diff options
| author | lloyd <[email protected]> | 2010-03-16 17:36:31 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-16 17:36:31 +0000 |
| commit | 651aa262cab86a8e98ee9815ec365ea68ffff5b1 (patch) | |
| tree | dd8f53acea45c204d169edaaec36aa4dfeeb9268 /src/pubkey | |
| parent | 3b285e35294dfe67650063cc774d6f4e4e77b934 (diff) | |
Add a couple of verification tests for GOST 34.10
Generating the test vectors found yet another inane (and, of course,
undocumented) behavior in the GOST implementation included in OpenSSL;
it treats the hash inputs as little endian. Just out of curiousity, I
checked RFC 5832, which supposedly specifies this algorithm; not a
peep about endian conversions.
The more I deal with standards coming out of the CryptoPro people, the
less confidence I have in them.
Diffstat (limited to 'src/pubkey')
| -rw-r--r-- | src/pubkey/gost_3410/gost_3410.cpp | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/pubkey/gost_3410/gost_3410.cpp b/src/pubkey/gost_3410/gost_3410.cpp index 505d92a61..e6f68526e 100644 --- a/src/pubkey/gost_3410/gost_3410.cpp +++ b/src/pubkey/gost_3410/gost_3410.cpp @@ -84,6 +84,20 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id, } } +namespace { + +BigInt decode_le(const byte msg[], u32bit msg_len) + { + SecureVector<byte> msg_le(msg, msg_len); + + for(size_t i = 0; i != msg_le.size() / 2; ++i) + std::swap(msg_le[i], msg_le[msg_le.size()-1-i]); + + return BigInt(msg_le, msg_le.size()); + } + +} + GOST_3410_Signature_Operation::GOST_3410_Signature_Operation( const GOST_3410_PrivateKey& gost_3410) : @@ -102,7 +116,7 @@ GOST_3410_Signature_Operation::sign(const byte msg[], u32bit msg_len, k.randomize(rng, order.bits()-1); while(k >= order); - BigInt e(msg, msg_len); + BigInt e = decode_le(msg, msg_len); e %= order; if(e == 0) @@ -124,7 +138,6 @@ GOST_3410_Signature_Operation::sign(const byte msg[], u32bit msg_len, return output; } - GOST_3410_Verification_Operation::GOST_3410_Verification_Operation(const GOST_3410_PublicKey& gost) : base_point(gost.domain().get_base_point()), public_point(gost.public_point()), @@ -138,7 +151,7 @@ bool GOST_3410_Verification_Operation::verify(const byte msg[], u32bit msg_len, if(sig_len != order.bytes()*2) return false; - BigInt e(msg, msg_len); + BigInt e = decode_le(msg, msg_len); BigInt r(sig, sig_len / 2); BigInt s(sig + sig_len / 2, sig_len / 2); |