Implement W/b computation for ANSI X9.62.

2 files changed, 32 insertions, 2 deletions

diff --git a/src/gen/seed.c b/src/gen/seed.c
index 1da7f2a..9d0359f 100644
--- a/src/gen/seed.c
+++ b/src/gen/seed.c
@@ -82,9 +82,39 @@ static void seed_hash(seed_t *seed) {
 }
 
 static void seed_W(seed_t *seed, const config_t *cfg) {
+	pari_sp ltop = avma;
 	GEN t = utoi(cfg->bits);
 	GEN s = floorr(rdivii(subis(t, 1), stoi(160), DEFAULTPREC));
 	GEN h = subii(t, mulis(s, 160));
+
+	bits_t *c0 = bits_from_raw(seed->hash20, 160);
+	bits_shortenz(c0, 160 - itos(h));
+
+	bits_t *W0 = bits_copy(c0);
+	SET_BIT(W0->bits, 0, 0);
+
+	long is = itos(s);
+	seed->W = bits_copy(W0);
+	GEN two_g = int2n(seed->seed->bitlen);
+	for (long i = 1; i <= is; ++i) {
+		pari_sp btop = avma;
+		GEN inner = bits_to_i(seed->seed);
+		inner = addis(inner, i);
+		inner = modii(inner, two_g);
+
+		bits_t *to_hash = bits_from_i(inner);
+		unsigned char hashout[20];
+		bits_sha1(to_hash, hashout);
+		bits_t *Wi = bits_from_raw(hashout, 160);
+		bits_concatz(seed->W, Wi, NULL);
+		bits_free(&to_hash);
+		bits_free(&Wi);
+		avma = btop;
+	}
+
+	bits_free(&c0);
+	bits_free(&W0);
+	avma = ltop;
 }
 
 GENERATOR(seed_gen_random) {
diff --git a/test/src/gen/test_seed.c b/test/src/gen/test_seed.c
index e5bf6bd..d69c192 100644
--- a/test/src/gen/test_seed.c
+++ b/test/src/gen/test_seed.c
@@ -5,11 +5,11 @@
 
 #include <criterion/criterion.h>
 #include "gen/seed.h"
-#include "util/bits.h"
-#include "util/memory.h"
 #include "test/default.h"
 #include "test/input.h"
 #include "test/output.h"
+#include "util/bits.h"
+#include "util/memory.h"
 
 void seed_suite_setup(void) {
 	default_setup();