generateSecret function
Implementation
BigInt generateSecret(BigInt q, BigInt x, List<int> hash) {
var hasher = sha256;
var qLen = q.bitLength;
var hoLen =
32; // = sha256.size, because the sha256 is fixed here so do the len
var roLen = (qLen + 7) >> 3;
var bx = intToOctets(x, roLen) + bitsToOctets(hash, q, roLen);
var v = List<int>.filled(hoLen, 0x01);
var k = List<int>.filled(hoLen, 0x00);
k = Hmac(hasher, k).convert(v + [0x00] + bx).bytes;
v = Hmac(hasher, k).convert(v).bytes;
k = Hmac(hasher, k).convert(v + [0x01] + bx).bytes;
v = Hmac(hasher, k).convert(v).bytes;
while (true) {
var t = <int>[];
while (t.length * 8 < qLen) {
v = Hmac(hasher, k).convert(v).bytes;
t = t + v;
}
var secret = bitsToInt(t, qLen);
if (secret >= BigInt.one && secret < q) {
return secret;
}
k = Hmac(hasher, k).convert(v + [0x00]).bytes;
v = Hmac(hasher, k).convert(v).bytes;
}
}
