fixup key generation 1/2

baloo · baloo · commit 79c61dc3b1de · 2025-02-16T20:17:57.000-08:00
diff --git a/dsa/src/generate.rs b/dsa/src/generate.rs
@@ -17,6 +17,8 @@ pub use self::keypair::keypair;
 fn calculate_bounds(size: u32) -> (BoxedUint, BoxedUint) {
     let lower = two().shl(size - 1);
     let upper = two().shl(size);
+    let lower = BoxedUint::one().widen(size + 1).shl(size - 1);
+    let upper = BoxedUint::one().widen(size + 1).shl(size);
 
     (lower, upper)
 }
diff --git a/dsa/src/generate/components.rs b/dsa/src/generate/components.rs
@@ -41,8 +41,10 @@ pub fn common(
                     break 'gen_m m;
                 }
             };
-            let mr = &m % NonZero::new(two() * &*q).unwrap();
+            let rem = NonZero::new((two() * &*q).widen(m.bits_precision())).unwrap();
+            let mr = &m % &rem;
             let p = m - mr + BoxedUint::one();
+            let p = p.shorten(q.bits_precision());
             let p = NonZero::new(p).unwrap();
 
             if crypto_primes::is_prime_with_rng(rng, &*p) {
@@ -54,6 +56,7 @@ pub fn common(
     // Generate g using the unverifiable method as defined by Appendix A.2.1
     let e = (&*p - &BoxedUint::one()) / &q;
     let mut h = BoxedUint::one();
+    let mut h = BoxedUint::one().widen(q.bits_precision());
     let g = loop {
         let params = BoxedMontyParams::new_vartime(Odd::new((*p).clone()).unwrap());
         let form = BoxedMontyForm::new(h.clone(), params);

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,8 @@ pub use self::keypair::keypair;`
`17`	`17`	`fn calculate_bounds(size: u32) -> (BoxedUint, BoxedUint) {`
`18`	`18`	`let lower = two().shl(size - 1);`
`19`	`19`	`let upper = two().shl(size);`
	`20`	`+ let lower = BoxedUint::one().widen(size + 1).shl(size - 1);`
	`21`	`+ let upper = BoxedUint::one().widen(size + 1).shl(size);`
`20`	`22`
`21`	`23`	`(lower, upper)`
`22`	`24`	`}`