- Timestamp:
- Feb 7, 2019, 8:36:33 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
asp3_tinet_ecnl_rx/trunk/wolfssl-3.12.2/wolfcrypt/src/integer.c
r337 r372 46 46 #ifndef USE_FAST_MATH 47 47 48 #ifndef WOLFSSL_SP_MATH 49 48 50 #include <wolfssl/wolfcrypt/integer.h> 49 51 … … 320 322 } 321 323 324 int mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c) 325 { 326 int i, len; 327 328 len = mp_unsigned_bin_size(a); 329 330 /* pad front w/ zeros to match length */ 331 for (i = 0; i < c - len; i++) 332 b[i] = 0x00; 333 return mp_to_unsigned_bin(a, b + i); 334 } 322 335 323 336 /* creates "a" then copies b into it */ … … 3977 3990 3978 3991 3979 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC) 3992 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_RSA) || \ 3993 !defined(NO_DSA) | !defined(NO_DH) 3980 3994 3981 3995 /* c = a * a (mod b) */ … … 4003 4017 #if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(WOLFSSL_SNIFFER) || \ 4004 4018 defined(WOLFSSL_HAVE_WOLFSCEP) || defined(WOLFSSL_KEY_GEN) || \ 4005 defined(OPENSSL_EXTRA) || defined(WC_RSA_BLINDING) 4019 defined(OPENSSL_EXTRA) || defined(WC_RSA_BLINDING) || \ 4020 (!defined(NO_RSA) && !defined(NO_RSA_BOUNDS_CHECK)) 4006 4021 4007 4022 /* single digit addition */ … … 4170 4185 4171 4186 4172 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC) 4187 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC) || \ 4188 defined(DEBUG_WOLFSSL) || !defined(NO_RSA) || !defined(NO_DSA) || \ 4189 !defined(NO_DH) 4173 4190 4174 4191 static const int lnz[16] = { … … 4316 4333 } 4317 4334 4318 #endif /* defined(WOLFSSL_KEY_GEN)||defined(HAVE_COMP_KEY)||defined(HAVE_ECC)*/4319 4320 #if def WOLFSSL_KEY_GEN4335 #endif /* WOLFSSL_KEY_GEN || HAVE_COMP_KEY || HAVE_ECC || DEBUG_WOLFSSL */ 4336 4337 #if defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) 4321 4338 4322 4339 const mp_digit ltm_prime_tab[PRIME_SIZE] = { … … 4474 4491 } 4475 4492 4493 /* 4494 * Sets result to 1 if probably prime, 0 otherwise 4495 */ 4496 int mp_prime_is_prime (mp_int * a, int t, int *result) 4497 { 4498 mp_int b; 4499 int ix, err, res; 4500 4501 /* default to no */ 4502 *result = MP_NO; 4503 4504 /* valid value of t? */ 4505 if (t <= 0 || t > PRIME_SIZE) { 4506 return MP_VAL; 4507 } 4508 4509 /* is the input equal to one of the primes in the table? */ 4510 for (ix = 0; ix < PRIME_SIZE; ix++) { 4511 if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) { 4512 *result = 1; 4513 return MP_OKAY; 4514 } 4515 } 4516 4517 /* first perform trial division */ 4518 if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) { 4519 return err; 4520 } 4521 4522 /* return if it was trivially divisible */ 4523 if (res == MP_YES) { 4524 return MP_OKAY; 4525 } 4526 4527 /* now perform the miller-rabin rounds */ 4528 if ((err = mp_init (&b)) != MP_OKAY) { 4529 return err; 4530 } 4531 4532 for (ix = 0; ix < t; ix++) { 4533 /* set the prime */ 4534 if ((err = mp_set (&b, ltm_prime_tab[ix])) != MP_OKAY) { 4535 goto LBL_B; 4536 } 4537 4538 if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) { 4539 goto LBL_B; 4540 } 4541 4542 if (res == MP_NO) { 4543 goto LBL_B; 4544 } 4545 } 4546 4547 /* passed the test */ 4548 *result = MP_YES; 4549 LBL_B:mp_clear (&b); 4550 return err; 4551 } 4552 4553 4554 /* 4555 * Sets result to 1 if probably prime, 0 otherwise 4556 */ 4557 int mp_prime_is_prime_ex (mp_int * a, int t, int *result, WC_RNG *rng) 4558 { 4559 mp_int b, c; 4560 int ix, err, res; 4561 byte* base = NULL; 4562 word32 baseSz = 0; 4563 4564 /* default to no */ 4565 *result = MP_NO; 4566 4567 /* valid value of t? */ 4568 if (t <= 0 || t > PRIME_SIZE) { 4569 return MP_VAL; 4570 } 4571 4572 /* is the input equal to one of the primes in the table? */ 4573 for (ix = 0; ix < PRIME_SIZE; ix++) { 4574 if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) { 4575 *result = MP_YES; 4576 return MP_OKAY; 4577 } 4578 } 4579 4580 /* first perform trial division */ 4581 if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) { 4582 return err; 4583 } 4584 4585 /* return if it was trivially divisible */ 4586 if (res == MP_YES) { 4587 return MP_OKAY; 4588 } 4589 4590 /* now perform the miller-rabin rounds */ 4591 if ((err = mp_init (&b)) != MP_OKAY) { 4592 return err; 4593 } 4594 if ((err = mp_init (&c)) != MP_OKAY) { 4595 mp_clear(&b); 4596 return err; 4597 } 4598 4599 baseSz = mp_count_bits(a); 4600 baseSz = (baseSz / 8) + ((baseSz % 8) ? 1 : 0); 4601 4602 base = (byte*)XMALLOC(baseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); 4603 if (base == NULL) { 4604 err = MP_MEM; 4605 goto LBL_B; 4606 } 4607 4608 if ((err = mp_sub_d(a, 2, &c)) != MP_OKAY) { 4609 goto LBL_B; 4610 } 4611 4612 /* now do a miller rabin with up to t random numbers, this should 4613 * give a (1/4)^t chance of a false prime. */ 4614 for (ix = 0; ix < t; ix++) { 4615 /* Set a test candidate. */ 4616 if ((err = wc_RNG_GenerateBlock(rng, base, baseSz)) != 0) { 4617 goto LBL_B; 4618 } 4619 4620 if ((err = mp_read_unsigned_bin(&b, base, baseSz)) != MP_OKAY) { 4621 goto LBL_B; 4622 } 4623 4624 if (mp_cmp_d(&b, 2) != MP_GT || mp_cmp(&b, &c) != MP_LT) 4625 continue; 4626 4627 if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) { 4628 goto LBL_B; 4629 } 4630 4631 if (res == MP_NO) { 4632 goto LBL_B; 4633 } 4634 } 4635 4636 /* passed the test */ 4637 *result = MP_YES; 4638 LBL_B:mp_clear (&b); 4639 mp_clear (&c); 4640 XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); 4641 return err; 4642 } 4643 4644 #endif /* WOLFSSL_KEY_GEN NO_DH NO_DSA NO_RSA */ 4645 4646 #ifdef WOLFSSL_KEY_GEN 4647 4476 4648 static const int USE_BBS = 1; 4477 4649 … … 4527 4699 4528 4700 /* test */ 4529 if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) { 4701 /* Running Miller-Rabin up to 3 times gives us a 2^{-80} chance 4702 * of a 1024-bit candidate being a false positive, when it is our 4703 * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.) 4704 * Using 8 because we've always used 8. */ 4705 if ((err = mp_prime_is_prime_ex(N, 8, &res, rng)) != MP_OKAY) { 4530 4706 XFREE(buf, heap, DYNAMIC_TYPE_RSA); 4531 4707 return err; … … 4537 4713 4538 4714 return MP_OKAY; 4539 }4540 4541 /*4542 * Sets result to 1 if probably prime, 0 otherwise4543 */4544 int mp_prime_is_prime (mp_int * a, int t, int *result)4545 {4546 mp_int b;4547 int ix, err, res;4548 4549 /* default to no */4550 *result = MP_NO;4551 4552 /* valid value of t? */4553 if (t <= 0 || t > PRIME_SIZE) {4554 return MP_VAL;4555 }4556 4557 /* is the input equal to one of the primes in the table? */4558 for (ix = 0; ix < PRIME_SIZE; ix++) {4559 if (mp_cmp_d(a, ltm_prime_tab[ix]) == MP_EQ) {4560 *result = 1;4561 return MP_OKAY;4562 }4563 }4564 4565 /* first perform trial division */4566 if ((err = mp_prime_is_divisible (a, &res)) != MP_OKAY) {4567 return err;4568 }4569 4570 /* return if it was trivially divisible */4571 if (res == MP_YES) {4572 return MP_OKAY;4573 }4574 4575 /* now perform the miller-rabin rounds */4576 if ((err = mp_init (&b)) != MP_OKAY) {4577 return err;4578 }4579 4580 for (ix = 0; ix < t; ix++) {4581 /* set the prime */4582 if ((err = mp_set (&b, ltm_prime_tab[ix])) != MP_OKAY) {4583 goto LBL_B;4584 }4585 4586 if ((err = mp_prime_miller_rabin (a, &b, &res)) != MP_OKAY) {4587 goto LBL_B;4588 }4589 4590 if (res == MP_NO) {4591 goto LBL_B;4592 }4593 }4594 4595 /* passed the test */4596 *result = MP_YES;4597 LBL_B:mp_clear (&b);4598 return err;4599 4715 } 4600 4716 … … 4729 4845 4730 4846 4731 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) 4847 #if !defined(NO_DSA) || defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || \ 4848 defined(HAVE_COMP_KEY) || defined(WOLFSSL_DEBUG_MATH) || \ 4849 defined(DEBUG_WOLFSSL) || defined(OPENSSL_EXTRA) 4732 4850 4733 4851 /* chars used in radix conversions */ … … 4736 4854 #endif 4737 4855 4738 #if def HAVE_ECC4856 #if !defined(NO_DSA) || defined(HAVE_ECC) 4739 4857 /* read a string [ASCII] in a given radix */ 4740 4858 int mp_read_radix (mp_int * a, const char *str, int radix) … … 4747 4865 4748 4866 /* make sure the radix is ok */ 4749 if (radix < 2 || radix > 64) {4867 if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) { 4750 4868 return MP_VAL; 4751 4869 } … … 4806 4924 return MP_OKAY; 4807 4925 } 4808 #endif /* HAVE_ECC */ 4809 4810 #if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || \ 4811 defined(WOLFSSL_DEBUG_MATH) 4926 #endif /* !defined(NO_DSA) || defined(HAVE_ECC) */ 4927 4928 #ifdef WC_MP_TO_RADIX 4812 4929 4813 4930 /* returns size of ASCII representation */ … … 4821 4938 4822 4939 /* special case for binary */ 4823 if (radix == 2) {4940 if (radix == MP_RADIX_BIN) { 4824 4941 *size = mp_count_bits (a) + (a->sign == MP_NEG ? 1 : 0) + 1; 4825 4942 return MP_OKAY; … … 4827 4944 4828 4945 /* make sure the radix is in range */ 4829 if (radix < 2 || radix > 64) {4946 if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) { 4830 4947 return MP_VAL; 4831 4948 } … … 4876 4993 4877 4994 /* check range of the radix */ 4878 if (radix < 2 || radix > 64) {4995 if (radix < MP_RADIX_BIN || radix > MP_RADIX_MAX) { 4879 4996 return MP_VAL; 4880 4997 } … … 4934 5051 desc, a, a->used, a->sign, size, (int)sizeof(mp_digit)); 4935 5052 4936 mp_to radix(a, buffer, 16);5053 mp_tohex(a, buffer); 4937 5054 printf(" %s\n ", buffer); 4938 5055 … … 4949 5066 #endif /* WOLFSSL_DEBUG_MATH */ 4950 5067 4951 #endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(WOLFSSL_DEBUG_MATH) */ 5068 #endif /* WC_MP_TO_RADIX */ 5069 5070 #endif /* WOLFSSL_SP_MATH */ 4952 5071 4953 5072 #endif /* USE_FAST_MATH */
Note:
See TracChangeset
for help on using the changeset viewer.