mirror of https://github.com/wolfSSL/wolfssl.git
Prime Number Testing
1. In wc_DhGenerateParams(), changed the call to mp_prime_is_prime() to mp_prime_is_prime_ex(). 2. In wc_MakeDsaParameters(), changed the call to mp_prime_is_prime() to mp_prime_is_prime_ex(). 3. Added wc_CheckProbablePrime_ex in RSA that also takes an RNG to call mp_prime_is_prime_ex(). If RNG is NULL, call mp_prime_is_prime(). 4. Rewrite wc_CheckProbablePrime() in terms of wc_CheckProbablePrime_ex().pull/1665/head
parent
d486df50aa
commit
997a377310
|
@ -1900,7 +1900,7 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
|
|||
/* loop until p is prime */
|
||||
if (ret == 0) {
|
||||
do {
|
||||
if (mp_prime_is_prime(&dh->p, 8, &primeCheck) != MP_OKAY)
|
||||
if (mp_prime_is_prime_ex(&dh->p, 8, &primeCheck, rng) != MP_OKAY)
|
||||
ret = PRIME_GEN_E;
|
||||
|
||||
if (primeCheck != MP_YES) {
|
||||
|
|
|
@ -337,7 +337,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
|
|||
|
||||
/* loop until p is prime */
|
||||
while (check_prime == MP_NO) {
|
||||
err = mp_prime_is_prime(&dsa->p, 8, &check_prime);
|
||||
err = mp_prime_is_prime_ex(&dsa->p, 8, &check_prime, rng);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
|
|
|
@ -2641,8 +2641,8 @@ static WC_INLINE int RsaSizeCheck(int size)
|
|||
}
|
||||
|
||||
|
||||
static int wc_CheckProbablePrime_ex(mp_int* p, mp_int* q, mp_int* e, int nlen,
|
||||
int* isPrime)
|
||||
static int _CheckProbablePrime(mp_int* p, mp_int* q, mp_int* e, int nlen,
|
||||
int* isPrime, WC_RNG* rng)
|
||||
{
|
||||
int ret;
|
||||
mp_int tmp1, tmp2;
|
||||
|
@ -2683,10 +2683,17 @@ static int wc_CheckProbablePrime_ex(mp_int* p, mp_int* q, mp_int* e, int nlen,
|
|||
ret = mp_cmp_d(&tmp2, 1);
|
||||
if (ret != MP_EQ) goto exit; /* e divides p-1 */
|
||||
|
||||
/* 4.5.1,5.6.1 - Check primality of p with 8 iterations */
|
||||
ret = mp_prime_is_prime(prime, 8, isPrime);
|
||||
/* Performs some divides by a table of primes, and then does M-R,
|
||||
* it sets isPrime as a side-effect. */
|
||||
/* 4.5.1,5.6.1 - Check primality of p with 8 rounds of M-R.
|
||||
* mp_prime_is_prime_ex() performs test divisons against the first 256
|
||||
* prime numbers. After that it performs 8 rounds of M-R using random
|
||||
* bases between 2 and n-2.
|
||||
* mp_prime_is_prime() performs the same test divisions and then does
|
||||
* M-R with the first 8 primes. Both functions set isPrime as a
|
||||
* side-effect. */
|
||||
if (rng != NULL)
|
||||
ret = mp_prime_is_prime_ex(prime, 8, isPrime, rng);
|
||||
else
|
||||
ret = mp_prime_is_prime(prime, 8, isPrime);
|
||||
if (ret != MP_OKAY) goto notOkay;
|
||||
|
||||
exit:
|
||||
|
@ -2698,11 +2705,10 @@ notOkay:
|
|||
}
|
||||
|
||||
|
||||
|
||||
int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
|
||||
int wc_CheckProbablePrime_ex(const byte* pRaw, word32 pRawSz,
|
||||
const byte* qRaw, word32 qRawSz,
|
||||
const byte* eRaw, word32 eRawSz,
|
||||
int nlen, int* isPrime)
|
||||
int nlen, int* isPrime, WC_RNG* rng)
|
||||
{
|
||||
mp_int p, q, e;
|
||||
mp_int* Q = NULL;
|
||||
|
@ -2735,7 +2741,7 @@ int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
|
|||
ret = mp_read_unsigned_bin(&e, eRaw, eRawSz);
|
||||
|
||||
if (ret == MP_OKAY)
|
||||
ret = wc_CheckProbablePrime_ex(&p, Q, &e, nlen, isPrime);
|
||||
ret = _CheckProbablePrime(&p, Q, &e, nlen, isPrime, rng);
|
||||
|
||||
ret = (ret == MP_OKAY) ? 0 : PRIME_GEN_E;
|
||||
|
||||
|
@ -2747,6 +2753,16 @@ int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
|
|||
}
|
||||
|
||||
|
||||
int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
|
||||
const byte* qRaw, word32 qRawSz,
|
||||
const byte* eRaw, word32 eRawSz,
|
||||
int nlen, int* isPrime)
|
||||
{
|
||||
return wc_CheckProbablePrime_ex(pRaw, pRawSz, qRaw, qRawSz,
|
||||
eRaw, eRawSz, nlen, isPrime, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
|
||||
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
{
|
||||
|
@ -2822,7 +2838,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
|||
}
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = wc_CheckProbablePrime_ex(&p, NULL, &tmp3, size, &isPrime);
|
||||
err = _CheckProbablePrime(&p, NULL, &tmp3, size, &isPrime, rng);
|
||||
|
||||
#ifdef WOLFSSL_FIPS
|
||||
i++;
|
||||
|
@ -2858,7 +2874,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
|||
}
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = wc_CheckProbablePrime_ex(&p, &q, &tmp3, size, &isPrime);
|
||||
err = _CheckProbablePrime(&p, &q, &tmp3, size, &isPrime, rng);
|
||||
|
||||
#ifdef WOLFSSL_FIPS
|
||||
i++;
|
||||
|
|
|
@ -269,6 +269,10 @@ WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
|
|||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
|
||||
WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz,
|
||||
const byte* q, word32 qSz,
|
||||
const byte* e, word32 eSz,
|
||||
int nlen, int* isPrime, WC_RNG* rng);
|
||||
WOLFSSL_API int wc_CheckProbablePrime(const byte* p, word32 pSz,
|
||||
const byte* q, word32 qSz,
|
||||
const byte* e, word32 eSz,
|
||||
|
|
Loading…
Reference in New Issue