aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/nr
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-09 14:31:07 +0000
committerlloyd <[email protected]>2010-03-09 14:31:07 +0000
commit535eb4d66574a0a6d49554de40c277512c7fada1 (patch)
treea24cb69cd155a111e9e3aa75d820f87f55157a0a /src/pubkey/nr
parent80a3459993c6b4531617f5c4f8b32cbe98d15529 (diff)
DSA and NR require certain parameters (which depend on the randomly
choosen nonce) not be 0. Previously it would just check and throw an exception if this was the case. Change to generate a new nonce and retry if this happens.
Diffstat (limited to 'src/pubkey/nr')
-rw-r--r--src/pubkey/nr/nr.cpp21
1 files changed, 12 insertions, 9 deletions
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index cf59615da..f9ba37c41 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -99,20 +99,23 @@ NR_Signature_Operation::sign(const byte msg[], u32bit msg_len,
{
rng.add_entropy(msg, msg_len);
- BigInt k;
- do
- k.randomize(rng, q.bits());
- while(k >= q);
-
BigInt f(msg, msg_len);
if(f >= q)
throw Invalid_Argument("NR_Signature_Operation: Input is out of range");
- BigInt c = mod_q.reduce(powermod_g_p(k) + f);
- if(c.is_zero())
- throw Internal_Error("NR_Signature_Operation: c was zero");
- BigInt d = mod_q.reduce(k - x * c);
+ BigInt c, d;
+
+ while(c == 0)
+ {
+ BigInt k;
+ do
+ k.randomize(rng, q.bits());
+ while(k >= q);
+
+ c = mod_q.reduce(powermod_g_p(k) + f);
+ d = mod_q.reduce(k - x * c);
+ }
SecureVector<byte> output(2*q.bytes());
c.binary_encode(output + (output.size() / 2 - c.bytes()));