0x14, 0xE9, 0x8F, 0x40, 0x55, 0xF3,
0xD0, 0x07, 0xC6, 0xCB, 0x43, 0xA9, 0x94, 0xAD,
0xF7, 0x4C, 0x64, 0x86, 0x49, 0xF8, 0x0C, 0x83,
0xBD, 0x65, 0xE9, 0x17, 0xD4, 0xA1, 0xD3, 0x50,
0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76, 0x52, 0x4F,
0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F,
0xC5, 0xFC, 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30,
0x61, 0xCE, 0x7C, 0xC9, 0x66, 0xFF, 0x15, 0xF9,
0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01, 0xAA, 0xD3,
0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5,
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD,
0x20, 0xB4, 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B,
0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D, 0x0F, 0x7C,
0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D,
0x38, 0xD3, 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43,
0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33, 0x21, 0x2C,
0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29,
0x7A, 0xCA, 0x95, 0x0C, 0xD9, 0x96, 0x9F, 0xAB,
0xD0, 0x0A, 0x51, 0xB8, 0x4F, 0xCF, 0x7E, 0xC9,
0x6A, 0x96, 0xFA, 0x9E, 0x4E, 0xDC, 0x9F, 0x93,
0x37, 0x21, 0x13, 0x1D, 0xE3, 0xDD, 0x3D, 0xE0,
0x7D, 0x1D, 0x6B, 0xCE, 0x09, 0x83, 0x11, 0xB5
};
static const BYTE prime2048q[] = {
0x01, 0xFE, 0x46, 0xD3, 0x08, 0x3D, 0x66, 0xA4,
0x5D, 0x41, 0x9F, 0x9C, 0x7C, 0xBD, 0x89, 0x4B,
0x22, 0x19, 0x26, 0xBA, 0xAB, 0xA2, 0x5E, 0xC3,
0x55, 0xE9, 0x27, 0xC2, 0xCF
};
static const BYTE prime3072p[] = {
0xCC, 0x1D, 0x77, 0x57, 0x24, 0x38, 0x4A, 0xE2,
0xC4, 0xF0, 0xE8, 0x8E, 0x13, 0x67, 0x97, 0x4E,
0x92, 0x13, 0x61, 0xF6, 0xDB, 0xEB, 0x25, 0x0E,
0x17, 0xFD, 0xF6, 0x98, 0xF7, 0xC8, 0x7C, 0x79,
0xB0, 0x72, 0x1D, 0x38, 0x75, 0xFB, 0xF6, 0xC1,
0x73, 0xC4, 0x83, 0x11, 0x26, 0x2B, 0x43, 0x60,
0xC3, 0xE3, 0xE8, 0xD6, 0x0A, 0xFD, 0xA1, 0x28,
0x26, 0x0B, 0xAE, 0xA9, 0xAE, 0xB3, 0x65, 0x0F,
0xA2, 0x00, 0x53, 0x01, 0xA0, 0x7C, 0xD6, 0xAB,
0xA3, 0x12, 0x1E, 0xFA, 0x0F, 0x2A, 0xCE, 0x1F,
0x74, 0x84, 0x4F, 0xCA, 0xF3, 0x17, 0xF3, 0xA4,
0x40, 0xE9, 0xD7, 0xD2, 0x77, 0xB6, 0x42, 0x2D,
0x02, 0x36, 0xC1, 0x26, 0xCB, 0x68, 0x5E, 0x9D,
0x7C, 0x98, 0x09, 0x0A, 0x8D, 0x7E, 0x2D, 0xED,
0xE4, 0x5D, 0x79, 0xF5, 0xD4, 0x92, 0x4F, 0x9B,
0x18, 0x8E, 0xFC, 0x2A, 0xA7, 0x4B, 0x7C, 0x32,
0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17,
0x72, 0xA2, 0xBA, 0xD6, 0xA9, 0x42, 0xF3, 0x05,
0xE8, 0xF9, 0x53, 0x11, 0x39, 0x4F, 0xB6, 0xF1,
0x6E, 0xB9, 0x4B, 0x38, 0x20, 0xDA, 0x01, 0xA7,
0x56, 0xA3, 0x14, 0xE9, 0x8F, 0x40, 0x55, 0xF3,
0xD0, 0x07, 0xC6, 0xCB, 0x43, 0xA9, 0x94, 0xAD,
0xF7, 0x4C, 0x64, 0x86, 0x49, 0xF8, 0x0C, 0x83,
0xBD, 0x65, 0xE9, 0x17, 0xD4, 0xA1, 0xD3, 0x50,
0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76, 0x52, 0x4F,
0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F,
0xC5, 0xFC, 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30,
0x61, 0xCE, 0x7C, 0xC9, 0x66, 0xFF, 0x15, 0xF9,
0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01, 0xAA, 0xD3,
0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5,
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD,
0x20, 0xB4, 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B,
0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D, 0x0F, 0x7C,
0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D,
0x38, 0xD3, 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43,
0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33, 0x21, 0x2C,
0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29,
0x7A, 0xCA, 0x95, 0x0C, 0xDB, 0x13, 0xD8, 0xA2,
0x1A, 0x8F, 0x32, 0x6B, 0x11, 0xEB, 0xA3, 0xF2,
0x71, 0x5E, 0xF5, 0xC5, 0x43, 0x6D, 0x84, 0x4B,
0xF6, 0xFE, 0x52, 0xB9, 0x60, 0x5A, 0x8E, 0x09,
0xCE, 0xCB, 0xFE, 0x94, 0xBC, 0xEF, 0x23, 0x5B
};
static const BYTE prime3072q[] = {
0x3F, 0xEB, 0xD0, 0x0A, 0x50, 0x9B, 0x02, 0x46,
0xD3, 0x08, 0x3D, 0x66, 0xA4, 0x5D, 0x41, 0x9F,
0x9C, 0x7C, 0xBD, 0x89, 0x4B, 0x22, 0x19, 0x26,
0xBA, 0xAB, 0xA2, 0x5E, 0xC3, 0x55, 0xE9, 0x27,
0xC3, 0x1D
};
static const BYTE prime4096p[] = {
0xF9, 0x18, 0xA0, 0x7E, 0x5A, 0x06, 0x61, 0x7A,
0x43, 0x90, 0x95, 0xDC, 0x05, 0x6C, 0x87, 0x86,
0xEC, 0x61, 0xEC, 0xCD, 0x45, 0x1F, 0x0E, 0xD8,
0xE0, 0xA3, 0x79, 0xC6, 0xC9, 0xDC, 0x7A, 0x0B,
0xAC, 0xE4, 0x3F, 0xE3, 0x46, 0x94, 0xB6, 0x30,
0x4A, 0x53, 0xD7, 0x7C, 0x02, 0x16, 0x48, 0x80,
0xB5, 0x15, 0xE5, 0x29, 0x99, 0xA9, 0x9F, 0x07,
0x74, 0xD3, 0xFF, 0xE3, 0xA1, 0xC5, 0x96, 0x20,
0x4E, 0x98, 0x65, 0xB8, 0xD8, 0x0D, 0xEE, 0x10,
0x5D, 0xAB, 0xB6, 0x17, 0x1C, 0x51, 0xD8, 0x50,
0xCA, 0x22, 0x57, 0x43, 0x29, 0xBE, 0x95, 0xE8,
0x56, 0x2B, 0x38, 0x78, 0x5C, 0x0B, 0xDB, 0xF8,
0x4C, 0x4D, 0xD5, 0xE3, 0xAA, 0x46, 0xCC, 0xFB,
0xCE, 0x17, 0xE8, 0x2A, 0x9D, 0x14, 0x61, 0xE3,
0x84, 0xA9, 0x4F, 0xD1, 0x83, 0x84, 0xA8, 0x79,
0xB6, 0xEF, 0x8F, 0xA7, 0x43, 0x46, 0x08, 0xC6,
0xCC, 0x1D, 0x77, 0x57, 0x24, 0x38, 0x4A, 0xE2,
0xC4, 0xF0, 0xE8, 0x8E, 0x13, 0x67, 0x97, 0x4E,
0x92, 0x13, 0x61, 0xF6, 0xDB, 0xEB, 0x25, 0x0E,
0x17, 0xFD, 0xF6, 0x98, 0xF7, 0xC8, 0x7C, 0x79,
0xB0, 0x72, 0x1D, 0x38, 0x75, 0xFB, 0xF6, 0xC1,
0x73, 0xC4, 0x83, 0x11, 0x26, 0x2B, 0x43, 0x60,
0xC3, 0xE3, 0xE8, 0xD6, 0x0A, 0xFD, 0xA1, 0x28,
0x26, 0x0B, 0xAE, 0xA9, 0xAE, 0xB3, 0x65, 0x0F,
0xA2, 0x00, 0x53, 0x01, 0xA0, 0x7C, 0xD6, 0xAB,
0xA3, 0x12, 0x1E, 0xFA, 0x0F, 0x2A, 0xCE, 0x1F,
0x74, 0x84, 0x4F, 0xCA, 0xF3, 0x17, 0xF3, 0xA4,
0x40, 0xE9, 0xD7, 0xD2, 0x77, 0xB6, 0x42, 0x2D,
0x02, 0x36, 0xC1, 0x26, 0xCB, 0x68, 0x5E, 0x9D,
0x7C, 0x98, 0x09, 0x0A, 0x8D, 0x7E, 0x2D, 0xED,
0xE4, 0x5D, 0x79, 0xF5, 0xD4, 0x92, 0x4F, 0x9B,
0x18, 0x8E, 0xFC, 0x2A, 0xA7, 0x4B, 0x7C, 0x32,
0xF6, 0x42, 0x57, 0xB7, 0x08, 0x7F, 0x08, 0x17,
0x72, 0xA2, 0xBA, 0xD6, 0xA9, 0x42, 0xF3, 0x05,
0xE8, 0xF9, 0x53, 0x11, 0x39, 0x4F, 0xB6, 0xF1,
0x6E, 0xB9, 0x4B, 0x38, 0x20, 0xDA, 0x01, 0xA7,
0x56, 0xA3, 0x14, 0xE9, 0x8F, 0x40, 0x55, 0xF3,
0xD0, 0x07, 0xC6, 0xCB, 0x43, 0xA9, 0x94, 0xAD,
0xF7, 0x4C, 0x64, 0x86, 0x49, 0xF8, 0x0C, 0x83,
0xBD, 0x65, 0xE9, 0x17, 0xD4, 0xA1, 0xD3, 0x50,
0xF8, 0xF5, 0x59, 0x5F, 0xDC, 0x76, 0x52, 0x4F,
0x3D, 0x3D, 0x8D, 0xDB, 0xCE, 0x99, 0xE1, 0x57,
0x92, 0x59, 0xCD, 0xFD, 0xB8, 0xAE, 0x74, 0x4F,
0xC5, 0xFC, 0x76, 0xBC, 0x83, 0xC5, 0x47, 0x30,
0x61, 0xCE, 0x7C, 0xC9, 0x66, 0xFF, 0x15, 0xF9,
0xBB, 0xFD, 0x91, 0x5E, 0xC7, 0x01, 0xAA, 0xD3,
0x5B, 0x9E, 0x8D, 0xA0, 0xA5, 0x72, 0x3A, 0xD4,
0x1A, 0xF0, 0xBF, 0x46, 0x00, 0x58, 0x2B, 0xE5,
0xF4, 0x88, 0xFD, 0x58, 0x4E, 0x49, 0xDB, 0xCD,
0x20, 0xB4, 0x9D, 0xE4, 0x91, 0x07, 0x36, 0x6B,
0x33, 0x6C, 0x38, 0x0D, 0x45, 0x1D, 0x0F, 0x7C,
0x88, 0xB3, 0x1C, 0x7C, 0x5B, 0x2D, 0x8E, 0xF6,
0xF3, 0xC9, 0x23, 0xC0, 0x43, 0xF0, 0xA5, 0x5B,
0x18, 0x8D, 0x8E, 0xBB, 0x55, 0x8C, 0xB8, 0x5D,
0x38, 0xD3, 0x34, 0xFD, 0x7C, 0x17, 0x57, 0x43,
0xA3, 0x1D, 0x18, 0x6C, 0xDE, 0x33, 0x21, 0x2C,
0xB5, 0x2A, 0xFF, 0x3C, 0xE1, 0xB1, 0x29, 0x40,
0x18, 0x11, 0x8D, 0x7C, 0x84, 0xA7, 0x0A, 0x72,
0xD6, 0x86, 0xC4, 0x03, 0x19, 0xC8, 0x07, 0x29,
0x88, 0x50, 0x05, 0x4B, 0xFE, 0x24, 0x36, 0x96,
0x47, 0xAB, 0x40, 0x4A, 0xA2, 0xE5, 0xB3, 0xCB,
0x0E, 0x0F, 0x2A, 0x1C, 0x45, 0x17, 0x3D, 0xD9,
0x5D, 0xED, 0x9F, 0x0D, 0x33, 0xDA, 0x04, 0xC9,
0x19, 0xA9, 0x9D, 0x3F, 0x40, 0xF3, 0xF4, 0x2D
};
static const BYTE prime4096q[] = {
0x01, 0xFF, 0x0C, 0xD9, 0x96, 0x9F, 0xAB, 0xD0,
0x0A, 0x50, 0x9B, 0x02, 0x46, 0xD3, 0x08, 0x3D,
0x66, 0xA4, 0x5D, 0x41, 0x9F, 0x9C, 0x7C, 0xBD,
0x89, 0x4B, 0x22, 0x19, 0x26, 0xBA, 0xAB, 0xA2,
0x5E, 0xC3, 0x55, 0xE9, 0x27, 0xC2, 0x65
};
/* The structure for storing the DSA public values */
typedef struct {
const int baseLen; const BYTE base[ 1 ];
const int primePLen; const BYTE *primeP;
const int primeQLen; const BYTE *primeQ;
} DSA_PUBLIC_VALUES;
static const DSA_PUBLIC_VALUES dsaPublicValues[] = {
{ 1, { 0x02 }, 1024, prime1024p, 160, prime1024q },
{ 1, { 0x02 }, 1536, prime1536p, 200, prime1536q },
{ 1, { 0x02 }, 2048, prime2048p, 232, prime2048q },
{ 1, { 0x02 }, 3072, prime3072p, 272, prime3072q },
{ 1, { 0x02 }, 4096, prime4096p, 312, prime4096q },
{ 0, { 0 }, 0, NULL }
};
#endif /* 0 */
/****************************************************************************
* *
* DSA Self-test Routines *
* *
****************************************************************************/
/* Test the DSA implementation using the sample key and hash from FIPS 186.
Because a lot of the high-level encryption routines don't exist yet, we
cheat a bit and set up a dummy encryption context with just enough
information for the following code to work */
typedef struct {
int pLen; BYTE p[ 64 ];
int qLen; BYTE q[ 20 ];
int gLen; BYTE g[ 64 ];
int xLen; BYTE x[ 20 ];
int yLen; BYTE y[ 64 ];
} DLP_PRIVKEY;
static const DLP_PRIVKEY dlpTestKey = {
/* p */
512,
{ 0x8D, 0xF2, 0xA4, 0x94, 0x49, 0x22, 0x76, 0xAA,
0x3D, 0x25, 0x75, 0x9B, 0xB0, 0x68, 0x69, 0xCB,
0xEA, 0xC0, 0xD8, 0x3A, 0xFB, 0x8D, 0x0C, 0xF7,
0xCB, 0xB8, 0x32, 0x4F, 0x0D, 0x78, 0x82, 0xE5,
0xD0, 0x76, 0x2F, 0xC5, 0xB7, 0x21, 0x0E, 0xAF,
0xC2, 0xE9, 0xAD, 0xAC, 0x32, 0xAB, 0x7A, 0xAC,
0x49, 0x69, 0x3D, 0xFB, 0xF8, 0x37, 0x24, 0xC2,
0xEC, 0x07, 0x36, 0xEE, 0x31, 0xC8, 0x02, 0x91 },
/* q */
160,
{ 0xC7, 0x73, 0x21, 0x8C, 0x73, 0x7E, 0xC8, 0xEE,
0x99, 0x3B, 0x4F, 0x2D, 0xED, 0x30, 0xF4, 0x8E,
0xDA, 0xCE, 0x91, 0x5F },
/* g */
512,
{ 0x62, 0x6D, 0x02, 0x78, 0x39, 0xEA, 0x0A, 0x13,
0x41, 0x31, 0x63, 0xA5, 0x5B, 0x4C, 0xB5, 0x00,
0x29, 0x9D, 0x55, 0x22, 0x95, 0x6C, 0xEF, 0xCB,
0x3B, 0xFF, 0x10, 0xF3, 0x99, 0xCE, 0x2C, 0x2E,
0x71, 0xCB, 0x9D, 0xE5, 0xFA, 0x24, 0xBA, 0xBF,
0x58, 0xE5, 0xB7, 0x95, 0x21, 0x92, 0x5C, 0x9C,
0xC4, 0x2E, 0x9F, 0x6F, 0x46, 0x4B, 0x08, 0x8C,
0xC5, 0x72, 0xAF, 0x53, 0xE6, 0xD7, 0x88, 0x02 },
/* y */
160,
{ 0x20, 0x70, 0xB3, 0x22, 0x3D, 0xBA, 0x37, 0x2F,
0xDE, 0x1C, 0x0F, 0xFC, 0x7B, 0x2E, 0x3B, 0x49,
0x8B, 0x26, 0x06, 0x14 },
/* x */
512,
{ 0x19, 0x13, 0x18, 0x71, 0xD7, 0x5B, 0x16, 0x12,
0xA8, 0x19, 0xF2, 0x9D, 0x78, 0xD1, 0xB0, 0xD7,
0x34, 0x6F, 0x7A, 0xA7, 0x7B, 0xB6, 0x2A, 0x85,
0x9B, 0xFD, 0x6C, 0x56, 0x75, 0xDA, 0x9D, 0x21,
0x2D, 0x3A, 0x36, 0xEF, 0x16, 0x72, 0xEF, 0x66,
0x0B, 0x8C, 0x7C, 0x25, 0x5C, 0xC0, 0xEC, 0x74,
0x85, 0x8F, 0xBA, 0x33, 0xF4, 0x4C, 0x06, 0x69,
0x96, 0x30, 0xA7, 0x6B, 0x03, 0x0E, 0xE3, 0x33 }
};
static const BYTE shaM[] = {
0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A,
0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C,
0x9C, 0xD0, 0xD8, 0x9D
};
/* If we're doing a self-test using the FIPS 186 values we use the following
fixed k data rather than a randomly-generated value */
static const BYTE kVal[] = {
0x35, 0x8D, 0xAD, 0x57, 0x14, 0x62, 0x71, 0x0F,
0x50, 0xE2, 0x54, 0xCF, 0x1A, 0x37, 0x6B, 0x2B,
0xDE, 0xAA, 0xDF, 0xBF
};
int dsaInitKey( CRYPT_INFO *cryptInfo, const void *key, const int keyLength );
int dsaSign( CRYPT_INFO *cryptInfo, BYTE *buffer, int noBytes );
int dsaSigCheck( CRYPT_INFO *cryptInfo, BYTE *buffer, int noBytes );
int dsaSelfTest( void )
{
CRYPT_INFO cryptInfo;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -