mpi_subm use in elgamal.c:sign
D. Hugh Redelmeier
hugh@mimosa.com
Mon, 25 Oct 1999 12:33:47 -0400 (EDT)
I'm trying to steal code for Pluto, and as a result I've got to
understand it to a modest degree. Something doesn't make sense to me.
Probably it is my misunderstanding, but it would be great to clear
that up.
In gnupg-1.0.0/cipher/elgamal.c:sign, the following sequence occurs:
mpi_subm(t, input, t, p_1 );
while( mpi_is_neg(t) )
mpi_add(t, t, p_1);
When could mpi_is_neg return 1? As I understand it, the mpi_subm
call will make t equal to
(input - t) % p_1
The % (calculated by mpi_fdiv_r) can only yield negative result if p_1
is negative, but it is in fact one less than a large prime (I think).
Hugh Redelmeier
hugh@mimosa.com voice: +1 416 482-8253