aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/pubkey/ecdsa/ecdsa.cpp2
-rw-r--r--src/lib/pubkey/ecgdsa/ecgdsa.cpp9
-rw-r--r--src/lib/pubkey/eckcdsa/eckcdsa.cpp3
-rw-r--r--src/lib/pubkey/gost_3410/gost_3410.cpp9
-rw-r--r--src/lib/pubkey/sm2/sm2.cpp8
5 files changed, 17 insertions, 14 deletions
diff --git a/src/lib/pubkey/ecdsa/ecdsa.cpp b/src/lib/pubkey/ecdsa/ecdsa.cpp
index d473e466c..a2877f7fc 100644
--- a/src/lib/pubkey/ecdsa/ecdsa.cpp
+++ b/src/lib/pubkey/ecdsa/ecdsa.cpp
@@ -90,7 +90,7 @@ ECDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
const BigInt k_inv = inverse_mod(k, m_group.get_order());
const BigInt r = m_group.mod_order(
- m_group.blinded_base_point_multiply(k, rng, m_ws).get_affine_x());
+ m_group.blinded_base_point_multiply_x(k, rng, m_ws));
const BigInt xrm = m_group.mod_order(m_group.multiply_mod_order(m_x, r) + m);
const BigInt s = m_group.multiply_mod_order(k_inv, xrm);
diff --git a/src/lib/pubkey/ecgdsa/ecgdsa.cpp b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
index 6cbd3453b..db790b0d1 100644
--- a/src/lib/pubkey/ecgdsa/ecgdsa.cpp
+++ b/src/lib/pubkey/ecgdsa/ecgdsa.cpp
@@ -61,9 +61,12 @@ ECGDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
BigInt k = BigInt::random_integer(rng, 1, m_group.get_order());
- const PointGFp k_times_P = m_group.blinded_base_point_multiply(k, rng, m_ws);
- const BigInt r = m_group.mod_order(k_times_P.get_affine_x());
- const BigInt s = m_group.multiply_mod_order(m_x, mul_sub(k, r, m));
+ const BigInt r = m_group.mod_order(
+ m_group.blinded_base_point_multiply_x(k, rng, m_ws));
+
+ const BigInt kr = m_group.multiply_mod_order(k, r);
+
+ const BigInt s = m_group.multiply_mod_order(m_x, kr - m);
// With overwhelming probability, a bug rather than actual zero r/s
if(r.is_zero() || s.is_zero())
diff --git a/src/lib/pubkey/eckcdsa/eckcdsa.cpp b/src/lib/pubkey/eckcdsa/eckcdsa.cpp
index be721a6b6..f9d9b2f60 100644
--- a/src/lib/pubkey/eckcdsa/eckcdsa.cpp
+++ b/src/lib/pubkey/eckcdsa/eckcdsa.cpp
@@ -77,8 +77,7 @@ ECKCDSA_Signature_Operation::raw_sign(const uint8_t msg[], size_t,
RandomNumberGenerator& rng)
{
const BigInt k = BigInt::random_integer(rng, 1, m_group.get_order());
- const PointGFp k_times_P = m_group.blinded_base_point_multiply(k, rng, m_ws);
- const BigInt k_times_P_x = k_times_P.get_affine_x();
+ const BigInt k_times_P_x = m_group.blinded_base_point_multiply_x(k, rng, m_ws);
secure_vector<uint8_t> to_be_hashed(k_times_P_x.bytes());
k_times_P_x.binary_encode(to_be_hashed.data());
diff --git a/src/lib/pubkey/gost_3410/gost_3410.cpp b/src/lib/pubkey/gost_3410/gost_3410.cpp
index 79d3f204d..4e2df4cb8 100644
--- a/src/lib/pubkey/gost_3410/gost_3410.cpp
+++ b/src/lib/pubkey/gost_3410/gost_3410.cpp
@@ -132,11 +132,12 @@ GOST_3410_Signature_Operation::raw_sign(const uint8_t msg[], size_t msg_len,
if(e == 0)
e = 1;
- const PointGFp k_times_P = m_group.blinded_base_point_multiply(k, rng, m_ws);
- BOTAN_ASSERT(k_times_P.on_the_curve(), "GOST 34.10 k*g is on the curve");
+ const BigInt r = m_group.mod_order(
+ m_group.blinded_base_point_multiply_x(k, rng, m_ws));
- const BigInt r = m_group.mod_order(k_times_P.get_affine_x());
- const BigInt s = m_group.mod_order(r*m_x + k*e);
+ const BigInt s = m_group.mod_order(
+ m_group.multiply_mod_order(r, m_x) +
+ m_group.multiply_mod_order(k, e));
if(r == 0 || s == 0)
throw Internal_Error("GOST 34.10 signature generation failed, r/s equal to zero");
diff --git a/src/lib/pubkey/sm2/sm2.cpp b/src/lib/pubkey/sm2/sm2.cpp
index a23708944..cec9eaa38 100644
--- a/src/lib/pubkey/sm2/sm2.cpp
+++ b/src/lib/pubkey/sm2/sm2.cpp
@@ -112,12 +112,12 @@ class SM2_Signature_Operation final : public PK_Ops::Signature
secure_vector<uint8_t>
SM2_Signature_Operation::sign(RandomNumberGenerator& rng)
{
- const BigInt k = BigInt::random_integer(rng, 1, m_group.get_order());
+ const BigInt e = BigInt::decode(m_hash->final());
- const PointGFp k_times_P = m_group.blinded_base_point_multiply(k, rng, m_ws);
+ const BigInt k = BigInt::random_integer(rng, 1, m_group.get_order());
- const BigInt e = BigInt::decode(m_hash->final());
- const BigInt r = m_group.mod_order(k_times_P.get_affine_x() + e);
+ const BigInt r = m_group.mod_order(
+ m_group.blinded_base_point_multiply_x(k, rng, m_ws) + e);
const BigInt s = m_group.multiply_mod_order(m_da_inv, (k - r*m_x));
// prepend ZA for next signature if any