CHECK(d0_bignum_gcd(temp4, NULL, NULL, temp2, ctx->rsa_e));
if(!d0_bignum_cmp(temp4, one))
break;
- if(++gcdfail == 3)
+ if(++gcdfail == 16)
goto fail;
- ++gcdfail;
}
UNLOCKTEMPS();
if(!d0_bignum_cmp(temp1, ctx->rsa_d))
{
UNLOCKTEMPS();
- if(++fail == 3)
+ if(++fail == 16)
goto fail;
continue;
}
break;
}
UNLOCKTEMPS();
- if(++gcdfail == 3)
+ if(++gcdfail == 16)
goto fail;
- ++gcdfail;
}
// ctx->rsa_n = ctx->rsa_d*temp1
// ctx->rsa_d = ctx->rsa_e^-1 mod (ctx->rsa_d-1)(temp1-1)
CHECK(d0_bignum_sub(temp2, ctx->rsa_d, one)); // we can't reuse the value from above because temps were unlocked
- CHECK(d0_bignum_mul(temp0, temp2, temp3));
- CHECK(d0_bignum_mod_inv(ctx->rsa_d, ctx->rsa_e, temp0));
+ CHECK(d0_bignum_mul(temp1, temp2, temp3));
+ CHECK(d0_bignum_mod_inv(ctx->rsa_d, ctx->rsa_e, temp1));
UNLOCKTEMPS();
return 1;
fail:
CHECK(d0_bignum_gcd(temp4, NULL, NULL, temp2, ctx->rsa_e));
if(!d0_bignum_cmp(temp4, one))
break;
- if(++gcdfail == 3)
+ if(++gcdfail == 16)
return 0;
- ++gcdfail;
}
UNLOCKTEMPS();
if(!d0_bignum_cmp(temp1, ctx->rsa_d))
{
UNLOCKTEMPS();
- if(++fail == 3)
+ if(++fail == 16)
return 0;
continue;
}
break;
}
UNLOCKTEMPS();
- if(++gcdfail == 3)
+ if(++gcdfail == 16)
return 0;
- ++gcdfail;
}
// ctx->rsa_d = ctx->rsa_e^-1 mod (ctx->rsa_d-1)(temp1-1)
CHECK(d0_bignum_sub(temp2, ctx->rsa_d, one)); // we can't reuse the value from above because temps were unlocked
- CHECK(d0_bignum_mul(ctx->rsa_d, temp2, temp3));
- CHECK(d0_bignum_mod_inv(ctx->rsa_d, ctx->rsa_e, temp0));
+ CHECK(d0_bignum_mul(temp1, temp2, temp3));
+ CHECK(d0_bignum_mod_inv(ctx->rsa_d, ctx->rsa_e, temp1));
UNLOCKTEMPS();
return 1;
fail:
return 0;
}
+D0_WARN_UNUSED_RESULT D0_BOOL d0_blind_id_verify_private_id(const d0_blind_id_t *ctx)
+{
+ USINGTEMPS(); // temps: temp0 = g^s
+ USING(schnorr_G); USING(schnorr_s); USING(schnorr_g_to_s);
+
+ LOCKTEMPS();
+ CHECK(d0_bignum_mod_pow(temp0, four, ctx->schnorr_s, ctx->schnorr_G));
+ CHECK(!d0_bignum_cmp(temp0, ctx->schnorr_g_to_s));
+ UNLOCKTEMPS();
+ return 1;
+
+fail:
+ UNLOCKTEMPS();
+ return 0;
+}
+
d0_blind_id_t *d0_blind_id_new(void)
{
d0_blind_id_t *b = d0_malloc(sizeof(d0_blind_id_t));