diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-27 16:05:55 +0400 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-27 16:05:55 +0400 |
| commit | cf62f1091900a1ced6b3bb976b6923c676f7c440 (patch) | |
| tree | 4ec717706fb7c59b1bd4be926a66076ceb806b45 /core/src/main/java/org/bouncycastle/crypto/signers | |
| parent | cf913dde1253b8bb11aca0c1590cc0c9f3cd445c (diff) | |
Check for negative r, s
Refactor local variables
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/signers')
| -rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java b/core/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java index ee3cf34d..2979a5db 100644 --- a/core/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java +++ b/core/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java @@ -5,6 +5,7 @@ import java.security.SecureRandom; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; +import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECKeyParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; @@ -56,12 +57,17 @@ public class DSTU4145Signer public BigInteger[] generateSignature(byte[] message) { - ECFieldElement h = hash2FieldElement(key.getParameters().getCurve(), message); + ECDomainParameters parameters = key.getParameters(); + + ECCurve curve = parameters.getCurve(); + + ECFieldElement h = hash2FieldElement(curve, message); if (h.isZero()) { - h = key.getParameters().getCurve().fromBigInteger(ONE); + h = curve.fromBigInteger(ONE); } + BigInteger n = parameters.getN(); BigInteger e, r, s; ECFieldElement Fe, y; @@ -71,17 +77,17 @@ public class DSTU4145Signer { do { - e = generateRandomInteger(key.getParameters().getN(), random); - Fe = key.getParameters().getG().multiply(e).normalize().getAffineXCoord(); + e = generateRandomInteger(n, random); + Fe = parameters.getG().multiply(e).normalize().getAffineXCoord(); } while (Fe.isZero()); y = h.multiply(Fe); - r = fieldElement2Integer(key.getParameters().getN(), y); + r = fieldElement2Integer(n, y); } while (r.signum() == 0); - s = r.multiply(((ECPrivateKeyParameters)key).getD()).add(e).mod(key.getParameters().getN()); + s = r.multiply(((ECPrivateKeyParameters)key).getD()).add(e).mod(n); } while (s.signum() == 0); @@ -90,22 +96,28 @@ public class DSTU4145Signer public boolean verifySignature(byte[] message, BigInteger r, BigInteger s) { - if (r.signum() == 0 || s.signum() == 0) + if (r.signum() <= 0 || s.signum() <= 0) { return false; } - if (r.compareTo(key.getParameters().getN()) >= 0 || s.compareTo(key.getParameters().getN()) >= 0) + + ECDomainParameters parameters = key.getParameters(); + + BigInteger n = parameters.getN(); + if (r.compareTo(n) >= 0 || s.compareTo(n) >= 0) { return false; } - ECFieldElement h = hash2FieldElement(key.getParameters().getCurve(), message); + ECCurve curve = parameters.getCurve(); + + ECFieldElement h = hash2FieldElement(curve, message); if (h.isZero()) { - h = key.getParameters().getCurve().fromBigInteger(ONE); + h = curve.fromBigInteger(ONE); } - ECPoint R = ECAlgorithms.sumOfTwoMultiplies(key.getParameters().getG(), s, ((ECPublicKeyParameters)key).getQ(), r).normalize(); + ECPoint R = ECAlgorithms.sumOfTwoMultiplies(parameters.getG(), s, ((ECPublicKeyParameters)key).getQ(), r).normalize(); // components must be bogus. if (R.isInfinity()) @@ -114,7 +126,7 @@ public class DSTU4145Signer } ECFieldElement y = h.multiply(R.getAffineXCoord()); - return fieldElement2Integer(key.getParameters().getN(), y).compareTo(r) == 0; + return fieldElement2Integer(n, y).compareTo(r) == 0; } /** |