security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

See ChangeLog: Tue May 4 15:49:29 CEST 1999 Werner Koch

Browse Source
This commit is contained in:
Werner Koch 1999-05-04 13:55:41 +00:00
parent 88374b2ab3
commit e5a79b2da8
9 changed files with 90 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
PROJECTS
View File

@ -26,8 +26,6 @@
* Split key support (n-out-of-m) * Split key support (n-out-of-m)
* Check Berkeley DB - it is in glibc - any licensing problems?
* add an option to re-create a public key from a secret key; we * add an option to re-create a public key from a secret key; we
can do this in trustdb.c:verify_own_keys. can do this in trustdb.c:verify_own_keys.
(special tool?) (special tool?)

2
THANKS
View File

@ -67,7 +67,7 @@ QingLong qinglong@bolizm.ihep.su
Ralph Gillen gillen@theochem.uni-duesseldorf.de Ralph Gillen gillen@theochem.uni-duesseldorf.de
Rat ratinox@peorth.gweep.net Rat ratinox@peorth.gweep.net
Reinhard Wobst R.Wobst@ifw-dresden.de Reinhard Wobst R.Wobst@ifw-dresden.de
Rémi Guyomarch rguyomarch@ifn.fr Rémi Guyomarch rguyom@mail.dotcom.fr
Reuben Sumner rasumner@wisdom.weizmann.ac.il Reuben Sumner rasumner@wisdom.weizmann.ac.il
Roddy Strachan roddy@satlink.com.au Roddy Strachan roddy@satlink.com.au
Roland Rosenfeld roland@spinnaker.rhein.de Roland Rosenfeld roland@spinnaker.rhein.de

7
cipher/ChangeLog
View File

@ -1,3 +1,10 @@
Tue May 4 15:47:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* primegen.c (gen_prime): Readded the Fermat test. Fixed the bug
that we didn't correct for step when passing the prime to the
Rabin-Miller test which led to bad performance (Stefan Keller).
(check_prime): Add a first Fermat test.
Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Sun Apr 18 10:11:28 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* cipher.c (cipher_setiv): Add ivlen arg, changed all callers. * cipher.c (cipher_setiv): Add ivlen arg, changed all callers.

93
cipher/primegen.c
View File

@ -34,7 +34,7 @@
static int no_of_small_prime_numbers; static int no_of_small_prime_numbers;
static MPI gen_prime( unsigned nbits, int mode, int randomlevel ); static MPI gen_prime( unsigned nbits, int mode, int randomlevel );
static int check_prime( MPI prime ); static int check_prime( MPI prime, MPI val_2 );
static int is_prime( MPI n, int steps, int *count ); static int is_prime( MPI n, int steps, int *count );
static void m_out_of_n( char *array, int m, int n ); static void m_out_of_n( char *array, int m, int n );
@ -89,6 +89,7 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
int count1, count2; int count1, count2;
unsigned nprime; unsigned nprime;
unsigned req_qbits = qbits; /* the requested q bits size */ unsigned req_qbits = qbits; /* the requested q bits size */
MPI val_2 = mpi_alloc_set_ui( 2 );
/* find number of needed prime factors */ /* find number of needed prime factors */
for(n=1; (pbits - qbits - 1) / n >= qbits; n++ ) for(n=1; (pbits - qbits - 1) / n >= qbits; n++ )
@ -186,7 +187,7 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
} }
else else
count2 = 0; count2 = 0;
} while( !(nprime == pbits && check_prime( prime )) ); } while( !(nprime == pbits && check_prime( prime, val_2 )) );
if( DBG_CIPHER ) { if( DBG_CIPHER ) {
putc('\n', stderr); putc('\n', stderr);
@ -261,6 +262,7 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
mpi_free( pool[i] ); mpi_free( pool[i] );
m_free( pool ); m_free( pool );
m_free(perms); m_free(perms);
mpi_free(val_2);
return prime; return prime;
} }
@ -270,7 +272,7 @@ static MPI
gen_prime( unsigned nbits, int secret, int randomlevel ) gen_prime( unsigned nbits, int secret, int randomlevel )
{ {
unsigned nlimbs; unsigned nlimbs;
MPI prime, val_2, val_3, result; MPI prime, ptest, pminus1, val_2, val_3, result;
int i; int i;
unsigned x, step; unsigned x, step;
unsigned count1, count2; unsigned count1, count2;
@ -286,19 +288,17 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
mods = m_alloc( no_of_small_prime_numbers * sizeof *mods ); mods = m_alloc( no_of_small_prime_numbers * sizeof *mods );
/* make nbits fit into MPI implementation */ /* make nbits fit into MPI implementation */
nlimbs = (nbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB; nlimbs = (nbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB;
val_2 = mpi_alloc( nlimbs ); val_2 = mpi_alloc_set_ui( 2 );
mpi_set_ui(val_2, 2); val_3 = mpi_alloc_set_ui( 3);
val_3 = mpi_alloc( nlimbs );
mpi_set_ui(val_3, 3);
result = mpi_alloc( nlimbs );
prime = secret? mpi_alloc_secure( nlimbs ): mpi_alloc( nlimbs ); prime = secret? mpi_alloc_secure( nlimbs ): mpi_alloc( nlimbs );
result = mpi_alloc_like( prime );
pminus1= mpi_alloc_like( prime );
ptest = mpi_alloc_like( prime );
count1 = count2 = 0; count1 = count2 = 0;
/* enter (endless) loop */ for(;;) { /* try forvever */
for(;;) {
int dotcount=0; int dotcount=0;
/* generate a random number */ /* generate a random number */
/*mpi_set_bytes( prime, nbits, get_random_byte, randomlevel );*/
{ char *p = get_random_bits( nbits, randomlevel, secret ); { char *p = get_random_bits( nbits, randomlevel, secret );
mpi_set_buffer( prime, p, (nbits+7)/8, 0 ); mpi_set_buffer( prime, p, (nbits+7)/8, 0 );
m_free(p); m_free(p);
@ -312,6 +312,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
for(i=0; (x = small_prime_numbers[i]); i++ ) for(i=0; (x = small_prime_numbers[i]); i++ )
mods[i] = mpi_fdiv_r_ui(NULL, prime, x); mods[i] = mpi_fdiv_r_ui(NULL, prime, x);
/* now try some primes starting with prime */
for(step=0; step < 20000; step += 2 ) { for(step=0; step < 20000; step += 2 ) {
/* check against all the small primes we have in mods */ /* check against all the small primes we have in mods */
count1++; count1++;
@ -322,40 +323,31 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
break; break;
} }
if( x ) if( x )
continue; /* found a multiple of a already known prime */ continue; /* found a multiple of an already known prime */
mpi_add_ui( prime, prime, step ); mpi_add_ui( ptest, prime, step );
#if 0 /* do a faster Fermat test */
/* do a Fermat test */
count2++; count2++;
mpi_powm( result, val_2, prime, prime ); mpi_sub_ui( pminus1, ptest, 1);
if( mpi_cmp_ui(result, 2) ) mpi_powm( result, val_2, pminus1, ptest );
continue; /* stepping (fermat test failed) */ if( !mpi_cmp_ui( result, 1 ) ) { /* not composite */
fputc('+', stderr); /* perform stronger tests */
#endif if( is_prime(ptest, 5, &count2 ) ) {
if( !mpi_test_bit( ptest, nbits-1 ) ) {
/* perform stronger tests */
if( is_prime(prime, 5, &count2 ) ) {
if( !mpi_test_bit( prime, nbits-1 ) ) {
if( 0 && DBG_CIPHER ) {
fputc('\n', stderr); fputc('\n', stderr);
log_debug("overflow in prime generation\n"); log_debug("overflow in prime generation\n");
break; /* step loop, cont with a new prime */ break; /* step loop, continue with a new prime */
} }
}
if( 0 && DBG_CIPHER ) { mpi_free(val_2);
log_debug("performed %u simple and %u stronger tests\n", mpi_free(val_3);
count1, count2 ); mpi_free(result);
log_mpidump("found prime: ", prime ); mpi_free(pminus1);
mpi_free(prime);
m_free(mods);
return ptest;
} }
mpi_free(val_2);
mpi_free(val_3);
mpi_free(result);
m_free(mods);
return prime;
} }
if( ++dotcount == 10 ) { if( ++dotcount == 10 ) {
fputc('.', stderr); fputc('.', stderr);
@ -370,7 +362,7 @@ gen_prime( unsigned nbits, int secret, int randomlevel )
* Returns: true if this may be a prime * Returns: true if this may be a prime
*/ */
static int static int
check_prime( MPI prime ) check_prime( MPI prime, MPI val_2 )
{ {
int i; int i;
unsigned x; unsigned x;
@ -382,19 +374,20 @@ check_prime( MPI prime )
return 0; return 0;
} }
#if 0 /* a quick fermat test */
result = mpi_alloc( mpi_get_nlimbs(prime) ); {
val_2 = mpi_alloc_set_ui( 2 ); MPI result = mpi_alloc_like( prime );
mpi_powm( result, val_2, prime, prime ); MPI pminus1 = mpi_alloc_like( prime );
if( mpi_cmp_ui(result, 2) ) { mpi_sub_ui( pminus1, prime, 1);
mpi_free(result); mpi_powm( result, val_2, pminus1, prime );
mpi_free(val_2); mpi_free( pminus1 );
return 0; if( mpi_cmp_ui( result, 1 ) ) { /* if composite */
mpi_free( result );
fputc('.', stderr);
return 0;
}
mpi_free( result );
} }
mpi_free(result);
mpi_free(val_2);
fputc('+', stderr);
#endif
/* perform stronger tests */ /* perform stronger tests */
if( is_prime(prime, 5, &count ) ) if( is_prime(prime, 5, &count ) )

3
doc/FAQ
View File

@ -81,7 +81,8 @@
signatures this is sufficient as the size of the hash signatures this is sufficient as the size of the hash
is probably the weakest link if the keysize is larger is probably the weakest link if the keysize is larger
than 1024 bits. Encryption keys may have greater sizes, than 1024 bits. Encryption keys may have greater sizes,
but you should than check the fingerprint of this key. but you should than check the fingerprint of this key:
"gpg --fingerprint --fingerprint <user ID>".
Q: Why are some signatures with an ELG-E key valid? Q: Why are some signatures with an ELG-E key valid?
A: These are ElGamal Key generated by GNUPG in v3 (rfc1991) A: These are ElGamal Key generated by GNUPG in v3 (rfc1991)

2
doc/gpg.1pod
View File

@ -93,6 +93,8 @@ B<--fingerprint> [I<names>]
same output as B<list-keys> but with the additional output same output as B<list-keys> but with the additional output
of a line with the fingerprint. May also be combined of a line with the fingerprint. May also be combined
with B<--list-sigs> or B<--check-sigs>. with B<--list-sigs> or B<--check-sigs>.
If this command is given twice, the fingerprints of all
secondary keys are listed too.
B<--list-packets> B<--list-packets>
List only the sequence of packets. This is mainly List only the sequence of packets. This is mainly

1
include/mpi.h
View File

@ -92,6 +92,7 @@ void *mpi_get_opaque( MPI a, int *len );
#define mpi_is_secure(a) ((a) && ((a)->flags&1)) #define mpi_is_secure(a) ((a) && ((a)->flags&1))
void mpi_set_secure( MPI a ); void mpi_set_secure( MPI a );
void mpi_clear( MPI a ); void mpi_clear( MPI a );
MPI mpi_alloc_like( MPI a );
void mpi_set( MPI w, MPI u); void mpi_set( MPI w, MPI u);
void mpi_set_ui( MPI w, ulong u); void mpi_set_ui( MPI w, ulong u);
MPI mpi_alloc_set_ui( unsigned long u); MPI mpi_alloc_set_ui( unsigned long u);

4
mpi/ChangeLog
View File

@ -1,3 +1,7 @@
Tue May 4 15:47:53 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mpiutil.c (mpi_alloc_like): New.
Mon Apr 26 17:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de> Mon Apr 26 17:48:15 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mpih-add.c, mpih-sub.c: Removed * mpih-add.c, mpih-sub.c: Removed

30
mpi/mpiutil.c
View File

@ -323,6 +323,36 @@ mpi_copy( MPI a )
} }
/****************
* This function allocates an MPI which is optimized to hold
* a value as large as the one given in the arhgument and allocates it
* with the same flags as A.
*/
MPI
mpi_alloc_like( MPI a )
{
MPI b;
if( a && (a->flags & 4) ) {
void *p = m_is_secure(a->d)? m_alloc_secure( a->nbits )
: m_alloc( a->nbits );
memcpy( p, a->d, a->nbits );
b = mpi_set_opaque( NULL, p, a->nbits );
}
else if( a ) {
b = mpi_is_secure(a)? mpi_alloc_secure( a->nlimbs )
: mpi_alloc( a->nlimbs );
b->nlimbs = 0;
b->sign = 0;
b->flags = a->flags;
b->nbits = 0;
}
else
b = NULL;
return b;
}
void void
mpi_set( MPI w, MPI u) mpi_set( MPI w, MPI u)
{ {