1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

better prime number generator. improved ELG key generation

This commit is contained in:
Werner Koch 1997-12-19 11:41:47 +00:00
parent 15426c6d96
commit ee8d92fefa
22 changed files with 1225 additions and 623 deletions

View File

@ -21,16 +21,25 @@
#define G10_CONFIG_H #define G10_CONFIG_H
@@TOP@@ @TOP@
#undef M_DEBUG #undef M_DEBUG
#undef VERSION #undef VERSION
#undef PACKAGE #undef PACKAGE
/* RSA is only compiled in if you have these files. You can use /* RSA is only compiled in if you have these files. You can use
* RSA with out any restrictions, if your not in the U.S. or * RSA without any restrictions, if your not in the U.S. or
* wait until sep 20, 2000 * wait until sep 20, 2000
*/ */
#undef HAVE_RSA_CIPHER #undef HAVE_RSA_CIPHER
@@BOTTOM@@
@BOTTOM@
#ifdef WORDS_BIGENDIAN
#define BIG_ENDIAN_HOST
#else
#define LITTLE_ENDIAN_HOST
#endif
#endif /*G10_CONFIG_H*/ #endif /*G10_CONFIG_H*/

View File

@ -86,7 +86,7 @@ gen_k( MPI p )
if( DBG_CIPHER ) if( DBG_CIPHER )
fputc('.', stderr); fputc('.', stderr);
mpi_set_bytes( k, nbits, get_random_byte, 1 ); mpi_set_bytes( k, nbits, get_random_byte, 1 );
mpi_set_bit( k, nbits-1 ); /* make sure it's high (really needed?) */ mpi_set_highbit( k, nbits-1 ); /* make sure it's high (really needed?) */
if( mpi_cmp( k, p_1 ) >= 0 ) if( mpi_cmp( k, p_1 ) >= 0 )
continue; /* is not smaller than (p-1) */ continue; /* is not smaller than (p-1) */
if( mpi_gcd( temp, k, p_1 ) ) if( mpi_gcd( temp, k, p_1 ) )
@ -126,7 +126,7 @@ dsa_generate( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits )
if( DBG_CIPHER ) if( DBG_CIPHER )
fputc('.', stderr); fputc('.', stderr);
mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */ mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */
mpi_set_bit( x, nbits-1 ); /* make sure it's high (needed?) */ mpi_set_highbit( x, nbits-1 ); /* make sure it's high (needed?) */
} while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */ } while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */
y = mpi_alloc(nbits/BITS_PER_MPI_LIMB); y = mpi_alloc(nbits/BITS_PER_MPI_LIMB);

View File

@ -94,7 +94,7 @@ gen_k( MPI p )
for(;;) { for(;;) {
if( DBG_CIPHER ) if( DBG_CIPHER )
fputc('.', stderr); fputc('.', stderr);
mpi_set_bytes( k, nbits, get_random_byte, 1 ); mpi_set_bytes( k, nbits , get_random_byte, 1 );
if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */ if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */
continue; /* no */ continue; /* no */
if( !(mpi_cmp_ui( k, 0 ) > 0) ) /* check: k > 0 */ if( !(mpi_cmp_ui( k, 0 ) > 0) ) /* check: k > 0 */
@ -123,19 +123,23 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
MPI x; /* the secret exponent */ MPI x; /* the secret exponent */
MPI y; MPI y;
MPI temp; MPI temp;
unsigned qbits;
p = NULL;
p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
/*do {*/ if( nbits < 512 )
mpi_free(p); qbits = 120;
/* FIXME!!!! Should generate a strong prime */ else if( nbits <= 1024 )
p = generate_public_prime( nbits ); qbits = 160;
mpi_sub_ui(p_min1, p, 1); else if( nbits <= 2048 )
/*} while if( mpi_gcd( temp, k, p_1 ) )*/ qbits = 200;
else
qbits = 240;
g = mpi_alloc(1);
p = generate_elg_prime( nbits, qbits, g );
mpi_sub_ui(p_min1, p, 1);
g = mpi_alloc_set_ui(3); /* fixme: 3 is bad (but better than 2)*/
/* select a random number which has these properties: /* select a random number which has these properties:
* 0 < x < p-1 * 0 < x < p-1
*/ */

View File

@ -153,7 +153,7 @@ cipher( byte *inbuf, byte *outbuf, u16 *key )
x2 = *in++; x2 = *in++;
x3 = *in++; x3 = *in++;
x4 = *in; x4 = *in;
#ifdef HAVE_LITTLE_ENDIAN #ifdef LITTLE_ENDIAN_HOST
x1 = (x1>>8) | (x1<<8); x1 = (x1>>8) | (x1<<8);
x2 = (x2>>8) | (x2<<8); x2 = (x2>>8) | (x2<<8);
x3 = (x3>>8) | (x3<<8); x3 = (x3>>8) | (x3<<8);
@ -186,7 +186,7 @@ cipher( byte *inbuf, byte *outbuf, u16 *key )
MUL(x4, *key); MUL(x4, *key);
out = (u16*)outbuf; out = (u16*)outbuf;
#ifdef HAVE_LITTLE_ENDIAN #ifdef LITTLE_ENDIAN_HOST
*out++ = (x1>>8) | (x1<<8); *out++ = (x1>>8) | (x1<<8);
*out++ = (x3>>8) | (x3<<8); *out++ = (x3>>8) | (x3<<8);
*out++ = (x2>>8) | (x2<<8); *out++ = (x2>>8) | (x2<<8);

View File

@ -28,8 +28,10 @@
#include "cipher.h" #include "cipher.h"
static int no_of_small_prime_numbers; static int no_of_small_prime_numbers;
static int is_not_prime( MPI n, unsigned nbits, int steps, int *count ); static MPI gen_prime( unsigned nbits, int mode, int randomlevel );
static MPI gen_prime( unsigned nbits, int mode ); static int check_prime( MPI prime );
static int is_prime( MPI n, int steps, int *count );
static void m_out_of_n( char *array, int m, int n );
/**************** /****************
@ -38,17 +40,149 @@ static MPI gen_prime( unsigned nbits, int mode );
MPI MPI
generate_secret_prime( unsigned nbits ) generate_secret_prime( unsigned nbits )
{ {
return gen_prime( nbits, 1 ); MPI prime;
prime = gen_prime( nbits, 1, 2 );
fputc('\n', stderr);
return prime;
} }
MPI MPI
generate_public_prime( unsigned nbits ) generate_public_prime( unsigned nbits )
{ {
return gen_prime( nbits, 0 ); MPI prime;
prime = gen_prime( nbits, 0, 1 ); /* fixme: change to 2 */
fputc('\n', stderr);
return prime;
} }
MPI
generate_elg_prime( unsigned pbits, unsigned qbits, MPI g )
{
int n; /* number of factors */
int m; /* number of primes in pool */
unsigned fbits; /* length of prime factors */
MPI *factors; /* curent factors */
MPI *pool; /* pool of primes */
MPI q; /* first prime factor */
MPI prime; /* prime test value */
byte *perms = NULL;
int i, j;
/* find number of needed prime factors */
for(n=1; (pbits - qbits - 1) / n >= qbits; n++ )
;
n--;
if( !n )
log_fatal("can't gen prime with pbits=%u qbits=%u\n", pbits, qbits );
fbits = (pbits - qbits -1) / n;
while( qbits + n*fbits < pbits )
qbits++;
qbits++; /* one mpre to increase tzhe chance to get a weel formed prime*/
log_debug("gen prime: pbits=%u qbits=%u fbits=%u n=%d\n",
pbits, qbits, fbits, n );
prime = mpi_alloc( (pbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB );
q = gen_prime( qbits, 0, 0 ); /* fixme: should be 2 */
fputc('\n', stderr);
/* allocate an array to hold the factors + 2 for later usage */
factors = m_alloc_clear( (n+2) * sizeof *factors );
/* make a pool of 2n+5 primes (this is an arbitrary value) */
m = n*2+5;
if( m < 20 )
m = 20;
pool = m_alloc_clear( m * sizeof *pool );
/* permutate over the pool of primes */
do {
next_try:
if( !perms ) {
/* allocate new primes */
for(i=0; i < m; i++ ) {
mpi_free(pool[i]);
pool[i] = gen_prime( fbits, 0, 0 ); /* fixme: should be 2 */
}
fputc('\n', stderr);
/* init m_out_of_n() */
perms = m_alloc_clear( m );
for(i=0; i < n; i++ ) {
perms[i] = 1;
factors[i] = pool[i];
}
}
else {
m_out_of_n( perms, n, m );
for(i=j=0; i < m && j < n ; i++ )
if( perms[i] )
factors[j++] = pool[i];
if( i == n ) {
m_free(perms); perms = NULL;
fputc('!', stderr);
goto next_try; /* allocate new primes */
}
}
mpi_set( prime, q );
mpi_mul_ui( prime, prime, 2 );
for(i=0; i < n; i++ )
mpi_mul( prime, prime, factors[i] );
mpi_add_ui( prime, prime, 1 );
} while( !( mpi_get_nbits( prime ) == pbits && check_prime( prime )) );
putc('\n', stderr);
log_mpidump( "prime : ", prime );
log_mpidump( "factor q: ", q );
for(i=0; i < n; i++ )
log_mpidump( "factor pi: ", factors[i] );
log_debug("bit sizes: prime=%u, q=%u",mpi_get_nbits(prime), mpi_get_nbits(q) );
for(i=0; i < n; i++ )
fprintf(stderr, ", p%d=%u", i, mpi_get_nbits(factors[i]) );
putc('\n', stderr);
if( g ) { /* create a generator (start with 3)*/
MPI tmp = mpi_alloc( mpi_get_nlimbs(prime) );
MPI b = mpi_alloc( mpi_get_nlimbs(prime) );
MPI pmin1 = mpi_alloc( mpi_get_nlimbs(prime) );
factors[n] = q;
factors[n+1] = mpi_alloc_set_ui(2);
mpi_sub_ui( pmin1, prime, 1 );
mpi_set_ui(g,2);
do {
mpi_add_ui(g, g, 1);
log_mpidump("checking g: ", g );
for(i=0; i < n+2; i++ ) {
log_mpidump(" against: ", factors[i] );
mpi_fdiv_q(tmp, pmin1, factors[i] );
/* (no mpi_pow(), but it is okay to use this with mod prime) */
mpi_powm(b, g, tmp, prime );
if( !mpi_cmp_ui(b, 1) )
break;
}
} while( i < n );
mpi_free(factors[n+1]);
mpi_free(tmp);
mpi_free(b);
mpi_free(pmin1);
log_mpidump("found g: ", g );
}
m_free( factors ); /* (factors are shallow copies) */
for(i=0; i < m; i++ )
mpi_free( pool[i] );
m_free( pool );
m_free(perms);
return prime;
}
static MPI static MPI
gen_prime( unsigned nbits, int secret ) gen_prime( unsigned nbits, int secret, int randomlevel )
{ {
unsigned nlimbs; unsigned nlimbs;
MPI prime, val_2, val_3, result; MPI prime, val_2, val_3, result;
@ -57,7 +191,7 @@ gen_prime( unsigned nbits, int secret )
unsigned count1, count2; unsigned count1, count2;
int *mods; int *mods;
if( DBG_CIPHER ) if( 0 && DBG_CIPHER )
log_debug("generate a prime of %u bits ", nbits ); log_debug("generate a prime of %u bits ", nbits );
if( !no_of_small_prime_numbers ) { if( !no_of_small_prime_numbers ) {
@ -78,9 +212,9 @@ gen_prime( unsigned nbits, int secret )
/* enter (endless) loop */ /* enter (endless) loop */
for(;;) { for(;;) {
/* generate a random number */ /* generate a random number */
mpi_set_bytes( prime, nbits, get_random_byte, 2 ); mpi_set_bytes( prime, nbits, get_random_byte, randomlevel );
/* set high order bit to 1, set low order bit to 1 */ /* set high order bit to 1, set low order bit to 1 */
mpi_set_bit( prime, nbits-1 ); mpi_set_highbit( prime, nbits-1 );
mpi_set_bit( prime, 0 ); mpi_set_bit( prime, 0 );
/* calculate all remainders */ /* calculate all remainders */
@ -102,25 +236,26 @@ gen_prime( unsigned nbits, int secret )
mpi_add_ui( prime, prime, step ); mpi_add_ui( prime, prime, step );
#if 0
/* do a Fermat test */ /* do a Fermat test */
count2++; count2++;
mpi_powm( result, val_2, prime, prime ); mpi_powm( result, val_2, prime, prime );
if( mpi_cmp_ui(result, 2) ) if( mpi_cmp_ui(result, 2) )
continue; /* stepping (fermat test failed) */ continue; /* stepping (fermat test failed) */
fputc('+', stderr); fputc('+', stderr);
#endif
/* perform stronger tests */ /* perform stronger tests */
if( !is_not_prime(prime, nbits, 5, &count2 ) ) { if( is_prime(prime, 5, &count2 ) ) {
if( !mpi_test_bit( prime, nbits-1 ) ) { if( !mpi_test_bit( prime, nbits-1 ) ) {
if( DBG_CIPHER ) { if( 0 && DBG_CIPHER ) {
fputc('\n', stderr); fputc('\n', stderr);
log_debug("overflow in prime generation\n"); log_debug("overflow in prime generation\n");
break; /* step loop, cont with a new prime */ break; /* step loop, cont with a new prime */
} }
} }
fputc('\n', stderr); if( 0 && DBG_CIPHER ) {
if( DBG_CIPHER ) {
log_debug("performed %u simple and %u stronger tests\n", log_debug("performed %u simple and %u stronger tests\n",
count1, count2 ); count1, count2 );
log_mpidump("found prime: ", prime ); log_mpidump("found prime: ", prime );
@ -137,12 +272,51 @@ gen_prime( unsigned nbits, int secret )
} }
} }
/**************** /****************
* Return 1 if n is not a prime * Returns: true if this is may me a prime
*/ */
static int static int
is_not_prime( MPI n, unsigned nbits, int steps, int *count ) check_prime( MPI prime )
{
int i;
unsigned x;
int count=0;
MPI result;
MPI val_2;
/* check against small primes */
for(i=0; (x = small_prime_numbers[i]); i++ ) {
if( mpi_divisible_ui( prime, x ) )
return 0;
}
fputc('.', stderr);
#if 0
result = mpi_alloc( mpi_get_nlimbs(prime) );
val_2 = mpi_alloc_set_ui( 2 );
mpi_powm( result, val_2, prime, prime );
if( mpi_cmp_ui(result, 2) ) {
mpi_free(result);
mpi_free(val_2);
return 0;
}
mpi_free(result);
mpi_free(val_2);
fputc('+', stderr);
#endif
/* perform stronger tests */
if( is_prime(prime, 5, &count ) )
return 1; /* is probably a prime */
return 0;
}
/****************
* Return true if n is propably a prime
*/
static int
is_prime( MPI n, int steps, int *count )
{ {
MPI x = mpi_alloc( mpi_get_nlimbs( n ) ); MPI x = mpi_alloc( mpi_get_nlimbs( n ) );
MPI y = mpi_alloc( mpi_get_nlimbs( n ) ); MPI y = mpi_alloc( mpi_get_nlimbs( n ) );
@ -151,7 +325,8 @@ is_not_prime( MPI n, unsigned nbits, int steps, int *count )
MPI a2 = mpi_alloc_set_ui( 2 ); MPI a2 = mpi_alloc_set_ui( 2 );
MPI q; MPI q;
unsigned i, j, k; unsigned i, j, k;
int rc = 1; int rc = 0;
unsigned nbits = mpi_get_nbits( n );
mpi_sub_ui( nminus1, n, 1 ); mpi_sub_ui( nminus1, n, 1 );
@ -162,24 +337,33 @@ is_not_prime( MPI n, unsigned nbits, int steps, int *count )
for(i=0 ; i < steps; i++ ) { for(i=0 ; i < steps; i++ ) {
++*count; ++*count;
do { if( !i ) {
mpi_set_bytes( x, nbits, get_random_byte, 0 ); mpi_set_ui( x, 2 );
} while( mpi_cmp( x, n ) < 0 && mpi_cmp_ui( x, 1 ) > 0 ); }
else {
mpi_set_bytes( x, nbits-1, get_random_byte, 0 );
/* work around a bug in mpi_set_bytes */
if( mpi_test_bit( x, nbits-2 ) )
mpi_set_highbit( x, nbits-2 ); /* clear all higher bits */
else {
mpi_set_highbit( x, nbits-2 );
mpi_clear_bit( x, nbits-2 );
}
assert( mpi_cmp( x, nminus1 ) < 0 && mpi_cmp_ui( x, 1 ) > 0 );
}
mpi_powm( y, x, q, n); mpi_powm( y, x, q, n);
if( mpi_cmp_ui(y, 1) && mpi_cmp( y, nminus1 ) ) { if( mpi_cmp_ui(y, 1) && mpi_cmp( y, nminus1 ) ) {
for( j=1; j < k; j++ ) { for( j=1; j < k && mpi_cmp( y, nminus1 ); j++ ) {
mpi_powm(y, y, a2, n); mpi_powm(y, y, a2, n);
if( !mpi_cmp_ui( y, 1 ) ) if( !mpi_cmp_ui( y, 1 ) )
goto leave; /* not a prime */ goto leave; /* not a prime */
if( !mpi_cmp( y, nminus1 ) )
break; /* may be a prime */
} }
if( j == k ) if( mpi_cmp( y, nminus1 ) )
goto leave; goto leave; /* not a prime */
} }
fputc('+', stderr); fputc('+', stderr);
} }
rc = 0; /* may be a prime */ rc = 1; /* may be a prime */
leave: leave:
mpi_free( x ); mpi_free( x );
@ -191,3 +375,90 @@ is_not_prime( MPI n, unsigned nbits, int steps, int *count )
return rc; return rc;
} }
static void
m_out_of_n( char *array, int m, int n )
{
int i=0, i1=0, j=0, jp=0, j1=0, k1=0, k2=0;
if( !m || m >= n )
return;
if( m == 1 ) { /* special case */
for(i=0; i < n; i++ )
if( array[i] ) {
array[i++] = 0;
if( i >= n )
i = 0;
array[i] = 1;
return;
}
log_bug(NULL);
}
for(j=1; j < n; j++ ) {
if( array[n-1] == array[n-j-1] )
continue;
j1 = j;
break;
}
if( m & 1 ) { /* m is odd */
if( array[n-1] ) {
if( j1 & 1 ) {
k1 = n - j1;
k2 = k1+2;
if( k2 > n )
k2 = n;
goto leave;
}
goto scan;
}
k2 = n - j1 - 1;
if( k2 == 0 ) {
k1 = i;
k2 = n - j1;
}
else if( array[k2] && array[k2-1] )
k1 = n;
else
k1 = k2 + 1;
}
else { /* m is even */
if( !array[n-1] ) {
k1 = n - j1;
k2 = k1 + 1;
goto leave;
}
if( !(j1 & 1) ) {
k1 = n - j1;
k2 = k1+2;
if( k2 > n )
k2 = n;
goto leave;
}
scan:
jp = n - j1 - 1;
for(i=1; i <= jp; i++ ) {
i1 = jp + 2 - i;
if( array[i1-1] ) {
if( array[i1-2] ) {
k1 = i1 - 1;
k2 = n - j1;
}
else {
k1 = i1 - 1;
k2 = n + 1 - j1;
}
goto leave;
}
}
k1 = 1;
k2 = n + 1 - m;
}
leave:
array[k1-1] = !array[k1-1];
array[k2-1] = !array[k2-1];
}

View File

@ -368,7 +368,7 @@ rmd160_final(RMDHANDLE hd)
transform( hd, (u32*)hd->buffer ); transform( hd, (u32*)hd->buffer );
p = hd->buffer; p = hd->buffer;
#ifdef HAVE_BIG_ENDIAN #ifdef BIG_ENDIAN_HOST
#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \ #define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
*p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0) *p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0)
#else /* little endian */ #else /* little endian */

View File

@ -139,7 +139,7 @@ transform( SHA1HANDLE hd, byte *data )
D = hd->h3; D = hd->h3;
E = hd->h4; E = hd->h4;
#ifdef HAVE_BIG_ENDIAN #ifdef BIG_ENDIAN_HOST
memcpy( eData, data, 64 ); memcpy( eData, data, 64 );
#else #else
{ int i; { int i;
@ -379,7 +379,7 @@ sha1_final(SHA1HANDLE hd)
transform( hd, hd->buffer ); transform( hd, hd->buffer );
p = hd->buffer; p = hd->buffer;
#ifdef HAVE_BIG_ENDIAN #ifdef BIG_ENDIAN_HOST
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
#else /* little endian */ #else /* little endian */
#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \ #define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \

View File

@ -41,15 +41,28 @@
/* Define if you have the ANSI C header files. */ /* Define if you have the ANSI C header files. */
#undef STDC_HEADERS #undef STDC_HEADERS
/* Define if your processor stores words with the most significant
byte first (like Motorola and SPARC, unlike Intel and VAX). */
#undef WORDS_BIGENDIAN
#undef M_DEBUG #undef M_DEBUG
#undef VERSION #undef VERSION
#undef PACKAGE #undef PACKAGE
/* RSA is only compiled in if you have these files. You can use /* RSA is only compiled in if you have these files. You can use
* RSA with out any restrictions, if your not in the U.S. or * RSA without any restrictions, if your not in the U.S. or
* wait until sep 20, 2000 * wait until sep 20, 2000
*/ */
#undef HAVE_RSA_CIPHER #undef HAVE_RSA_CIPHER
/* The number of bytes in a unsigned int. */
#undef SIZEOF_UNSIGNED_INT
/* The number of bytes in a unsigned long. */
#undef SIZEOF_UNSIGNED_LONG
/* The number of bytes in a unsigned short. */
#undef SIZEOF_UNSIGNED_SHORT
/* Define if you have the strerror function. */ /* Define if you have the strerror function. */
#undef HAVE_STRERROR #undef HAVE_STRERROR
@ -65,4 +78,11 @@
/* Define if you have the <zlib.h> header file. */ /* Define if you have the <zlib.h> header file. */
#undef HAVE_ZLIB_H #undef HAVE_ZLIB_H
#ifdef WORDS_BIGENDIAN
#define BIG_ENDIAN_HOST
#else
#define LITTLE_ENDIAN_HOST
#endif
#endif /*G10_CONFIG_H*/ #endif /*G10_CONFIG_H*/

View File

@ -63,6 +63,12 @@ AC_C_CONST
AC_C_INLINE AC_C_INLINE
AC_TYPE_SIZE_T AC_TYPE_SIZE_T
AC_C_BIGENDIAN
AC_CHECK_SIZEOF(unsigned short)
AC_CHECK_SIZEOF(unsigned int)
AC_CHECK_SIZEOF(unsigned long)
dnl Checks for library functions. dnl Checks for library functions.
AC_FUNC_VPRINTF AC_FUNC_VPRINTF
AC_CHECK_FUNCS(strerror strtol strtoul) AC_CHECK_FUNCS(strerror strtol strtoul)
@ -79,12 +85,12 @@ fi
dnl checking wether we have the RSA source dnl checking whether we have the RSA source
dnl fixme: I found no way (aside of using Makefile.am.in) dnl fixme: I found no way (aside of using Makefile.am.in)
dnl to add the requeired source int Makefile.am dnl to add the requeired source int Makefile.am
dnl I used: add_cipher_SOURCES="rsa.c rsa.h" dnl I used: add_cipher_SOURCES="rsa.c rsa.h"
dnl but of cource it can't work dnl but of cource it can't work
AC_MSG_CHECKING(wether we have the rsa source) AC_MSG_CHECKING(whether we have the rsa source)
if test -f cipher/rsa.c && test -f cipher/rsa.h; then if test -f cipher/rsa.c && test -f cipher/rsa.h; then
AC_DEFINE(HAVE_RSA_CIPHER) AC_DEFINE(HAVE_RSA_CIPHER)
AC_MSG_RESULT(yes) AC_MSG_RESULT(yes)

View File

@ -125,7 +125,7 @@ main( int argc, char **argv )
{ 510, "debug" ,4|16, "set debugging flags" }, { 510, "debug" ,4|16, "set debugging flags" },
{ 511, "debug-all" ,0, "enable full debugging"}, { 511, "debug-all" ,0, "enable full debugging"},
{ 512, "cache-all" ,0, "hold everything in memory"}, { 512, "cache-all" ,0, "hold everything in memory"},
{ 513, "gen-prime" , 1, "\r" }, { 513, "gen-prime" , 0, "\r" },
{ 514, "test" , 0, "\r" }, { 514, "test" , 0, "\r" },
{ 515, "change-passphrase", 0, "change the passphrase of your secret keyring"}, { 515, "change-passphrase", 0, "change the passphrase of your secret keyring"},
{ 515, "fingerprint", 0, "show the fingerprints"}, { 515, "fingerprint", 0, "show the fingerprints"},
@ -345,10 +345,26 @@ main( int argc, char **argv )
case aPrimegen: case aPrimegen:
if( argc ) if( argc == 1 ) {
mpi_print( stdout, generate_public_prime( atoi(argv[0]) ), 1);
putchar('\n');
}
else if( argc == 2 ) {
mpi_print( stdout, generate_elg_prime( atoi(argv[0]),
atoi(argv[1]), NULL ), 1);
putchar('\n');
}
else if( argc == 3 ) {
MPI g = mpi_alloc(1);
mpi_print( stdout, generate_elg_prime( atoi(argv[0]),
atoi(argv[1]), g ), 1);
printf("\nGenerator: ");
mpi_print( stdout, g, 1 );
putchar('\n');
mpi_free(g);
}
else
usage(1); usage(1);
mpi_print( stdout, generate_public_prime( pargs.r.ret_int ), 1);
putchar('\n');
break; break;
case aPrintMDs: case aPrintMDs:
@ -366,7 +382,7 @@ main( int argc, char **argv )
generate_keypair(); generate_keypair();
break; break;
case aTest: do_test( atoi(*argv) ); break; case aTest: do_test( argc? atoi(*argv): 0 ); break;
default: default:
if( argc > 1 ) if( argc > 1 )
@ -463,9 +479,11 @@ print_mds( const char *fname )
} }
static void static void
do_test(int times) do_test(int times)
{ {
#if 0
MPI t = mpi_alloc( 50 ); MPI t = mpi_alloc( 50 );
MPI m = mpi_alloc( 50 ); MPI m = mpi_alloc( 50 );
MPI a = mpi_alloc( 50 ); MPI a = mpi_alloc( 50 );
@ -486,7 +504,34 @@ do_test(int times)
m_check(NULL); m_check(NULL);
#endif
#if 0
char *array;
int i, j;
int n = 6;
int m = times;
if( m > n )
abort();
array = m_alloc_clear( n );
memset( array, 1, m );
for(i=0;; i++) {
printf("i=%3d: ", i );
for(j=0; j < n ; j++ )
if( array[j] )
putchar( 'X' );
else
putchar( '-' );
putchar('\n');
m_out_of_n( array, m, n );
for(j=0; j < n; j++ )
if( !array[j] )
break;
if( j == m )
break;
}
#endif
} }

View File

@ -37,6 +37,7 @@ new_kbnode( PACKET *pkt )
n->next = NULL; n->next = NULL;
n->pkt = pkt; n->pkt = pkt;
n->child = NULL; n->child = NULL;
n->flag = 0;
return n; return n;
} }
@ -138,3 +139,11 @@ walk_kbtree( KBNODE root, KBNODE *context )
return n; return n;
} }
void
clear_kbnode_flags( KBNODE n )
{
for( ; n; n = n->next ) {
clear_kbnode_flags( n->child );
n->flag = 0;
}
}

View File

@ -40,6 +40,7 @@ struct kbnode_struct {
PACKET *pkt; PACKET *pkt;
KBNODE next; /* used to form a link list */ KBNODE next; /* used to form a link list */
KBNODE child; KBNODE child;
int flag;
}; };
/**************** /****************
@ -92,6 +93,7 @@ void add_kbnode( KBNODE root, KBNODE node );
void add_kbnode_as_child( KBNODE root, KBNODE node ); void add_kbnode_as_child( KBNODE root, KBNODE node );
KBNODE find_kbparent( KBNODE root, KBNODE node ); KBNODE find_kbparent( KBNODE root, KBNODE node );
KBNODE walk_kbtree( KBNODE root, KBNODE *context ); KBNODE walk_kbtree( KBNODE root, KBNODE *context );
void clear_kbnode_flags( KBNODE n );
/*-- ringedit.c --*/ /*-- ringedit.c --*/
int add_keyblock_resource( const char *filename, int force ); int add_keyblock_resource( const char *filename, int force );

View File

@ -174,17 +174,14 @@ gen_elg(unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
skc->d.elg.g = sk.g; skc->d.elg.g = sk.g;
skc->d.elg.y = sk.y; skc->d.elg.y = sk.y;
skc->d.elg.x = sk.x; skc->d.elg.x = sk.x;
skc->d.elg.is_protected = 0;
skc->d.elg.protect_algo = 0;
skc->d.elg.csum = checksum_mpi( skc->d.elg.x ); skc->d.elg.csum = checksum_mpi( skc->d.elg.x );
/* return an unprotected version of the skc */ /* return an unprotected version of the skc */
*ret_skc = copy_secret_cert( NULL, skc ); *ret_skc = copy_secret_cert( NULL, skc );
if( !dek ) { if( dek ) {
skc->d.elg.is_protected = 0;
skc->d.elg.protect_algo = 0;
}
else {
skc->d.elg.is_protected = 0;
skc->d.elg.protect_algo = CIPHER_ALGO_BLOWFISH; skc->d.elg.protect_algo = CIPHER_ALGO_BLOWFISH;
randomize_buffer(skc->d.elg.protect.blowfish.iv, 8, 1); randomize_buffer(skc->d.elg.protect.blowfish.iv, 8, 1);
rc = protect_secret_key( skc, dek ); rc = protect_secret_key( skc, dek );

View File

@ -53,6 +53,7 @@
#include "mpi.h" #include "mpi.h"
#include "iobuf.h" #include "iobuf.h"
#include "keydb.h" #include "keydb.h"
#include <unistd.h> /* for truncate */
struct resource_table_struct { struct resource_table_struct {
@ -383,6 +384,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
KBNODE root = NULL; KBNODE root = NULL;
KBNODE node, n1, n2; KBNODE node, n1, n2;
IOBUF a; IOBUF a;
u32 offset, last_offset;
if( !(rentry=check_pos(kbpos)) ) if( !(rentry=check_pos(kbpos)) )
return G10ERR_GENERAL; return G10ERR_GENERAL;
@ -399,7 +401,6 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
return G10ERR_KEYRING_OPEN; return G10ERR_KEYRING_OPEN;
} }
pkt = m_alloc( sizeof *pkt ); pkt = m_alloc( sizeof *pkt );
init_packet(pkt); init_packet(pkt);
while( (rc=parse_packet(a, pkt)) != -1 ) { while( (rc=parse_packet(a, pkt)) != -1 ) {
@ -407,11 +408,13 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
free_packet( pkt ); free_packet( pkt );
continue; continue;
} }
if( root && ( pkt->pkttype == PKT_PUBLIC_CERT
|| pkt->pkttype == PKT_SECRET_CERT ) )
goto ready;
offset = iobuf_tell(a);
switch( pkt->pkttype ) { switch( pkt->pkttype ) {
case PKT_PUBLIC_CERT: case PKT_PUBLIC_CERT:
case PKT_SECRET_CERT: case PKT_SECRET_CERT:
if( root )
goto ready;
root = new_kbnode( pkt ); root = new_kbnode( pkt );
pkt = m_alloc( sizeof *pkt ); pkt = m_alloc( sizeof *pkt );
init_packet(pkt); init_packet(pkt);
@ -423,6 +426,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
rc = G10ERR_INV_KEYRING; /* or wrong kbpos */ rc = G10ERR_INV_KEYRING; /* or wrong kbpos */
goto ready; goto ready;
} }
offset = last_offset;
/* append the user id */ /* append the user id */
node = new_kbnode( pkt ); node = new_kbnode( pkt );
if( !(n1=root->child) ) if( !(n1=root->child) )
@ -477,7 +481,7 @@ keyring_read( KBPOS *kbpos, KBNODE *ret_root )
release_kbnode( root ); release_kbnode( root );
else { else {
*ret_root = root; *ret_root = root;
kbpos->length = iobuf_tell( a ) - kbpos->offset; kbpos->length = offset - kbpos->offset;
} }
free_packet( pkt ); free_packet( pkt );
m_free( pkt ); m_free( pkt );
@ -529,7 +533,68 @@ keyring_insert( KBPOS *kbpos, KBNODE root )
static int static int
keyring_delete( KBPOS *kbpos ) keyring_delete( KBPOS *kbpos )
{ {
return -1; RESTBL *rentry;
IOBUF fp;
KBNODE kbctx, node;
int rc;
u32 len;
int ctb;
if( !(rentry = check_pos( kbpos )) )
return G10ERR_GENERAL;
/* open the file for read/write */
fp = iobuf_openrw( rentry->fname );
if( !fp ) {
log_error("can't open '%s' for writing\n", rentry->fname );
return G10ERR_OPEN_FILE;
}
if( iobuf_seek( fp, kbpos->offset ) ) {
log_error("can't seek to %lu: %s\n", kbpos->offset, g10_errstr(rc));
iobuf_close(fp);
return G10ERR_WRITE_FILE;
}
len = kbpos->length;
log_debug("writing a dummy packet of length %lu\n", (ulong)len);
if( len < 2 )
log_bug(NULL);
if( len < 256 ) {
ctb = 0x80;
len -= 2;
}
else if( len < 65536 ) {
ctb = 0x81;
len -= 3;
}
else {
ctb = 0x82;
len -= 5;
}
iobuf_put(fp, ctb );
if( ctb & 2 ) {
iobuf_put(fp, len >> 24 );
iobuf_put(fp, len >> 16 );
}
if( ctb & 3 )
iobuf_put(fp, len >> 8 );
if( iobuf_put(fp, len ) ) {
iobuf_close(fp);
return G10ERR_WRITE_FILE;
}
for( ; len; len-- )
if( iobuf_put(fp, 0xff ) ) {
iobuf_close(fp);
return G10ERR_WRITE_FILE;
}
iobuf_close(fp);
return 0;
} }

View File

@ -213,4 +213,19 @@ signature_check( PKT_signature *sig, MD_HANDLE *digest )
} }
/****************
* check the signature pointed to by NODE. This is a key signatures
*/
int
check_key_signature( KBNODE root, KBNODE node )
{
assert( node->pkt->pkttype == PKT_SIGNATURE );
assert( (node->pkt->pkt.signature->sig_class&~3) == 0x10 );
assert( root->pkt->pkttype == PKT_PUBLIC_CERT );
/*FIXME!!!!!!*/
return 0;
}

View File

@ -113,6 +113,7 @@ extern ushort small_prime_numbers[];
/*-- primegen.c --*/ /*-- primegen.c --*/
MPI generate_secret_prime( unsigned nbits ); MPI generate_secret_prime( unsigned nbits );
MPI generate_public_prime( unsigned nbits ); MPI generate_public_prime( unsigned nbits );
MPI generate_elg_prime( unsigned pbits, unsigned qbits, MPI g );
#endif /*G10_CIPHER_H*/ #endif /*G10_CIPHER_H*/

View File

@ -65,6 +65,7 @@ IOBUF iobuf_temp(void);
IOBUF iobuf_open( const char *fname ); IOBUF iobuf_open( const char *fname );
IOBUF iobuf_create( const char *fname ); IOBUF iobuf_create( const char *fname );
IOBUF iobuf_append( const char *fname ); IOBUF iobuf_append( const char *fname );
IOBUF iobuf_openrw( const char *fname );
int iobuf_close( IOBUF iobuf ); int iobuf_close( IOBUF iobuf );
int iobuf_cancel( IOBUF iobuf ); int iobuf_cancel( IOBUF iobuf );

View File

@ -148,6 +148,7 @@ unsigned mpi_trailing_zeros( MPI a );
unsigned mpi_get_nbits( MPI a ); unsigned mpi_get_nbits( MPI a );
int mpi_test_bit( MPI a, unsigned n ); int mpi_test_bit( MPI a, unsigned n );
void mpi_set_bit( MPI a, unsigned n ); void mpi_set_bit( MPI a, unsigned n );
void mpi_set_highbit( MPI a, unsigned n );
void mpi_clear_bit( MPI a, unsigned n ); void mpi_clear_bit( MPI a, unsigned n );
void mpi_set_bytes( MPI a, unsigned nbits, byte (*fnc)(int), int opaque ); void mpi_set_bytes( MPI a, unsigned nbits, byte (*fnc)(int), int opaque );
void mpi_rshift( MPI x, MPI a, unsigned n ); void mpi_rshift( MPI x, MPI a, unsigned n );

View File

@ -22,22 +22,51 @@
#define G10_TYPES_H #define G10_TYPES_H
#ifdef __linux__ #ifdef __linux__
/* FIXME: add stuff to configure to detect for typedefs */
#include <linux/types.h> #include <linux/types.h>
#define HAVE_ULONG_TYPEDEF #define HAVE_ULONG_TYPEDEF
#define HAVE_USHORT_TYPEDEF #define HAVE_USHORT_TYPEDEF
#endif #endif
#ifndef HAVE_BYTE_TYPEDEF
typedef unsigned char byte;
#define HAVE_BYTE_TYPEDEF
#endif
/* Common code */
#ifndef HAVE_ULONG_TYPEDEF
#define HAVE_ULONG_TYPEDEF
typedef unsigned long ulong;
#endif
#ifndef HAVE_USHORT_TYPEDEF #ifndef HAVE_USHORT_TYPEDEF
#define HAVE_USHORT_TYPEDEF
typedef unsigned short ushort; typedef unsigned short ushort;
#define HAVE_USHORT_TYPEDEF
#endif #endif
#ifndef HAVE_ULONG_TYPEDEF
typedef unsigned long ulong;
#define HAVE_ULONG_TYPEDEF
#endif
#ifndef HAVE_U16_TYPEDEF
#if SIZEOF_UNSIGNED_INT == 2
typedef unsigned int u16;
#elif SIZEOF_UNSIGNED_SHORT == 2
typedef unsigned short u16;
#else
#error no typedef for u16
#endif
#define HAVE_U16_TYPEDEF
#endif
#ifndef HAVE_U32_TYPEDEF
#if SIZEOF_UNSIGNED_INT == 4
typedef unsigned long u32;
#elif SIZEOF_UNSIGNED_LONG == 4
typedef unsigned int u32;
#else
#error no typedef for u32
#endif
#define HAVE_U32_TYPEDEF
#endif
typedef struct string_list { typedef struct string_list {
struct string_list *next; struct string_list *next;
@ -45,32 +74,4 @@ typedef struct string_list {
} *STRLIST; } *STRLIST;
/****************************************
******** machine dependent stuff *******
****************************************/
#if defined(__hpux)
#define HAVE_BIG_ENDIAN 1
#else
#define HAVE_LITTLE_ENDIAN 1
#endif
/*** some defaults ***/
#ifndef HAVE_BYTE_TYPEDEF
#define HAVE_BYTE_TYPEDEF
typedef unsigned char byte;
#endif
#ifndef HAVE_U16_TYPEDEF
#define HAVE_U16_TYPEDEF
typedef unsigned short u16;
#endif
#ifndef HAVE_U32_TYPEDEF
#define HAVE_U32_TYPEDEF
typedef unsigned long u32;
#endif
#endif /*G10_TYPES_H*/ #endif /*G10_TYPES_H*/

File diff suppressed because it is too large Load Diff

View File

@ -23,16 +23,29 @@
#include <stdlib.h> #include <stdlib.h>
#include <assert.h> #include <assert.h>
#include "mpi-internal.h" #include "mpi-internal.h"
#include "longlong.h"
/**************** /****************
* Return the number of bits in A. * Return the number of bits in A.
* fixme: we should not count leading zero bits
*/ */
unsigned unsigned
mpi_get_nbits( MPI a ) mpi_get_nbits( MPI a )
{ {
return a->nlimbs * BITS_PER_MPI_LIMB; unsigned nbits;
unsigned n, count = 0;
if( a->nlimbs ) {
mpi_limb_t alimb = a->d[a->nlimbs-1];
if( alimb )
count_leading_zeros( n, alimb );
else
n = BITS_PER_MPI_LIMB;
n = BITS_PER_MPI_LIMB - n + (a->nlimbs-1) * BITS_PER_MPI_LIMB;
}
else
n = 0;
return n;
} }
@ -74,6 +87,28 @@ mpi_set_bit( MPI a, unsigned n )
a->d[limbno] |= (1<<bitno); a->d[limbno] |= (1<<bitno);
} }
/****************
* Set bit N of A. and clear all bits above
*/
void
mpi_set_highbit( MPI a, unsigned n )
{
unsigned limbno, bitno;
limbno = n / BITS_PER_MPI_LIMB;
bitno = n % BITS_PER_MPI_LIMB;
if( limbno >= a->nlimbs ) { /* resize */
if( a->alloced >= limbno )
mpi_resize(a, limbno+1 );
a->nlimbs = limbno+1;
}
a->d[limbno] |= (1<<bitno);
for( bitno++; bitno < BITS_PER_MPI_LIMB; bitno++ )
a->d[limbno] &= ~(1 << bitno);
a->nlimbs = limbno+1;
}
/**************** /****************
* Clear bit N of A. * Clear bit N of A.
*/ */
@ -109,7 +144,7 @@ mpi_set_bytes( MPI a, unsigned nbits, byte (*fnc)(int), int opaque )
a->nlimbs = nlimbs2; a->nlimbs = nlimbs2;
for(n=0; n < nlimbs; n++ ) { for(n=0; n < nlimbs; n++ ) {
p = (byte*)(a->d+n); p = (byte*)(a->d+n);
#ifdef HAVE_LITTLE_ENDIAN #ifdef LITTLE_ENDIAN_HOST
for(i=0; i < BYTES_PER_MPI_LIMB; i++ ) for(i=0; i < BYTES_PER_MPI_LIMB; i++ )
p[i] = fnc(opaque); p[i] = fnc(opaque);
#else #else
@ -119,7 +154,7 @@ mpi_set_bytes( MPI a, unsigned nbits, byte (*fnc)(int), int opaque )
} }
if( xbytes ) { if( xbytes ) {
p = (byte*)(a->d+n); p = (byte*)(a->d+n);
#ifdef HAVE_LITTLE_ENDIAN #ifdef LITTLE_ENDIAN_HOST
for(i=0; i < xbytes; i++ ) for(i=0; i < xbytes; i++ )
p[i] = fnc(opaque); p[i] = fnc(opaque);
#else #else
@ -127,7 +162,18 @@ mpi_set_bytes( MPI a, unsigned nbits, byte (*fnc)(int), int opaque )
p[i] = fnc(opaque); p[i] = fnc(opaque);
#endif #endif
} }
assert(!xbits); #if 0 /* fixme: set complete random byte and clear out the unwanted ones*/
if( xbits ) {
p = (byte*)(a->d+n);
#ifdef LITTLE_ENDIAN_HOST
for(i=0; i < xbytes; i++ )
p[i] = fnc(opaque);
#else
for(i=xbytes-1; i>=0; i-- )
p[i] = fnc(opaque);
#endif
}
#endif
} }
/**************** /****************

View File

@ -400,6 +400,32 @@ iobuf_append( const char *fname )
return a; return a;
} }
IOBUF
iobuf_openrw( const char *fname )
{
IOBUF a;
FILE *fp;
file_filter_ctx_t *fcx;
size_t len;
if( !fname )
return NULL;
else if( !(fp = fopen(fname, "r+b")) )
return NULL;
a = iobuf_alloc(2, 8192 );
fcx = m_alloc( sizeof *fcx + strlen(fname) );
fcx->fp = fp;
strcpy(fcx->fname, fname );
a->filter = file_filter;
a->filter_ov = fcx;
file_filter( fcx, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &len );
file_filter( fcx, IOBUFCTRL_INIT, NULL, NULL, &len );
if( DBG_IOBUF )
log_debug("iobuf-%d.%d: openrw '%s'\n", a->no, a->subno, a->desc );
return a;
}
/**************** /****************
* Register an i/o filter. * Register an i/o filter.
*/ */
@ -754,7 +780,7 @@ iobuf_seek( IOBUF a, ulong newpos )
log_error("can't seek to %lu: %s\n", newpos, strerror(errno) ); log_error("can't seek to %lu: %s\n", newpos, strerror(errno) );
return -1; return -1;
} }
a->ntotal = newpos;
/* FIXME: flush all buffers (and remove filters?)*/ /* FIXME: flush all buffers (and remove filters?)*/
return 0; return 0;