5 // NIST algorithm for generating DSA primes
6 // Menezes et al (1997) Handbook of Applied Cryptography, p.151
7 // q is a 160-bit prime; p is a 1024-bit prime; q divides p-1
9 // arithmetic on unsigned ints mod 2**160, represented
10 // as 20-byte, little-endian uchar array
32 // this can run for quite a while; be patient
34 DSAprimes(mpint *q, mpint *p, uchar seed[SHA1dlen])
36 int i, j, k, n = 6, b = 63;
37 uchar s[SHA1dlen], Hs[SHA1dlen], Hs1[SHA1dlen], sj[SHA1dlen], sjk[SHA1dlen];
38 mpint *two1023, *mb, *Vk, *W, *X, *q2;
40 two1023 = mpnew(1024);
41 mpleft(mpone, 1023, two1023);
60 }while(!probably_prime(q, 18));
61 if(seed != nil) // allow skeptics to confirm computation
62 memmove(seed, s, SHA1dlen);
69 for(k=0; k <= n; k++){
74 mpleft(Vk, 160*k, Vk);
82 if(mpcmp(p, two1023)>=0 && probably_prime(p, 5))