diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-19 13:32:48 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:43 +0100 |
| commit | 0be38cfe07cbbbd902814c61a2e41ed44c758bb8 (patch) | |
| tree | f829e35769802f7e6220e1deb9f25a8618d25ff1 /lib | |
| parent | 4293b9ae12d07c863f882c5c0915eeccc76ed1d2 (diff) | |
| download | gnutls-0be38cfe07cbbbd902814c61a2e41ed44c758bb8.tar.gz | |
Added _gnutls_mpi_random_modp() and _gnutls_mpi_modm() to replace _gnutls_mpi_mod().
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/auth/srp.c | 2 | ||||
| -rw-r--r-- | lib/crypto-backend.h | 8 | ||||
| -rw-r--r-- | lib/gnutls_dh.c | 6 | ||||
| -rw-r--r-- | lib/gnutls_mpi.c | 28 | ||||
| -rw-r--r-- | lib/gnutls_mpi.h | 3 | ||||
| -rw-r--r-- | lib/gnutls_srp.c | 4 | ||||
| -rw-r--r-- | lib/libgnutls.map | 1 | ||||
| -rw-r--r-- | lib/nettle/mpi.c | 16 | ||||
| -rw-r--r-- | lib/nettle/pk.c | 8 |
9 files changed, 35 insertions, 41 deletions
diff --git a/lib/auth/srp.c b/lib/auth/srp.c index ae30cd4ed7..520f906cd7 100644 --- a/lib/auth/srp.c +++ b/lib/auth/srp.c @@ -71,7 +71,7 @@ inline static int check_param_mod_n(bigint_t a, bigint_t n, int is_a) int ret, err = 0; bigint_t r; - r = _gnutls_mpi_mod(a, n); + r = _gnutls_mpi_modm(NULL, a, n); if (r == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; diff --git a/lib/crypto-backend.h b/lib/crypto-backend.h index ef3cd0ad76..f7bcd53fa5 100644 --- a/lib/crypto-backend.h +++ b/lib/crypto-backend.h @@ -118,12 +118,12 @@ typedef struct gnutls_crypto_bigint { int (*bigint_cmp) (const bigint_t m1, const bigint_t m2); /* as bigint_cmp */ int (*bigint_cmp_ui) (const bigint_t m1, unsigned long m2); - /* ret = a % b */ - bigint_t(*bigint_mod) (const bigint_t a, const bigint_t b); + /* r = a % b */ + bigint_t (*bigint_modm) (bigint_t r, const bigint_t a, const bigint_t b); /* a = b -> ret == a */ - bigint_t(*bigint_set) (bigint_t a, const bigint_t b); + bigint_t (*bigint_set) (bigint_t a, const bigint_t b); /* a = b -> ret == a */ - bigint_t(*bigint_set_ui) (bigint_t a, unsigned long b); + bigint_t (*bigint_set_ui) (bigint_t a, unsigned long b); unsigned int (*bigint_get_nbits) (const bigint_t a); /* w = b ^ e mod m */ bigint_t(*bigint_powm) (bigint_t w, const bigint_t b, diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c index be41bb08ef..da40cffe34 100644 --- a/lib/gnutls_dh.c +++ b/lib/gnutls_dh.c @@ -65,7 +65,7 @@ gnutls_calc_dh_secret(bigint_t * ret_y, bigint_t * ret_x, bigint_t g, return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } - x = _gnutls_mpi_new(x_size); + x = _gnutls_mpi_new(x_size + 64); if (x == NULL) { gnutls_assert(); ret = GNUTLS_E_MEMORY_ERROR; @@ -80,7 +80,7 @@ gnutls_calc_dh_secret(bigint_t * ret_y, bigint_t * ret_x, bigint_t g, } do { - if (_gnutls_mpi_randomize(x, x_size, GNUTLS_RND_RANDOM) == + if (_gnutls_mpi_random_modp(x, prime, GNUTLS_RND_RANDOM) == NULL) { gnutls_assert(); ret = GNUTLS_E_INTERNAL_ERROR; @@ -114,7 +114,7 @@ gnutls_calc_dh_key(bigint_t * key, bigint_t f, bigint_t x, bigint_t prime) unsigned int bits; int ret; - ff = _gnutls_mpi_mod(f, prime); + ff = _gnutls_mpi_modm(NULL, f, prime); _gnutls_mpi_add_ui(ff, ff, 1); /* check if f==0,1,p-1. diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c index aad82a0b0d..39560c4b1c 100644 --- a/lib/gnutls_mpi.c +++ b/lib/gnutls_mpi.c @@ -35,19 +35,19 @@ /* Functions that refer to the mpi library. */ -#define clearbit(v,n) ((unsigned char)(v) & ~( (unsigned char)(1) << (unsigned)(n))) - +/* Returns a random number r, 0 < r < p */ bigint_t -_gnutls_mpi_randomize(bigint_t r, unsigned int bits, +_gnutls_mpi_random_modp(bigint_t r, bigint_t p, gnutls_rnd_level_t level) { - size_t size = 1 + (bits / 8); + size_t size; int ret; - int rem, i; bigint_t tmp; uint8_t tmpbuf[512]; uint8_t *buf; int buf_release = 0; + + size = ((_gnutls_mpi_get_nbits(p)+64)/8) + 1; if (size < sizeof(tmpbuf)) { buf = tmpbuf; @@ -60,28 +60,22 @@ _gnutls_mpi_randomize(bigint_t r, unsigned int bits, buf_release = 1; } - ret = _gnutls_rnd(level, buf, size); if (ret < 0) { gnutls_assert(); goto cleanup; } - - /* mask the bits that weren't requested */ - rem = bits % 8; - - if (rem == 0) { - buf[0] = 0; - } else { - for (i = 8; i >= rem; i--) - buf[0] = clearbit(buf[0], i); - } - + ret = _gnutls_mpi_scan(&tmp, buf, size); if (ret < 0) { gnutls_assert(); goto cleanup; } + + _gnutls_mpi_modm(tmp, tmp, p); + + if (_gnutls_mpi_cmp_ui(tmp, 0) == 0) + _gnutls_mpi_add_ui(tmp, tmp, 1); if (buf_release != 0) { gnutls_free(buf); diff --git a/lib/gnutls_mpi.h b/lib/gnutls_mpi.h index 6011911064..f0a20790d3 100644 --- a/lib/gnutls_mpi.h +++ b/lib/gnutls_mpi.h @@ -30,7 +30,7 @@ extern int crypto_bigint_prio; extern gnutls_crypto_bigint_st _gnutls_mpi_ops; -bigint_t _gnutls_mpi_randomize(bigint_t, unsigned int bits, +bigint_t _gnutls_mpi_random_modp(bigint_t, bigint_t p, gnutls_rnd_level_t level); #define _gnutls_mpi_new _gnutls_mpi_ops.bigint_new @@ -38,6 +38,7 @@ bigint_t _gnutls_mpi_randomize(bigint_t, unsigned int bits, #define _gnutls_mpi_cmp _gnutls_mpi_ops.bigint_cmp #define _gnutls_mpi_cmp_ui _gnutls_mpi_ops.bigint_cmp_ui #define _gnutls_mpi_mod _gnutls_mpi_ops.bigint_mod +#define _gnutls_mpi_modm _gnutls_mpi_ops.bigint_modm #define _gnutls_mpi_set _gnutls_mpi_ops.bigint_set #define _gnutls_mpi_set_ui _gnutls_mpi_ops.bigint_set_ui #define _gnutls_mpi_get_nbits _gnutls_mpi_ops.bigint_get_nbits diff --git a/lib/gnutls_srp.c b/lib/gnutls_srp.c index be0143ff1a..8b26afc945 100644 --- a/lib/gnutls_srp.c +++ b/lib/gnutls_srp.c @@ -108,7 +108,7 @@ _gnutls_calc_srp_B(bigint_t * ret_b, bigint_t g, bigint_t n, bigint_t v) goto error; } - b = _gnutls_mpi_randomize(NULL, bits, GNUTLS_RND_RANDOM); + b = _gnutls_mpi_random_modp(NULL, n, GNUTLS_RND_RANDOM); tmpB = _gnutls_mpi_new(bits); if (tmpB == NULL) { @@ -251,7 +251,7 @@ bigint_t _gnutls_calc_srp_A(bigint_t * a, bigint_t g, bigint_t n) int bits; bits = _gnutls_mpi_get_nbits(n); - tmpa = _gnutls_mpi_randomize(NULL, bits, GNUTLS_RND_RANDOM); + tmpa = _gnutls_mpi_random_modp(NULL, n, GNUTLS_RND_RANDOM); A = _gnutls_mpi_new(bits); if (A == NULL) { diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 8ddd32dcb5..9b6506cccf 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -982,7 +982,6 @@ GNUTLS_PRIVATE { _gnutls_pbkdf2_sha1; # Internal symbols needed by tests/mpi: _gnutls_mpi_ops; - _gnutls_mpi_randomize; _gnutls_mpi_log; _gnutls_mpi_release; # Internal symbols needed by tests/pkcs12_s2k: diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c index 994f84198c..bd37b10d56 100644 --- a/lib/nettle/mpi.c +++ b/lib/nettle/mpi.c @@ -191,15 +191,15 @@ static void wrap_nettle_mpi_clear(bigint_t a) TOMPZ(a)[0]._mp_alloc * sizeof(mp_limb_t)); } -static bigint_t wrap_nettle_mpi_mod(const bigint_t a, const bigint_t b) +static bigint_t wrap_nettle_mpi_modm(bigint_t r, const bigint_t a, const bigint_t b) { - bigint_t r = wrap_nettle_mpi_new(wrap_nettle_mpi_get_nbits(b)); - - if (r == NULL) - return NULL; - + if (r == NULL) { + r = wrap_nettle_mpi_new(wrap_nettle_mpi_get_nbits(b)); + if (r == NULL) return NULL; + } + mpz_mod(TOMPZ(r), TOMPZ(a), TOMPZ(b)); - + return r; } @@ -584,7 +584,7 @@ gnutls_crypto_bigint_st _gnutls_mpi_ops = { .bigint_new = wrap_nettle_mpi_new, .bigint_cmp = wrap_nettle_mpi_cmp, .bigint_cmp_ui = wrap_nettle_mpi_cmp_ui, - .bigint_mod = wrap_nettle_mpi_mod, + .bigint_modm = wrap_nettle_mpi_modm, .bigint_set = wrap_nettle_mpi_set, .bigint_set_ui = wrap_nettle_mpi_set_ui, .bigint_get_nbits = wrap_nettle_mpi_get_nbits, diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 9a8de61673..ae16f5aca0 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -881,7 +881,7 @@ wrap_nettle_pk_verify_params(gnutls_pk_algorithm_t algo, /* [RSA_PRIME1] = d % p-1, [RSA_PRIME2] = d % q-1 */ _gnutls_mpi_sub_ui(t1, params->params[RSA_PRIME1], 1); - t2 = _gnutls_mpi_mod(params->params[RSA_PRIV], t1); + t2 = _gnutls_mpi_modm(NULL, params->params[RSA_PRIV], t1); if (t2 == NULL) { ret = gnutls_assert_val @@ -901,7 +901,7 @@ wrap_nettle_pk_verify_params(gnutls_pk_algorithm_t algo, 1); zrelease_mpi_key(&t2); - t2 = _gnutls_mpi_mod(params->params[RSA_PRIV], t1); + t2 = _gnutls_mpi_modm(NULL, params->params[RSA_PRIV], t1); if (t2 == NULL) { ret = gnutls_assert_val @@ -1051,11 +1051,11 @@ static int calc_rsa_exp(gnutls_pk_params_st * params) /* [6] = d % p-1, [7] = d % q-1 */ _gnutls_mpi_sub_ui(tmp, params->params[3], 1); params->params[6] = - _gnutls_mpi_mod(params->params[2] /*d */ , tmp); + _gnutls_mpi_modm(NULL, params->params[2] /*d */ , tmp); _gnutls_mpi_sub_ui(tmp, params->params[4], 1); params->params[7] = - _gnutls_mpi_mod(params->params[2] /*d */ , tmp); + _gnutls_mpi_modm(NULL, params->params[2] /*d */ , tmp); zrelease_mpi_key(&tmp); |