security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

See ChangeLog: Mon Sep 18 16:35:45 CEST 2000 Werner Koch

Browse source
This commit is contained in:
Werner Koch 2000-09-18 14:35:34 +00:00
parent c2fff8f204
commit 986d928ce2
46 changed files with 1780 additions and 852 deletions
Download patch file Download diff file Expand all files Collapse all files

18
cipher/ChangeLog
View file

@ -1,3 +1,21 @@
Mon Sep 18 16:35:45 CEST 2000 Werner Koch <wk@openit.de>
* rndlinux.c (open_device): Loose random device checking.
By Nils Ellmenreich.
* random.c (fast_random_poll): Check ENOSYS for getrusage.
* rndunix.c: Add 2 sources for QNX. By Sam Roberts.
* pubkey.c (gcry_pk_algo_info): Add GCRYCTL_GET_ALGO_USAGE.
* rsa.c: Changed the comment about the patent.
(secret): Speed up by using the CRT. For a 2k keys this
is about 3 times faster.
(stronger_key_check): New but unused code to check the secret key.
* Makefile.am: Included rsa.[ch].
* pubkey.c: Enabled RSA support.
(pubkey_get_npkey): Removed RSA workaround.
Mon Jul 31 10:04:47 CEST 2000 Werner Koch <wk@openit.de>
* pubkey.c: Replaced all gcry_sexp_{car,cdr}_{data,mpi} by the new

1
cipher/Makefile.am
View file

@ -50,6 +50,7 @@ libcipher_la_SOURCES = cipher.c \
rmd.h \
dsa.h \
dsa.c \
rsa.c rsa.h \
smallprime.c \
construct.c

26
cipher/pubkey.c
View file

@ -30,9 +30,7 @@
#include "cipher.h"
#include "elgamal.h"
#include "dsa.h"
#if 0
#include "rsa.h"
#endif
#include "dynload.h"
/* FIXME: use set_lasterr() */
@ -196,7 +194,6 @@ setup_pubkey_table(void)
BUG();
i++;
#if 0
pubkey_table[i].algo = PUBKEY_ALGO_RSA;
pubkey_table[i].name = rsa_get_info( pubkey_table[i].algo,
&pubkey_table[i].npkey,
@ -248,7 +245,6 @@ setup_pubkey_table(void)
if( !pubkey_table[i].name )
BUG();
i++;
#endif
for( ; i < TABLE_SIZE; i++ )
pubkey_table[i].name = NULL;
@ -433,8 +429,6 @@ pubkey_get_npkey( int algo )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].npkey;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 2; /* see the RSA keyids */
return 0;
}
@ -450,8 +444,6 @@ pubkey_get_nskey( int algo )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nskey;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 6; /* see the RSA keyids */
return 0;
}
@ -467,8 +459,6 @@ pubkey_get_nsig( int algo )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nsig;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 1; /* see the RSA keyids */
return 0;
}
@ -484,8 +474,6 @@ pubkey_get_nenc( int algo )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].nenc;
} while( load_pubkey_modules() );
if( is_RSA(algo) ) /* special hack, so that we are able to */
return 1; /* see the RSA keyids */
return 0;
}
@ -1509,6 +1497,11 @@ gcry_pk_ctl( int cmd, void *buffer, size_t buflen)
* Buffer must be NULL, nbytes may have the address of a variable
* with the required usage of the algorithm. It may be 0 for don't
* care or a combination of the GCRY_PK_USAGE_xxx flags;
* GCRYCTL_GET_ALGO_USAGE:
* Return the usage glafs for the give algo. An invalid alog
* does return 0. Disabled algos are ignored here becuase we
* only want to know whether the algo is at all capable of
* the usage.
*
* On error the value -1 is returned and the error reason may be
* retrieved by gcry_errno().
@ -1535,6 +1528,15 @@ gcry_pk_algo_info( int algo, int what, void *buffer, size_t *nbytes)
}
break;
case GCRYCTL_GET_ALGO_USAGE:
do {
int i;
for(i=0; pubkey_table[i].name; i++ )
if( pubkey_table[i].algo == algo )
return pubkey_table[i].use;
} while( load_pubkey_modules() );
return 0;
case GCRYCTL_GET_ALGO_NPKEY: return pubkey_get_npkey( algo );
case GCRYCTL_GET_ALGO_NSKEY: return pubkey_get_nskey( algo );
case GCRYCTL_GET_ALGO_NSIGN: return pubkey_get_nsig( algo );

4
cipher/random.c
View file

@ -604,7 +604,9 @@ fast_random_poll()
#endif
#else
{ struct rusage buf;
if( getrusage( RUSAGE_SELF, &buf ) )
/* QNX/Neutrino does return ENOSYS - so we just ignore it and
* add whatever is in buf */
if( getrusage( RUSAGE_SELF, &buf ) && errno != ENOSYS )
BUG();
add_randomness( &buf, sizeof buf, 1 );
memset( &buf, 0, sizeof buf );

7
cipher/rndlinux.c
View file

@ -63,7 +63,7 @@ get_entropy_count( int fd )
#endif
/****************
* Used to open the Linux and xBSD /dev/random devices
* Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists), ...)
*/
static int
open_device( const char *name, int minor )
@ -76,8 +76,9 @@ open_device( const char *name, int minor )
g10_log_fatal("can't open %s: %s\n", name, strerror(errno) );
if( fstat( fd, &sb ) )
g10_log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
if( !S_ISCHR(sb.st_mode) )
g10_log_fatal("invalid random device!\n" );
/* Don't check device type for better portability */
/* if( (!S_ISCHR(sb.st_mode)) && (!S_ISFIFO(sb.st_mode)) )
g10_log_fatal("invalid random device!\n" ); */
return fd;
}

5
cipher/rndunix.c
View file

@ -244,6 +244,7 @@ static struct RI {
{ "/usr/ucb/ps", "aux", SC(0.3), NULL, 0, 0, 0, 1 },
{ "/usr/bin/ps", "aux", SC(0.3), NULL, 0, 0, 0, 1 },
{ "/bin/ps", "aux", SC(0.3), NULL, 0, 0, 0, 0 },
{ "/bin/ps", "-A", SC(0.3), NULL, 0, 0, 0, 0 }, /*QNX*/
{ "/usr/bin/ipcs", "-a", SC(0.5), NULL, 0, 0, 0, 1 },
{ "/bin/ipcs", "-a", SC(0.5), NULL, 0, 0, 0, 0 },
/* Unreliable source, depends on system usage */
@ -292,6 +293,10 @@ static struct RI {
/* This is a complex and screwball program. Some systems have things
* like rX_dmn, x = integer, for RAID systems, but the statistics are
* pretty dodgy */
#ifdef __QNXNTO__
{ "/bin/pidin", "-F%A%B%c%d%E%I%J%K%m%M%n%N%p%P%S%s%T", SC(0.3),
NULL, 0, 0, 0, 0 },
#endif
#if 0
/* The following aren't enabled since they're somewhat slow and not very
* unpredictable, however they give an indication of the sort of sources

136
cipher/rsa.c
View file

@ -1,10 +1,6 @@
/* rsa.c - RSA function
* Copyright (C) 1997, 1998, 1999 by Werner Koch (dd9jn)
* Copyright (C) 2000 Free Software Foundation, Inc.
***********************************************************************
* ATTENTION: This code should not be used in the United States
* before the U.S. Patent #4,405,829 expires on September 20, 2000!
***********************************************************************
*
* This file is part of GnuPG.
*
@ -23,11 +19,16 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* This code uses an algorithm protected by U.S. Patent #4,405,829
which expires on September 20, 2000. The patent holder placed that
patent into the public domain on Sep 6th, 2000.
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "util.h"
#include "g10lib.h"
#include "mpi.h"
#include "cipher.h"
#include "rsa.h"
@ -68,7 +69,7 @@ test_keys( RSA_secret_key *sk, unsigned nbits )
pk.e = sk->e;
{ char *p = get_random_bits( nbits, 0, 0 );
mpi_set_buffer( test, p, (nbits+7)/8, 0 );
m_free(p);
g10_free(p);
}
public( out1, test, &pk );
@ -200,22 +201,111 @@ public(MPI output, MPI input, RSA_public_key *pkey )
mpi_powm( output, input, pkey->e, pkey->n );
}
#if 0
static void
stronger_key_check ( RSA_secret_key *skey )
{
MPI t = mpi_alloc_secure ( 0 );
MPI t1 = mpi_alloc_secure ( 0 );
MPI t2 = mpi_alloc_secure ( 0 );
MPI phi = mpi_alloc_secure ( 0 );
/* check that n == p * q */
mpi_mul( t, skey->p, skey->q);
if (mpi_cmp( t, skey->n) )
log_info ( "RSA Oops: n != p * q\n" );
/* check that p is less than q */
if( mpi_cmp( skey->p, skey->q ) > 0 )
log_info ("RSA Oops: p >= q\n");
/* check that e divides neither p-1 nor q-1 */
mpi_sub_ui(t, skey->p, 1 );
mpi_fdiv_r(t, t, skey->e );
if ( !mpi_cmp_ui( t, 0) )
log_info ( "RSA Oops: e divides p-1\n" );
mpi_sub_ui(t, skey->q, 1 );
mpi_fdiv_r(t, t, skey->e );
if ( !mpi_cmp_ui( t, 0) )
log_info ( "RSA Oops: e divides q-1\n" );
/* check that d is correct */
mpi_sub_ui( t1, skey->p, 1 );
mpi_sub_ui( t2, skey->q, 1 );
mpi_mul( phi, t1, t2 );
mpi_gcd(t, t1, t2);
mpi_fdiv_q(t, phi, t);
mpi_invm(t, skey->e, t );
if ( mpi_cmp(t, skey->d ) )
log_info ( "RSA Oops: d is wrong\n");
/* check for crrectness of u */
mpi_invm(t, skey->p, skey->q );
if ( mpi_cmp(t, skey->u ) )
log_info ( "RSA Oops: u is wrong\n");
log_info ( "RSA secret key check finished\n");
mpi_free (t);
mpi_free (t1);
mpi_free (t2);
mpi_free (phi);
}
#endif
/****************
* Secret key operation. Encrypt INPUT with SKEY and put result into OUTPUT.
*
* m = c^d mod n
*
* Where m is OUTPUT, c is INPUT and d,n are elements of PKEY.
* Or faster:
*
* FIXME: We should better use the Chinese Remainder Theorem
* m1 = c ^ (d mod (p-1)) mod p
* m2 = c ^ (d mod (q-1)) mod q
* h = u * (m2 - m1) mod q
* m = m1 + h * p
*
* Where m is OUTPUT, c is INPUT and d,n,p,q,u are elements of SKEY.
*/
static void
secret(MPI output, MPI input, RSA_secret_key *skey )
{
#if 0
mpi_powm( output, input, skey->d, skey->n );
#else
MPI m1 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
MPI m2 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
MPI h = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 );
/* m1 = c ^ (d mod (p-1)) mod p */
mpi_sub_ui( h, skey->p, 1 );
mpi_fdiv_r( h, skey->d, h );
mpi_powm( m1, input, h, skey->p );
/* m2 = c ^ (d mod (q-1)) mod q */
mpi_sub_ui( h, skey->q, 1 );
mpi_fdiv_r( h, skey->d, h );
mpi_powm( m2, input, h, skey->q );
/* h = u * ( m2 - m1 ) mod q */
mpi_sub( h, m2, m1 );
if ( mpi_is_neg( h ) )
mpi_add ( h, h, skey->q );
mpi_mulm( h, skey->u, h, skey->q );
/* m = m2 + h * p */
mpi_mul ( h, h, skey->p );
mpi_add ( output, m1, h );
/* ready */
mpi_free ( h );
mpi_free ( m1 );
mpi_free ( m2 );
#endif
}
/*********************************************
************** interface ******************
*********************************************/
@ -226,7 +316,7 @@ rsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
RSA_secret_key sk;
if( !is_RSA(algo) )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
generate( &sk, nbits );
skey[0] = sk.n;
@ -236,7 +326,7 @@ rsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors )
skey[4] = sk.q;
skey[5] = sk.u;
/* make an empty list of factors */
*retfactors = m_alloc_clear( 1 * sizeof **retfactors );
*retfactors = g10_xcalloc( 1, sizeof **retfactors );
return 0;
}
@ -247,7 +337,7 @@ rsa_check_secret_key( int algo, MPI *skey )
RSA_secret_key sk;
if( !is_RSA(algo) )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
sk.n = skey[0];
sk.e = skey[1];
@ -256,7 +346,7 @@ rsa_check_secret_key( int algo, MPI *skey )
sk.q = skey[4];
sk.u = skey[5];
if( !check_secret_key( &sk ) )
return G10ERR_BAD_SECKEY;
return GCRYERR_INV_PK_ALGO;
return 0;
}
@ -269,7 +359,7 @@ rsa_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey )
RSA_public_key pk;
if( algo != 1 && algo != 2 )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
pk.n = pkey[0];
pk.e = pkey[1];
@ -284,7 +374,7 @@ rsa_decrypt( int algo, MPI *result, MPI *data, MPI *skey )
RSA_secret_key sk;
if( algo != 1 && algo != 2 )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
sk.n = skey[0];
sk.e = skey[1];
@ -303,7 +393,7 @@ rsa_sign( int algo, MPI *resarr, MPI data, MPI *skey )
RSA_secret_key sk;
if( algo != 1 && algo != 3 )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
sk.n = skey[0];
sk.e = skey[1];
@ -326,13 +416,13 @@ rsa_verify( int algo, MPI hash, MPI *data, MPI *pkey,
int rc;
if( algo != 1 && algo != 3 )
return G10ERR_PUBKEY_ALGO;
return GCRYERR_INV_PK_ALGO;
pk.n = pkey[0];
pk.e = pkey[1];
result = mpi_alloc( (160+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB);
public( result, data[0], &pk );
/*rc = (*cmp)( opaquev, result );*/
rc = mpi_cmp( result, hash )? G10ERR_BAD_SIGN:0;
rc = mpi_cmp( result, hash )? GCRYERR_BAD_SIGNATURE:0;
mpi_free(result);
return rc;
@ -366,10 +456,16 @@ rsa_get_info( int algo,
*nsig = 1;
switch( algo ) {
case 1: *usage = PUBKEY_USAGE_SIG | PUBKEY_USAGE_ENC; return "RSA";
case 2: *usage = PUBKEY_USAGE_ENC; return "RSA-E";
case 3: *usage = PUBKEY_USAGE_SIG; return "RSA-S";
case 1: *usage = GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR; return "RSA";
case 2: *usage = GCRY_PK_USAGE_ENCR; return "RSA-E";
case 3: *usage = GCRY_PK_USAGE_SIGN; return "RSA-S";
default:*usage = 0; return NULL;
}
}