From fb07f33dfc2b37ccbf2dc8ca9ab684628dd5f5bd Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 26 Dec 2018 14:35:39 +0100 Subject: [PATCH 01/25] bump version --- doc/bn.tex | 2 +- makefile_include.mk | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/bn.tex b/doc/bn.tex index e81d039..7050b3f 100644 --- a/doc/bn.tex +++ b/doc/bn.tex @@ -49,7 +49,7 @@ \begin{document} \frontmatter \pagestyle{empty} -\title{LibTomMath User Manual \\ v1.0.1} +\title{LibTomMath User Manual \\ v1.1.0} \author{LibTom Projects \\ www.libtom.net} \maketitle This text, the library and the accompanying textbook are all hereby placed in the public domain. This book has been diff --git a/makefile_include.mk b/makefile_include.mk index 4814593..7addc82 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,8 +3,8 @@ # #version of library -VERSION=1.0.1 -VERSION_PC=1.0.1 +VERSION=1.1.0-rc1 +VERSION_PC=1.1.0 VERSION_SO=1:1 PLATFORM := $(shell uname | sed -e 's/_.*//') From dd68e313dea66d2023da7e29a114da0f16b2df9e Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 26 Dec 2018 14:35:47 +0100 Subject: [PATCH 02/25] update changes.txt --- changes.txt | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/changes.txt b/changes.txt index 51da801..a7b7f6e 100644 --- a/changes.txt +++ b/changes.txt @@ -1,3 +1,25 @@ +FIXME +v1.1.0 + -- Christoph Zurnieden contributed FIPS 186.4 compliant + prime-checking (PR #113), several other fixes and a load of documentation + -- Daniel Mendler provided two's-complement functions (PR #124) + and mp_{set,get}_double() (PR #123) + -- Francois Perrad took care of linting the sources, provided all fixes and + a astylerc to auto-format the sources. + -- A bunch of patches by Kevin B Kenny have been back-ported from TCL + -- Jan Nijtmans provided the patches to `const`ify all API + function arguments (also from TCL) + -- mp_rand() has now several native random provider implementations + and doesn't rely on `rand()` anymore + -- Karel Miko provided fixes when building for MS Windows + and re-worked the makefile generating process + -- The entire environment and build logic has been extended and improved + regarding auto-detection of platforms, libtool and a lot more + -- Prevent some potential BOF cases + -- Improved/fixed mp_lshd() and mp_invmod() + -- A load more bugs were fixed by various contributors + + Aug 29th, 2017 v1.0.1 -- Dmitry Kovalenko provided fixes to mp_add_d() and mp_init_copy() From 7ac11218caeb72fe79e9ed4b2bb2d97937d39897 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 26 Dec 2018 15:19:07 +0100 Subject: [PATCH 03/25] clarify comment of ltm_rng() --- tommath.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tommath.h b/tommath.h index 555b4e3..78c4cbe 100644 --- a/tommath.h +++ b/tommath.h @@ -281,9 +281,10 @@ int mp_cnt_lsb(const mp_int *a); int mp_rand(mp_int *a, int digits); #ifdef MP_PRNG_ENABLE_LTM_RNG -/* as last resort we will fall back to libtomcrypt's rng_get_bytes() - * in case you don't use libtomcrypt or use it w/o rng_get_bytes() - * you have to implement it somewhere else, as it's required */ +/* A last resort to provide random data on systems without any of the other + * implemented ways to gather entropy. + * It is compatible with `rng_get_bytes()` from libtomcrypt so you could + * provide that one and then set `ltm_rng = rng_get_bytes;` */ extern unsigned long (*ltm_rng)(unsigned char *out, unsigned long outlen, void (*callback)(void)); extern void (*ltm_rng_callback)(void); #endif From 6a9deb79da54885778fb77a11ff537fa6c8daa7e Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 26 Dec 2018 15:44:26 +0100 Subject: [PATCH 04/25] fix & run dep.pl --- bn_mp_exptmod_fast.c | 0 dep.pl | 16 ++++++++++++++++ tommath_class.h | 2 +- 3 files changed, 17 insertions(+), 1 deletion(-) mode change 100755 => 100644 bn_mp_exptmod_fast.c diff --git a/bn_mp_exptmod_fast.c b/bn_mp_exptmod_fast.c old mode 100755 new mode 100644 diff --git a/dep.pl b/dep.pl index 4df5180..4ba7ef5 100644 --- a/dep.pl +++ b/dep.pl @@ -10,6 +10,18 @@ my %deplist; #open class file and write preamble open(my $class, '>', 'tommath_class.h') or die "Couldn't open tommath_class.h for writing\n"; print {$class} << 'EOS'; +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * SPDX-License-Identifier: Unlicense + */ + #if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) #if defined(LTM2) # define LTM3 @@ -125,6 +137,10 @@ print {$class} << 'EOS'; #else # define LTM_LAST #endif + +/* ref: $Format:%D$ */ +/* git commit: $Format:%H$ */ +/* commit time: $Format:%ai$ */ EOS close $class; diff --git a/tommath_class.h b/tommath_class.h index 7dfd838..ff398e5 100644 --- a/tommath_class.h +++ b/tommath_class.h @@ -785,7 +785,7 @@ #if defined(BN_MP_PRIME_STRONG_LUCAS_SELFRIDGE_C) # define BN_MP_PRIME_IS_PRIME_C # define BN_MP_MUL_D_C -# define BN_MP_MUL_SI_C +# define BN_S_MP_MUL_SI_C # define BN_MP_INIT_C # define BN_MP_SET_LONG_C # define BN_MP_MUL_C From d81c3d5f031e48551574a744537fa6b6e1c4d721 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 26 Dec 2018 15:48:12 +0100 Subject: [PATCH 05/25] fix doc/bn.tex --- doc/bn.tex | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/doc/bn.tex b/doc/bn.tex index 7050b3f..79ae8a4 100644 --- a/doc/bn.tex +++ b/doc/bn.tex @@ -1168,7 +1168,7 @@ It is also not very uncommon to need just the power of two $2^b$; for example t \begin{alltt} int mp_2expt(mp_int *a, int b); \end{alltt} -It is faster than doing it by shifting $1$ with \texttt{mp_mul_2d}. +It is faster than doing it by shifting $1$ with \texttt{mp\_mul\_2d}. \subsection{Polynomial Basis Operations} @@ -1680,23 +1680,23 @@ slower than mp\_dr\_reduce but faster for most moduli sizes than the Montgomery Some of the combinations of an arithmetic operations followed by a modular reduction can be done in a faster way. The ones implemented are: -Addition $d = (a + b) \mod c$ +Addition $d = (a + b) \mod c$ \index{mp\_addmod} \begin{alltt} int mp_addmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); \end{alltt} -Subtraction $d = (a - b) \mod c$ +Subtraction $d = (a - b) \mod c$ \begin{alltt} int mp_submod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); \end{alltt} -Multiplication $d = (ab) \mod c$ +Multiplication $d = (ab) \mod c$ \begin{alltt} int mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); \end{alltt} -Squaring $d = (a^2) \mod c$ +Squaring $d = (a^2) \mod c$ \begin{alltt} int mp_sqrmod(const mp_int *a, const mp_int *b, const mp_int *c, mp_int *d); \end{alltt} @@ -1745,7 +1745,7 @@ moduli of the a ``restricted diminished radix'' form lead to the fastest modular and the other two algorithms. \section{Modulus a Power of Two} -\index{mp\_mod_2d} +\index{mp\_mod\_2d} \begin{alltt} int mp_mod_2d(const mp_int *a, int b, mp_int *c) \end{alltt} @@ -1825,7 +1825,7 @@ require ten tests whereas a 1024-bit number would only require four tests. You should always still perform a trial division before a Miller-Rabin test though. A small table, broke in two for typographical reasons, with the number of rounds of Miller-Rabin tests is shown below. -The first column is the number of bits $b$ in the prime $p = 2^b$, the numbers in the first row represent the +The first column is the number of bits $b$ in the prime $p = 2^b$, the numbers in the first row represent the probability that the number that all of the Miller-Rabin tests deemed a pseudoprime is actually a composite. There is a deterministic test for numbers smaller than $2^{80}$. \begin{table}[h] @@ -2009,7 +2009,8 @@ int mp_rand(mp_int *a, int digits) \end{alltt} The function generates a random number of \texttt{digits} bits. -This random number is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, and \texttt{\dev\urandom} on all operating systems that have it. +This random number is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. +It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, and \texttt{\\dev\\urandom} on all operating systems that have it. \chapter{Input and Output} From 648fbcefc777da9a2e51914c7ec0d9b095222bba Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 31 Dec 2018 12:08:12 +0100 Subject: [PATCH 06/25] run make format --- demo/demo.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/demo/demo.c b/demo/demo.c index 0aeae25..863e0f0 100644 --- a/demo/demo.c +++ b/demo/demo.c @@ -717,7 +717,8 @@ int main(void) } /* Check regarding problem #143 */ #ifndef MP_8BIT - mp_read_radix(&a, "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", + mp_read_radix(&a, + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16); mp_prime_strong_lucas_selfridge(&a, &cnt); if (cnt != MP_YES) { From 247e714248535c851a2e27382561fdb3525ffe8d Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 31 Dec 2018 12:13:59 +0100 Subject: [PATCH 07/25] also create versioned PDF's in zipup --- makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/makefile b/makefile index 4e5f0f1..a07c274 100644 --- a/makefile +++ b/makefile @@ -141,6 +141,8 @@ zipup: clean astyle new_file manual poster docs $(MAKE) -C libtommath-$(VERSION)/ pre_gen tar -c libtommath-$(VERSION)/ | xz -6e -c - > ltm-$(VERSION).tar.xz zip -9rq ltm-$(VERSION).zip libtommath-$(VERSION) + cp doc/bn.pdf bn-$(VERSION).pdf + cp doc/tommath.pdf tommath-$(VERSION).pdf rm -rf libtommath-$(VERSION) gpg -b -a ltm-$(VERSION).tar.xz gpg -b -a ltm-$(VERSION).zip From 1e5c97f9bd74f1af51e697071bbfe9843f8093ea Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 8 Jan 2019 12:00:01 +0100 Subject: [PATCH 08/25] Merge pull request #146 from libtom/relicense_mtest Re-license mtest/mpi.[ch] (cherry picked from commit 2d80a97a2b48aa1ac6d8f0df29cc4dd6297b1fba) --- mtest/mpi.c | 4 +++- mtest/mpi.h | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/mtest/mpi.c b/mtest/mpi.c index 47083a3..95c3811 100644 --- a/mtest/mpi.c +++ b/mtest/mpi.c @@ -2,10 +2,12 @@ mpi.c by Michael J. Fromberger - Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved + Copyright (C) 1998 Michael J. Fromberger Arbitrary precision integer arithmetic library + SPDX-License-Identifier: Unlicense + $Id$ */ diff --git a/mtest/mpi.h b/mtest/mpi.h index 5accb52..9a9cc41 100644 --- a/mtest/mpi.h +++ b/mtest/mpi.h @@ -2,10 +2,12 @@ mpi.h by Michael J. Fromberger - Copyright (C) 1998 Michael J. Fromberger, All Rights Reserved + Copyright (C) 1998 Michael J. Fromberger Arbitrary precision integer arithmetic library + SPDX-License-Identifier: Unlicense + $Id$ */ From 4cc85c14a6bc091a2adcaa6f3ab6ef7509094134 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 8 Jan 2019 12:02:40 +0100 Subject: [PATCH 09/25] bump version --- makefile_include.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile_include.mk b/makefile_include.mk index 7addc82..00b40c8 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,7 +3,7 @@ # #version of library -VERSION=1.1.0-rc1 +VERSION=1.1.0-rc2 VERSION_PC=1.1.0 VERSION_SO=1:1 From e4e2da51432c199a0a23bbfb72e5c55358821234 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 15 Jan 2019 16:56:08 +0100 Subject: [PATCH 10/25] Merge pull request #148 from czurnieden/develop added new license and end-comment (cherry picked from commit 75bbbe5956b6f8cf93c6b41ba6ef7c3e56f9840d) --- dep.pl | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) mode change 100644 => 100755 dep.pl diff --git a/dep.pl b/dep.pl old mode 100644 new mode 100755 index 4ba7ef5..f631100 --- a/dep.pl +++ b/dep.pl @@ -30,7 +30,6 @@ print {$class} << 'EOS'; # define LTM2 #endif #define LTM1 - #if defined(LTM_ALL) EOS @@ -59,6 +58,17 @@ EOS print {$out} << "EOS"; #include "tommath_private.h" #ifdef $define +/* LibTomMath, multiple-precision integer library -- Tom St Denis + * + * LibTomMath is a library that provides multiple-precision + * integer arithmetic as well as number theoretic functionality. + * + * The library was designed directly after the MPI library by + * Michael Fromberger but has been written from scratch with + * additional optimizations in place. + * + * SPDX-License-Identifier: Unlicense + */ $line EOS $apply = 1; @@ -71,6 +81,9 @@ EOS if ($apply == 1) { print {$out} << 'EOS'; #endif +/* ref: \$Format:\%D$ */ +/* git commit: \$Format:\%H$ */ +/* commit time: \$Format:\%ai$ */ EOS } close $src; @@ -81,7 +94,6 @@ EOS } print {$class} << 'EOS'; #endif - EOS # now do classes From 1c8c534885d3b2134332a8361250c0b9cc36f20f Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 15 Jan 2019 18:20:24 +0100 Subject: [PATCH 11/25] Merge pull request #147 from czurnieden/moarvm_workarounds workaround for the MoarVM problem with MP_GEN_RAND et al. (cherry picked from commit 11d6e0391421bc996b2cf780f3f4c3fa634001d0) --- bn_mp_rand.c | 6 +++--- doc/bn.tex | 11 ++++++++--- tommath.h | 4 +++- tommath_class.h | 4 +--- 4 files changed, 15 insertions(+), 10 deletions(-) diff --git a/bn_mp_rand.c b/bn_mp_rand.c index b66d1b0..17aa5a2 100644 --- a/bn_mp_rand.c +++ b/bn_mp_rand.c @@ -172,7 +172,7 @@ static int s_rand_digit(mp_digit *p) } /* makes a pseudo-random int of a given size */ -static int s_gen_random(mp_digit *r) +int mp_rand_digit(mp_digit *r) { int ret = s_rand_digit(r); *r &= MP_MASK; @@ -191,7 +191,7 @@ int mp_rand(mp_int *a, int digits) /* first place a random non-zero digit */ do { - if (s_gen_random(&d) != MP_OKAY) { + if (mp_rand_digit(&d) != MP_OKAY) { return MP_VAL; } } while (d == 0u); @@ -205,7 +205,7 @@ int mp_rand(mp_int *a, int digits) return res; } - if (s_gen_random(&d) != MP_OKAY) { + if (mp_rand_digit(&d) != MP_OKAY) { return MP_VAL; } if ((res = mp_add_d(a, d, a)) != MP_OKAY) { diff --git a/doc/bn.tex b/doc/bn.tex index 79ae8a4..69e110d 100644 --- a/doc/bn.tex +++ b/doc/bn.tex @@ -2003,14 +2003,19 @@ mp\_prime\_random(). \chapter{Random Number Generation} \section{PRNG} +\index{mp\_rand\_digit} +\begin{alltt} +int mp_rand_digit(mp_digit *r) +\end{alltt} +This function generates a random number in \texttt{r} of the size given in \texttt{r} (that is, the variable is used for in- and output) but not more than \texttt{MP_MASK} bits. + \index{mp\_rand} \begin{alltt} int mp_rand(mp_int *a, int digits) \end{alltt} -The function generates a random number of \texttt{digits} bits. +This function generates a random number of \texttt{digits} bits. -This random number is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. -It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, and \texttt{\\dev\\urandom} on all operating systems that have it. +The random number generated with these two functions is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, or \texttt{\dev\urandom} on all operating systems that have it. \chapter{Input and Output} diff --git a/tommath.h b/tommath.h index 78c4cbe..ee5da86 100644 --- a/tommath.h +++ b/tommath.h @@ -277,8 +277,10 @@ int mp_cnt_lsb(const mp_int *a); /* I Love Earth! */ -/* makes a pseudo-random int of a given size */ +/* makes a pseudo-random mp_int of a given size */ int mp_rand(mp_int *a, int digits); +/* makes a pseudo-random small int of a given size */ +int mp_rand_digit(mp_digit *r); #ifdef MP_PRNG_ENABLE_LTM_RNG /* A last resort to provide random data on systems without any of the other diff --git a/tommath_class.h b/tommath_class.h index ff398e5..6363042 100644 --- a/tommath_class.h +++ b/tommath_class.h @@ -9,7 +9,6 @@ * * SPDX-License-Identifier: Unlicense */ - #if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) #if defined(LTM2) # define LTM3 @@ -18,7 +17,6 @@ # define LTM2 #endif #define LTM1 - #if defined(LTM_ALL) # define BN_ERROR_C # define BN_FAST_MP_INVMOD_C @@ -160,7 +158,6 @@ # define BN_S_MP_SUB_C # define BNCORE_C #endif - #if defined(BN_ERROR_C) # define BN_MP_ERROR_TO_STRING_C #endif @@ -828,6 +825,7 @@ #endif #if defined(BN_MP_RAND_C) +# define BN_MP_RAND_DIGIT_C # define BN_MP_ZERO_C # define BN_MP_ADD_D_C # define BN_MP_LSHD_C From 20f2b26c1552d880b24d72b1161a862c48f34c8f Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 15 Jan 2019 18:26:40 +0100 Subject: [PATCH 12/25] fix doc/bn.tex (cherry picked from commit e84c0948646dd019ed60c9a703584f9697c64638) --- doc/bn.tex | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/bn.tex b/doc/bn.tex index 69e110d..19268b3 100644 --- a/doc/bn.tex +++ b/doc/bn.tex @@ -2007,7 +2007,7 @@ mp\_prime\_random(). \begin{alltt} int mp_rand_digit(mp_digit *r) \end{alltt} -This function generates a random number in \texttt{r} of the size given in \texttt{r} (that is, the variable is used for in- and output) but not more than \texttt{MP_MASK} bits. +This function generates a random number in \texttt{r} of the size given in \texttt{r} (that is, the variable is used for in- and output) but not more than \texttt{MP\_MASK} bits. \index{mp\_rand} \begin{alltt} @@ -2015,7 +2015,7 @@ int mp_rand(mp_int *a, int digits) \end{alltt} This function generates a random number of \texttt{digits} bits. -The random number generated with these two functions is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, or \texttt{\dev\urandom} on all operating systems that have it. +The random number generated with these two functions is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, or \texttt{\\dev\\urandom} on all operating systems that have it. \chapter{Input and Output} From 662a17090964577e1c7136fa4ba0bdfc2e0aeb7e Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 15 Jan 2019 18:28:31 +0100 Subject: [PATCH 13/25] run `make new_file` --- tommath_class.h | 1 + 1 file changed, 1 insertion(+) diff --git a/tommath_class.h b/tommath_class.h index 6363042..46f9996 100644 --- a/tommath_class.h +++ b/tommath_class.h @@ -9,6 +9,7 @@ * * SPDX-License-Identifier: Unlicense */ + #if !(defined(LTM1) && defined(LTM2) && defined(LTM3)) #if defined(LTM2) # define LTM3 From f9bb011f221e0d758e22c1a2bc82ae4de8ccfcfc Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 17 Jan 2019 11:01:30 +0100 Subject: [PATCH 14/25] fix doc/bn.tex ... again (cherry picked from commit cb4edc7f29db6bafac56d00a38a6b0b5a118b0ca) --- doc/bn.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/bn.tex b/doc/bn.tex index 19268b3..ac84ed3 100644 --- a/doc/bn.tex +++ b/doc/bn.tex @@ -2015,7 +2015,7 @@ int mp_rand(mp_int *a, int digits) \end{alltt} This function generates a random number of \texttt{digits} bits. -The random number generated with these two functions is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, or \texttt{\\dev\\urandom} on all operating systems that have it. +The random number generated with these two functions is cryptographically secure if the source of random numbers the operating systems offers is cryptographically secure. It will use \texttt{arc4random()} if the OS is a BSD flavor, Wincrypt on Windows, or \texttt{/dev/urandom} on all operating systems that have it. \chapter{Input and Output} From 538cace5cd027615440bf54af716116dee6cad7c Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Thu, 17 Jan 2019 11:03:39 +0100 Subject: [PATCH 15/25] bump version --- makefile_include.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile_include.mk b/makefile_include.mk index 00b40c8..3865987 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,7 +3,7 @@ # #version of library -VERSION=1.1.0-rc2 +VERSION=1.1.0-rc3 VERSION_PC=1.1.0 VERSION_SO=1:1 From fcea5e3c35481430ffdc45d6785104871d50e9bf Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 22 Jan 2019 08:59:30 +0100 Subject: [PATCH 16/25] Merge pull request #149 from czurnieden/develop Added overflow check in mp_prime_is_prime and some verbosity in demo.c (cherry picked from commit 55a7af3d62cbbdd174276c4ee8117b57777ce634) --- bn_mp_prime_is_prime.c | 8 ++++-- demo/demo.c | 56 +++++++++++++++++++++++++++++++++--------- 2 files changed, 51 insertions(+), 13 deletions(-) diff --git a/bn_mp_prime_is_prime.c b/bn_mp_prime_is_prime.c index 63d3725..8d96e6a 100644 --- a/bn_mp_prime_is_prime.c +++ b/bn_mp_prime_is_prime.c @@ -305,8 +305,12 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) fips_rand &= mask; } #endif - /* Ceil, because small numbers have a right to live, too, */ - len = (((int)fips_rand + DIGIT_BIT) / DIGIT_BIT); + if (fips_rand > ((unsigned int) INT_MAX - DIGIT_BIT)) { + len = INT_MAX / DIGIT_BIT; + } + else { + len = (((int)fips_rand + DIGIT_BIT) / DIGIT_BIT); + } /* Unlikely. */ if (len < 0) { ix--; diff --git a/demo/demo.c b/demo/demo.c index 863e0f0..642eab7 100644 --- a/demo/demo.c +++ b/demo/demo.c @@ -661,7 +661,7 @@ int main(void) (rand() & 1) ? 0 : LTM_PRIME_2MSB_ON, myrng, NULL); if (err != MP_OKAY) { - printf("failed with err code %d\n", err); + printf("\nfailed with error: %s\n", mp_error_to_string(err)); return EXIT_FAILURE; } if (mp_count_bits(&a) != ix) { @@ -687,9 +687,19 @@ int main(void) mp_set(&a,1u); mp_mul_2d(&a,1119,&a); mp_add_d(&a,53,&a); - mp_prime_is_prime(&a, 8, &cnt); + err = mp_prime_is_prime(&a, 8, &cnt); + /* small problem */ + if (err != MP_OKAY) { + printf("\nfailed with error: %s\n", mp_error_to_string(err)); + } + /* large problem */ if (cnt == MP_NO) { - printf("A certified prime is a prime but mp_prime_is_prime says it not.\n"); + printf("A certified prime is a prime but mp_prime_is_prime says it is not.\n"); + } + if ((err != MP_OKAY) || (cnt == MP_NO)) { + printf("prime tested was: "); + mp_fwrite(&a,16,stdout); + putchar('\n'); return EXIT_FAILURE; } for (ix = 16; ix < 128; ix++) { @@ -699,7 +709,7 @@ int main(void) &a, 8, ix, ((rand() & 1) ? 0 : LTM_PRIME_2MSB_ON) | LTM_PRIME_SAFE, myrng, NULL); if (err != MP_OKAY) { - printf("failed with err code %d\n", err); + printf("\nfailed with error: %s\n", mp_error_to_string(err)); return EXIT_FAILURE; } if (mp_count_bits(&a) != ix) { @@ -707,22 +717,46 @@ int main(void) return EXIT_FAILURE; } /* let's see if it's really a safe prime */ - mp_sub_d(&a, 1uL, &a); - mp_div_2(&a, &a); - mp_prime_is_prime(&a, 8, &cnt); - if (cnt != MP_YES) { - printf("sub is not prime!\n"); + mp_sub_d(&a, 1uL, &b); + mp_div_2(&b, &b); + err = mp_prime_is_prime(&b, 8, &cnt); + /* small problem */ + if (err != MP_OKAY) { + printf("\nfailed with error: %s\n", mp_error_to_string(err)); + } + /* large problem */ + if (cnt == MP_NO) { + printf("\nsub is not prime!\n"); + } + if ((err != MP_OKAY) || (cnt == MP_NO)) { + printf("prime tested was: "); + mp_fwrite(&a,16,stdout); + putchar('\n'); + printf("sub tested was: "); + mp_fwrite(&b,16,stdout); + putchar('\n'); return EXIT_FAILURE; } + } /* Check regarding problem #143 */ #ifndef MP_8BIT mp_read_radix(&a, "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF", 16); - mp_prime_strong_lucas_selfridge(&a, &cnt); - if (cnt != MP_YES) { + err = mp_prime_strong_lucas_selfridge(&a, &cnt); + /* small problem */ + if (err != MP_OKAY) { + printf("\nmp_prime_strong_lucas_selfridge failed with error: %s\n", mp_error_to_string(err)); + } + /* large problem */ + if (cnt == MP_NO) { printf("\n\nissue #143 - mp_prime_strong_lucas_selfridge FAILED!\n"); + } + if ((err != MP_OKAY) || (cnt == MP_NO)) { + printf("prime tested was: "); + mp_fwrite(&a,16,stdout); + putchar('\n'); return EXIT_FAILURE; } #endif From 32622afe2f638a82d0de62f57bafe90e57769797 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 22 Jan 2019 09:03:27 +0100 Subject: [PATCH 17/25] run `make format` --- bn_mp_prime_is_prime.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/bn_mp_prime_is_prime.c b/bn_mp_prime_is_prime.c index 8d96e6a..b5b8987 100644 --- a/bn_mp_prime_is_prime.c +++ b/bn_mp_prime_is_prime.c @@ -307,8 +307,7 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) #endif if (fips_rand > ((unsigned int) INT_MAX - DIGIT_BIT)) { len = INT_MAX / DIGIT_BIT; - } - else { + } else { len = (((int)fips_rand + DIGIT_BIT) / DIGIT_BIT); } /* Unlikely. */ From e543ff319ab338f495663b3c55cf4a22da918562 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Tue, 22 Jan 2019 13:49:36 +0100 Subject: [PATCH 18/25] also bump SO version --- makefile_include.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/makefile_include.mk b/makefile_include.mk index 3865987..8d9c541 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,9 +3,9 @@ # #version of library -VERSION=1.1.0-rc3 +VERSION=1.1.0-rc4 VERSION_PC=1.1.0 -VERSION_SO=1:1 +VERSION_SO=2:0:1 PLATFORM := $(shell uname | sed -e 's/_.*//') From c7f4e81debb5d2a6e9b346b58ad72b184bce665d Mon Sep 17 00:00:00 2001 From: Francois Perrad Date: Tue, 22 Jan 2019 18:17:36 +0100 Subject: [PATCH 19/25] fix cast --- bn_mp_prime_is_prime.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bn_mp_prime_is_prime.c b/bn_mp_prime_is_prime.c index b5b8987..24e1eb2 100644 --- a/bn_mp_prime_is_prime.c +++ b/bn_mp_prime_is_prime.c @@ -305,7 +305,7 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) fips_rand &= mask; } #endif - if (fips_rand > ((unsigned int) INT_MAX - DIGIT_BIT)) { + if (fips_rand > (unsigned int)(INT_MAX - DIGIT_BIT)) { len = INT_MAX / DIGIT_BIT; } else { len = (((int)fips_rand + DIGIT_BIT) / DIGIT_BIT); From 998b126fee1a3379230018c118373eaa214af994 Mon Sep 17 00:00:00 2001 From: Francois Perrad Date: Tue, 22 Jan 2019 18:26:01 +0100 Subject: [PATCH 20/25] explicit operator precedence --- bn_mp_prime_is_prime.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bn_mp_prime_is_prime.c b/bn_mp_prime_is_prime.c index 24e1eb2..15637c8 100644 --- a/bn_mp_prime_is_prime.c +++ b/bn_mp_prime_is_prime.c @@ -71,7 +71,7 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) } #ifdef MP_8BIT /* The search in the loop above was exhaustive in this case */ - if (a->used == 1 && PRIME_SIZE >= 31) { + if ((a->used == 1) && (PRIME_SIZE >= 31)) { return MP_OKAY; } #endif @@ -126,7 +126,7 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) */ #if defined (MP_8BIT) || defined (LTM_USE_FROBENIUS_TEST) err = mp_prime_frobenius_underwood(a, &res); - if (err != MP_OKAY && err != MP_ITER) { + if ((err != MP_OKAY) && (err != MP_ITER)) { goto LBL_B; } if (res == MP_NO) { @@ -296,7 +296,7 @@ int mp_prime_is_prime(const mp_int *a, int t, int *result) * One 8-bit digit is too small, so concatenate two if the size of * unsigned int allows for it. */ - if ((sizeof(unsigned int) * CHAR_BIT)/2 >= (sizeof(mp_digit) * CHAR_BIT)) { + if (((sizeof(unsigned int) * CHAR_BIT)/2) >= (sizeof(mp_digit) * CHAR_BIT)) { if ((err = mp_rand(&b, 1)) != MP_OKAY) { goto LBL_B; } From cac33152539baa16d31cbda58f0bbae23ec1176d Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 23 Jan 2019 10:06:35 +0100 Subject: [PATCH 21/25] mtest make-target should be PHONY --- makefile.shared | 1 + 1 file changed, 1 insertion(+) diff --git a/makefile.shared b/makefile.shared index d5d1818..3955f83 100644 --- a/makefile.shared +++ b/makefile.shared @@ -83,6 +83,7 @@ test_standalone: $(LIBNAME) demo/demo.o $(CC) $(CFLAGS) -c demo/demo.c -o demo/demo.o $(LIBTOOL) --mode=link $(CC) $(LDFLAGS) -o test demo/demo.o $(LIBNAME) +.PHONY: mtest mtest: cd mtest ; $(CC) $(CFLAGS) $(LDFLAGS) mtest.c -o mtest From 5f458dfb95ebfaab722fc88adc757457ec7a15d5 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 23 Jan 2019 10:07:32 +0100 Subject: [PATCH 22/25] bump version --- makefile_include.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile_include.mk b/makefile_include.mk index 8d9c541..6483b10 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,7 +3,7 @@ # #version of library -VERSION=1.1.0-rc4 +VERSION=1.1.0-rc5 VERSION_PC=1.1.0 VERSION_SO=2:0:1 From 7b23243b8e4d272704d1f6d501bc595ed3d92a01 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 23 Jan 2019 10:19:58 +0100 Subject: [PATCH 23/25] finally last bump --- makefile_include.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile_include.mk b/makefile_include.mk index 6483b10..ec2205b 100644 --- a/makefile_include.mk +++ b/makefile_include.mk @@ -3,7 +3,7 @@ # #version of library -VERSION=1.1.0-rc5 +VERSION=1.1.0 VERSION_PC=1.1.0 VERSION_SO=2:0:1 From 343489463e701f0b0c896900ca686132bd2413d1 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 28 Jan 2019 20:21:04 +0100 Subject: [PATCH 24/25] update changes.txt --- changes.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changes.txt b/changes.txt index a7b7f6e..aa0c64c 100644 --- a/changes.txt +++ b/changes.txt @@ -1,4 +1,4 @@ -FIXME +Jan 28th, 2019 v1.1.0 -- Christoph Zurnieden contributed FIPS 186.4 compliant prime-checking (PR #113), several other fixes and a load of documentation From 4330991d33fca0466725adcc8a9520f299386286 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Mon, 28 Jan 2019 20:32:10 +0100 Subject: [PATCH 25/25] also bump VERSION in makefile.unix --- makefile.unix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/makefile.unix b/makefile.unix index a51b973..b89cf47 100644 --- a/makefile.unix +++ b/makefile.unix @@ -21,7 +21,7 @@ RANLIB = ranlib CFLAGS = -O2 LDFLAGS = -VERSION = 1.0.1 +VERSION = 1.1.0 #Compilation flags LTM_CFLAGS = -I. $(CFLAGS)