suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Micro-optimize DSA signing

Browse Source
This commit is contained in:
Daniel Huigens 2018-05-01 17:34:55 +02:00
parent 0ae427060f
commit 6e27e3145c
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/crypto/public_key/dsa.js
View File

@ -68,7 +68,8 @@ export default {
// directly in the DSA signature algorithm. // directly in the DSA signature algorithm.
const h = new BN( const h = new BN(
util.getLeftNBits( util.getLeftNBits(
hash.digest(hash_algo, m), q.bitLength())); hash.digest(hash_algo, m), q.bitLength()))
.toRed(redq);
// FIPS-186-4, section 4.6: // FIPS-186-4, section 4.6:
// The values of r and s shall be checked to determine if r = 0 or s = 0. // The values of r and s shall be checked to determine if r = 0 or s = 0.
// If either r = 0 or s = 0, a new value of k shall be generated, and the // If either r = 0 or s = 0, a new value of k shall be generated, and the
@ -82,7 +83,7 @@ export default {
if (zero.cmp(r) === 0) { if (zero.cmp(r) === 0) {
continue; continue;
} }
t = h.add(x.mul(r)).toRed(redq); // H(m) + x*r mod q t = h.redAdd(xred.redMul(r)); // H(m) + x*r mod q
s = k.toRed(redq).redInvm().redMul(t); // k**-1 * (H(m) + x*r) mod q s = k.toRed(redq).redInvm().redMul(t); // k**-1 * (H(m) + x*r) mod q
if (zero.cmp(s) === 0) { if (zero.cmp(s) === 0) {
continue; continue;