mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Remove trailing whitespace
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
db98b58736
commit
95de34a10a
@ -1962,7 +1962,7 @@ static void ieee802_1x_rekey(void *eloop_ctx, void *timeout_ctx)
|
|||||||
|
|
||||||
wpa_printf(MSG_DEBUG, "IEEE 802.1X: New default WEP key index %d",
|
wpa_printf(MSG_DEBUG, "IEEE 802.1X: New default WEP key index %d",
|
||||||
eapol->default_wep_key_idx);
|
eapol->default_wep_key_idx);
|
||||||
|
|
||||||
if (ieee802_1x_rekey_broadcast(hapd)) {
|
if (ieee802_1x_rekey_broadcast(hapd)) {
|
||||||
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
|
hostapd_logger(hapd, NULL, HOSTAPD_MODULE_IEEE8021X,
|
||||||
HOSTAPD_LEVEL_WARNING, "failed to generate a "
|
HOSTAPD_LEVEL_WARNING, "failed to generate a "
|
||||||
|
|||||||
@ -48,7 +48,7 @@
|
|||||||
|
|
||||||
static const u32 bytebit[8] =
|
static const u32 bytebit[8] =
|
||||||
{
|
{
|
||||||
0200, 0100, 040, 020, 010, 04, 02, 01
|
0200, 0100, 040, 020, 010, 04, 02, 01
|
||||||
};
|
};
|
||||||
|
|
||||||
static const u32 bigbyte[24] =
|
static const u32 bigbyte[24] =
|
||||||
@ -58,22 +58,22 @@ static const u32 bigbyte[24] =
|
|||||||
0x8000UL, 0x4000UL, 0x2000UL, 0x1000UL,
|
0x8000UL, 0x4000UL, 0x2000UL, 0x1000UL,
|
||||||
0x800UL, 0x400UL, 0x200UL, 0x100UL,
|
0x800UL, 0x400UL, 0x200UL, 0x100UL,
|
||||||
0x80UL, 0x40UL, 0x20UL, 0x10UL,
|
0x80UL, 0x40UL, 0x20UL, 0x10UL,
|
||||||
0x8UL, 0x4UL, 0x2UL, 0x1L
|
0x8UL, 0x4UL, 0x2UL, 0x1L
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Use the key schedule specific in the standard (ANSI X3.92-1981) */
|
/* Use the key schedule specific in the standard (ANSI X3.92-1981) */
|
||||||
|
|
||||||
static const u8 pc1[56] = {
|
static const u8 pc1[56] = {
|
||||||
56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17,
|
56, 48, 40, 32, 24, 16, 8, 0, 57, 49, 41, 33, 25, 17,
|
||||||
9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35,
|
9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35,
|
||||||
62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
|
62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21,
|
||||||
13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3
|
13, 5, 60, 52, 44, 36, 28, 20, 12, 4, 27, 19, 11, 3
|
||||||
};
|
};
|
||||||
|
|
||||||
static const u8 totrot[16] = {
|
static const u8 totrot[16] = {
|
||||||
1, 2, 4, 6,
|
1, 2, 4, 6,
|
||||||
8, 10, 12, 14,
|
8, 10, 12, 14,
|
||||||
15, 17, 19, 21,
|
15, 17, 19, 21,
|
||||||
23, 25, 27, 28
|
23, 25, 27, 28
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@ -53,7 +53,7 @@ By Steve Reid <sreid@sea-to-sky.net>
|
|||||||
100% Public Domain
|
100% Public Domain
|
||||||
|
|
||||||
-----------------
|
-----------------
|
||||||
Modified 7/98
|
Modified 7/98
|
||||||
By James H. Brown <jbrown@burgoyne.com>
|
By James H. Brown <jbrown@burgoyne.com>
|
||||||
Still 100% Public Domain
|
Still 100% Public Domain
|
||||||
|
|
||||||
@ -75,7 +75,7 @@ Since the file IO in main() reads 16K at a time, any file 8K or larger would
|
|||||||
be guaranteed to generate the wrong hash (e.g. Test Vector #3, a million
|
be guaranteed to generate the wrong hash (e.g. Test Vector #3, a million
|
||||||
"a"s).
|
"a"s).
|
||||||
|
|
||||||
I also changed the declaration of variables i & j in SHA1Update to
|
I also changed the declaration of variables i & j in SHA1Update to
|
||||||
unsigned long from unsigned int for the same reason.
|
unsigned long from unsigned int for the same reason.
|
||||||
|
|
||||||
These changes should make no difference to any 32 bit implementations since
|
These changes should make no difference to any 32 bit implementations since
|
||||||
@ -102,7 +102,7 @@ Still 100% public domain
|
|||||||
Modified 4/01
|
Modified 4/01
|
||||||
By Saul Kravitz <Saul.Kravitz@celera.com>
|
By Saul Kravitz <Saul.Kravitz@celera.com>
|
||||||
Still 100% PD
|
Still 100% PD
|
||||||
Modified to run on Compaq Alpha hardware.
|
Modified to run on Compaq Alpha hardware.
|
||||||
|
|
||||||
-----------------
|
-----------------
|
||||||
Modified 4/01
|
Modified 4/01
|
||||||
@ -162,7 +162,7 @@ void SHAPrintContext(SHA1_CTX *context, char *msg)
|
|||||||
{
|
{
|
||||||
printf("%s (%d,%d) %x %x %x %x %x\n",
|
printf("%s (%d,%d) %x %x %x %x %x\n",
|
||||||
msg,
|
msg,
|
||||||
context->count[0], context->count[1],
|
context->count[0], context->count[1],
|
||||||
context->state[0],
|
context->state[0],
|
||||||
context->state[1],
|
context->state[1],
|
||||||
context->state[2],
|
context->state[2],
|
||||||
|
|||||||
@ -69,7 +69,7 @@ static const unsigned long K[64] = {
|
|||||||
( ((((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) ((y) & 31)) | \
|
( ((((unsigned long) (x) & 0xFFFFFFFFUL) >> (unsigned long) ((y) & 31)) | \
|
||||||
((unsigned long) (x) << (unsigned long) (32 - ((y) & 31)))) & 0xFFFFFFFFUL)
|
((unsigned long) (x) << (unsigned long) (32 - ((y) & 31)))) & 0xFFFFFFFFUL)
|
||||||
#define Ch(x,y,z) (z ^ (x & (y ^ z)))
|
#define Ch(x,y,z) (z ^ (x & (y ^ z)))
|
||||||
#define Maj(x,y,z) (((x | y) & z) | (x & y))
|
#define Maj(x,y,z) (((x | y) & z) | (x & y))
|
||||||
#define S(x, n) RORc((x), (n))
|
#define S(x, n) RORc((x), (n))
|
||||||
#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
|
#define R(x, n) (((x)&0xFFFFFFFFUL)>>(n))
|
||||||
#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
|
#define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22))
|
||||||
@ -100,7 +100,7 @@ static int sha256_compress(struct sha256_state *md, unsigned char *buf)
|
|||||||
for (i = 16; i < 64; i++) {
|
for (i = 16; i < 64; i++) {
|
||||||
W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) +
|
W[i] = Gamma1(W[i - 2]) + W[i - 7] + Gamma0(W[i - 15]) +
|
||||||
W[i - 16];
|
W[i - 16];
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Compress */
|
/* Compress */
|
||||||
#define RND(a,b,c,d,e,f,g,h,i) \
|
#define RND(a,b,c,d,e,f,g,h,i) \
|
||||||
@ -111,7 +111,7 @@ static int sha256_compress(struct sha256_state *md, unsigned char *buf)
|
|||||||
|
|
||||||
for (i = 0; i < 64; ++i) {
|
for (i = 0; i < 64; ++i) {
|
||||||
RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
|
RND(S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i);
|
||||||
t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
|
t = S[7]; S[7] = S[6]; S[6] = S[5]; S[5] = S[4];
|
||||||
S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
|
S[4] = S[3]; S[3] = S[2]; S[2] = S[1]; S[1] = S[0]; S[0] = t;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -402,7 +402,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* TODO: gnutls_certificate_set_verify_flags(xcred, flags);
|
/* TODO: gnutls_certificate_set_verify_flags(xcred, flags);
|
||||||
* to force peer validation(?) */
|
* to force peer validation(?) */
|
||||||
|
|
||||||
if (params->ca_cert) {
|
if (params->ca_cert) {
|
||||||
|
|||||||
@ -726,7 +726,7 @@ bsd_get_seqnum(const char *ifname, void *priv, const u8 *addr, int idx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
bsd_flush(void *priv)
|
bsd_flush(void *priv)
|
||||||
{
|
{
|
||||||
u8 allsta[IEEE80211_ADDR_LEN];
|
u8 allsta[IEEE80211_ADDR_LEN];
|
||||||
|
|||||||
@ -97,7 +97,7 @@ static int wpa_priv_cmd(struct wpa_driver_privsep_data *drv, int cmd,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int wpa_driver_privsep_scan(void *priv,
|
static int wpa_driver_privsep_scan(void *priv,
|
||||||
struct wpa_driver_scan_params *params)
|
struct wpa_driver_scan_params *params)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -79,7 +79,7 @@ void eap_fast_derive_master_secret(const u8 *pac_key, const u8 *server_random,
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* RFC 4851, Section 5.1:
|
* RFC 4851, Section 5.1:
|
||||||
* master_secret = T-PRF(PAC-Key, "PAC to master secret label hash",
|
* master_secret = T-PRF(PAC-Key, "PAC to master secret label hash",
|
||||||
* server_random + client_random, 48)
|
* server_random + client_random, 48)
|
||||||
*/
|
*/
|
||||||
os_memcpy(seed, server_random, TLS_RANDOM_LEN);
|
os_memcpy(seed, server_random, TLS_RANDOM_LEN);
|
||||||
|
|||||||
@ -1082,7 +1082,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
|
|||||||
eap_peer_tls_derive_key(sm, &data->ssl, label,
|
eap_peer_tls_derive_key(sm, &data->ssl, label,
|
||||||
EAP_TLS_KEY_LEN);
|
EAP_TLS_KEY_LEN);
|
||||||
if (data->key_data) {
|
if (data->key_data) {
|
||||||
wpa_hexdump_key(MSG_DEBUG,
|
wpa_hexdump_key(MSG_DEBUG,
|
||||||
"EAP-PEAP: Derived key",
|
"EAP-PEAP: Derived key",
|
||||||
data->key_data,
|
data->key_data,
|
||||||
EAP_TLS_KEY_LEN);
|
EAP_TLS_KEY_LEN);
|
||||||
|
|||||||
@ -1537,7 +1537,7 @@ static int eap_ttls_process_handshake(struct eap_sm *sm,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static void eap_ttls_check_auth_status(struct eap_sm *sm,
|
static void eap_ttls_check_auth_status(struct eap_sm *sm,
|
||||||
struct eap_ttls_data *data,
|
struct eap_ttls_data *data,
|
||||||
struct eap_method_ret *ret)
|
struct eap_method_ret *ret)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -561,7 +561,7 @@ static int eap_fast_phase1_done(struct eap_sm *sm, struct eap_fast_data *data)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
data->anon_provisioning = os_strstr(cipher, "ADH") != NULL;
|
data->anon_provisioning = os_strstr(cipher, "ADH") != NULL;
|
||||||
|
|
||||||
if (data->anon_provisioning) {
|
if (data->anon_provisioning) {
|
||||||
wpa_printf(MSG_DEBUG, "EAP-FAST: Anonymous provisioning");
|
wpa_printf(MSG_DEBUG, "EAP-FAST: Anonymous provisioning");
|
||||||
eap_fast_derive_key_provisioning(sm, data);
|
eap_fast_derive_key_provisioning(sm, data);
|
||||||
@ -789,7 +789,7 @@ static struct wpabuf * eap_fast_build_pac(struct eap_sm *sm,
|
|||||||
|
|
||||||
/* A-ID (inside PAC-Info) */
|
/* A-ID (inside PAC-Info) */
|
||||||
eap_fast_put_tlv(buf, PAC_TYPE_A_ID, data->srv_id, data->srv_id_len);
|
eap_fast_put_tlv(buf, PAC_TYPE_A_ID, data->srv_id, data->srv_id_len);
|
||||||
|
|
||||||
/* Note: headers may be misaligned after A-ID */
|
/* Note: headers may be misaligned after A-ID */
|
||||||
|
|
||||||
if (sm->identity) {
|
if (sm->identity) {
|
||||||
|
|||||||
@ -95,7 +95,7 @@ struct eapol_sm {
|
|||||||
SUPP_BE_RECEIVE = 4,
|
SUPP_BE_RECEIVE = 4,
|
||||||
SUPP_BE_RESPONSE = 5,
|
SUPP_BE_RESPONSE = 5,
|
||||||
SUPP_BE_FAIL = 6,
|
SUPP_BE_FAIL = 6,
|
||||||
SUPP_BE_TIMEOUT = 7,
|
SUPP_BE_TIMEOUT = 7,
|
||||||
SUPP_BE_SUCCESS = 8
|
SUPP_BE_SUCCESS = 8
|
||||||
} SUPP_BE_state; /* dot1xSuppBackendPaeState */
|
} SUPP_BE_state; /* dot1xSuppBackendPaeState */
|
||||||
/* Variables */
|
/* Variables */
|
||||||
|
|||||||
@ -51,7 +51,7 @@ static int wpa_priv_cmd(struct l2_packet_data *l2, int cmd,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr)
|
int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr)
|
||||||
{
|
{
|
||||||
os_memcpy(addr, l2->own_addr, ETH_ALEN);
|
os_memcpy(addr, l2->own_addr, ETH_ALEN);
|
||||||
@ -258,7 +258,7 @@ void l2_packet_deinit(struct l2_packet_data *l2)
|
|||||||
unlink(l2->own_socket_path);
|
unlink(l2->own_socket_path);
|
||||||
os_free(l2->own_socket_path);
|
os_free(l2->own_socket_path);
|
||||||
}
|
}
|
||||||
|
|
||||||
os_free(l2);
|
os_free(l2);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -210,7 +210,7 @@ static const struct radius_attr_type radius_attrs[] =
|
|||||||
{ RADIUS_ATTR_ACCT_MULTI_SESSION_ID, "Acct-Multi-Session-Id",
|
{ RADIUS_ATTR_ACCT_MULTI_SESSION_ID, "Acct-Multi-Session-Id",
|
||||||
RADIUS_ATTR_TEXT },
|
RADIUS_ATTR_TEXT },
|
||||||
{ RADIUS_ATTR_ACCT_LINK_COUNT, "Acct-Link-Count", RADIUS_ATTR_INT32 },
|
{ RADIUS_ATTR_ACCT_LINK_COUNT, "Acct-Link-Count", RADIUS_ATTR_INT32 },
|
||||||
{ RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, "Acct-Input-Gigawords",
|
{ RADIUS_ATTR_ACCT_INPUT_GIGAWORDS, "Acct-Input-Gigawords",
|
||||||
RADIUS_ATTR_INT32 },
|
RADIUS_ATTR_INT32 },
|
||||||
{ RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS, "Acct-Output-Gigawords",
|
{ RADIUS_ATTR_ACCT_OUTPUT_GIGAWORDS, "Acct-Output-Gigawords",
|
||||||
RADIUS_ATTR_INT32 },
|
RADIUS_ATTR_INT32 },
|
||||||
|
|||||||
@ -1062,7 +1062,7 @@ static int radius_server_request(struct radius_server_data *data,
|
|||||||
"message");
|
"message");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
eap = radius_msg_get_eap(msg);
|
eap = radius_msg_get_eap(msg);
|
||||||
if (eap == NULL && sess->macacl) {
|
if (eap == NULL && sess->macacl) {
|
||||||
reply = radius_server_macacl(data, client, sess, msg);
|
reply = radius_server_macacl(data, client, sess, msg);
|
||||||
|
|||||||
@ -25,7 +25,7 @@ struct wpa_sm_ctx {
|
|||||||
|
|
||||||
void (*set_state)(void *ctx, enum wpa_states state);
|
void (*set_state)(void *ctx, enum wpa_states state);
|
||||||
enum wpa_states (*get_state)(void *ctx);
|
enum wpa_states (*get_state)(void *ctx);
|
||||||
void (*deauthenticate)(void * ctx, int reason_code);
|
void (*deauthenticate)(void * ctx, int reason_code);
|
||||||
int (*set_key)(void *ctx, enum wpa_alg alg,
|
int (*set_key)(void *ctx, enum wpa_alg alg,
|
||||||
const u8 *addr, int key_idx, int set_tx,
|
const u8 *addr, int key_idx, int set_tx,
|
||||||
const u8 *seq, size_t seq_len,
|
const u8 *seq, size_t seq_len,
|
||||||
|
|||||||
@ -116,7 +116,7 @@ typedef int mp_err;
|
|||||||
#define MP_PREC 32 /* default digits of precision */
|
#define MP_PREC 32 /* default digits of precision */
|
||||||
#else
|
#else
|
||||||
#define MP_PREC 8 /* default digits of precision */
|
#define MP_PREC 8 /* default digits of precision */
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
|
/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
|
||||||
@ -274,8 +274,8 @@ static int s_mp_add (mp_int * a, mp_int * b, mp_int * c)
|
|||||||
*tmpc++ &= MP_MASK;
|
*tmpc++ &= MP_MASK;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* now copy higher words if any, that is in A+B
|
/* now copy higher words if any, that is in A+B
|
||||||
* if A or B has more digits add those in
|
* if A or B has more digits add those in
|
||||||
*/
|
*/
|
||||||
if (min != max) {
|
if (min != max) {
|
||||||
for (; i < max; i++) {
|
for (; i < max; i++) {
|
||||||
@ -499,29 +499,29 @@ static int mp_mul (mp_int * a, mp_int * b, mp_int * c)
|
|||||||
#ifdef BN_MP_TOOM_MUL_C
|
#ifdef BN_MP_TOOM_MUL_C
|
||||||
if (MIN (a->used, b->used) >= TOOM_MUL_CUTOFF) {
|
if (MIN (a->used, b->used) >= TOOM_MUL_CUTOFF) {
|
||||||
res = mp_toom_mul(a, b, c);
|
res = mp_toom_mul(a, b, c);
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
#ifdef BN_MP_KARATSUBA_MUL_C
|
#ifdef BN_MP_KARATSUBA_MUL_C
|
||||||
/* use Karatsuba? */
|
/* use Karatsuba? */
|
||||||
if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) {
|
if (MIN (a->used, b->used) >= KARATSUBA_MUL_CUTOFF) {
|
||||||
res = mp_karatsuba_mul (a, b, c);
|
res = mp_karatsuba_mul (a, b, c);
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
/* can we use the fast multiplier?
|
/* can we use the fast multiplier?
|
||||||
*
|
*
|
||||||
* The fast multiplier can be used if the output will
|
* The fast multiplier can be used if the output will
|
||||||
* have less than MP_WARRAY digits and the number of
|
* have less than MP_WARRAY digits and the number of
|
||||||
* digits won't affect carry propagation
|
* digits won't affect carry propagation
|
||||||
*/
|
*/
|
||||||
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
||||||
int digs = a->used + b->used + 1;
|
int digs = a->used + b->used + 1;
|
||||||
|
|
||||||
if ((digs < MP_WARRAY) &&
|
if ((digs < MP_WARRAY) &&
|
||||||
MIN(a->used, b->used) <=
|
MIN(a->used, b->used) <=
|
||||||
(1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
(1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
||||||
res = fast_s_mp_mul_digs (a, b, c, digs);
|
res = fast_s_mp_mul_digs (a, b, c, digs);
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
#ifdef BN_S_MP_MUL_DIGS_C
|
#ifdef BN_S_MP_MUL_DIGS_C
|
||||||
res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */
|
res = s_mp_mul (a, b, c); /* uses s_mp_mul_digs */
|
||||||
@ -629,7 +629,7 @@ static int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
|
|||||||
err = mp_exptmod(&tmpG, &tmpX, P, Y);
|
err = mp_exptmod(&tmpG, &tmpX, P, Y);
|
||||||
mp_clear_multi(&tmpG, &tmpX, NULL);
|
mp_clear_multi(&tmpG, &tmpX, NULL);
|
||||||
return err;
|
return err;
|
||||||
#else
|
#else
|
||||||
#error mp_exptmod would always fail
|
#error mp_exptmod would always fail
|
||||||
/* no invmod */
|
/* no invmod */
|
||||||
return MP_VAL;
|
return MP_VAL;
|
||||||
@ -658,7 +658,7 @@ static int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
|
|||||||
dr = mp_reduce_is_2k(P) << 1;
|
dr = mp_reduce_is_2k(P) << 1;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* if the modulus is odd or dr != 0 use the montgomery method */
|
/* if the modulus is odd or dr != 0 use the montgomery method */
|
||||||
#ifdef BN_MP_EXPTMOD_FAST_C
|
#ifdef BN_MP_EXPTMOD_FAST_C
|
||||||
if (mp_isodd (P) == 1 || dr != 0) {
|
if (mp_isodd (P) == 1 || dr != 0) {
|
||||||
@ -693,7 +693,7 @@ static int mp_cmp (mp_int * a, mp_int * b)
|
|||||||
return MP_GT;
|
return MP_GT;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* compare digits */
|
/* compare digits */
|
||||||
if (a->sign == MP_NEG) {
|
if (a->sign == MP_NEG) {
|
||||||
/* if negative compare opposite direction */
|
/* if negative compare opposite direction */
|
||||||
@ -779,7 +779,7 @@ static int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* init temps */
|
/* init temps */
|
||||||
if ((res = mp_init_multi(&x, &y, &u, &v,
|
if ((res = mp_init_multi(&x, &y, &u, &v,
|
||||||
&A, &B, &C, &D, NULL)) != MP_OKAY) {
|
&A, &B, &C, &D, NULL)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
@ -906,14 +906,14 @@ top:
|
|||||||
goto LBL_ERR;
|
goto LBL_ERR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* too big */
|
/* too big */
|
||||||
while (mp_cmp_mag(&C, b) != MP_LT) {
|
while (mp_cmp_mag(&C, b) != MP_LT) {
|
||||||
if ((res = mp_sub(&C, b, &C)) != MP_OKAY) {
|
if ((res = mp_sub(&C, b, &C)) != MP_OKAY) {
|
||||||
goto LBL_ERR;
|
goto LBL_ERR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* C is now the inverse */
|
/* C is now the inverse */
|
||||||
mp_exch (&C, c);
|
mp_exch (&C, c);
|
||||||
res = MP_OKAY;
|
res = MP_OKAY;
|
||||||
@ -933,7 +933,7 @@ static int mp_cmp_mag (mp_int * a, mp_int * b)
|
|||||||
if (a->used > b->used) {
|
if (a->used > b->used) {
|
||||||
return MP_GT;
|
return MP_GT;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (a->used < b->used) {
|
if (a->used < b->used) {
|
||||||
return MP_LT;
|
return MP_LT;
|
||||||
}
|
}
|
||||||
@ -1199,8 +1199,8 @@ static void mp_rshd (mp_int * a, int b)
|
|||||||
/* top [offset into digits] */
|
/* top [offset into digits] */
|
||||||
top = a->dp + b;
|
top = a->dp + b;
|
||||||
|
|
||||||
/* this is implemented as a sliding window where
|
/* this is implemented as a sliding window where
|
||||||
* the window is b-digits long and digits from
|
* the window is b-digits long and digits from
|
||||||
* the top of the window are copied to the bottom
|
* the top of the window are copied to the bottom
|
||||||
*
|
*
|
||||||
* e.g.
|
* e.g.
|
||||||
@ -1218,13 +1218,13 @@ static void mp_rshd (mp_int * a, int b)
|
|||||||
*bottom++ = 0;
|
*bottom++ = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* remove excess digits */
|
/* remove excess digits */
|
||||||
a->used -= b;
|
a->used -= b;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* swap the elements of two integers, for cases where you can't simply swap the
|
/* swap the elements of two integers, for cases where you can't simply swap the
|
||||||
* mp_int pointers around
|
* mp_int pointers around
|
||||||
*/
|
*/
|
||||||
static void mp_exch (mp_int * a, mp_int * b)
|
static void mp_exch (mp_int * a, mp_int * b)
|
||||||
@ -1237,7 +1237,7 @@ static void mp_exch (mp_int * a, mp_int * b)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* trim unused digits
|
/* trim unused digits
|
||||||
*
|
*
|
||||||
* This is used to ensure that leading zero digits are
|
* This is used to ensure that leading zero digits are
|
||||||
* trimed and the leading "used" digit will be non-zero
|
* trimed and the leading "used" digit will be non-zero
|
||||||
@ -1298,7 +1298,7 @@ static int mp_grow (mp_int * a, int size)
|
|||||||
|
|
||||||
|
|
||||||
#ifdef BN_MP_ABS_C
|
#ifdef BN_MP_ABS_C
|
||||||
/* b = |a|
|
/* b = |a|
|
||||||
*
|
*
|
||||||
* Simple function copies the input and fixes the sign to positive
|
* Simple function copies the input and fixes the sign to positive
|
||||||
*/
|
*/
|
||||||
@ -1434,7 +1434,7 @@ static int mp_mul_2d (mp_int * a, int b, mp_int * c)
|
|||||||
/* set the carry to the carry bits of the current word */
|
/* set the carry to the carry bits of the current word */
|
||||||
r = rr;
|
r = rr;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* set final carry */
|
/* set final carry */
|
||||||
if (r != 0) {
|
if (r != 0) {
|
||||||
c->dp[(c->used)++] = r;
|
c->dp[(c->used)++] = r;
|
||||||
@ -1446,7 +1446,7 @@ static int mp_mul_2d (mp_int * a, int b, mp_int * c)
|
|||||||
|
|
||||||
|
|
||||||
#ifdef BN_MP_INIT_MULTI_C
|
#ifdef BN_MP_INIT_MULTI_C
|
||||||
static int mp_init_multi(mp_int *mp, ...)
|
static int mp_init_multi(mp_int *mp, ...)
|
||||||
{
|
{
|
||||||
mp_err res = MP_OKAY; /* Assume ok until proven otherwise */
|
mp_err res = MP_OKAY; /* Assume ok until proven otherwise */
|
||||||
int n = 0; /* Number of ok inits */
|
int n = 0; /* Number of ok inits */
|
||||||
@ -1460,11 +1460,11 @@ static int mp_init_multi(mp_int *mp, ...)
|
|||||||
succeeded in init-ing, then return error.
|
succeeded in init-ing, then return error.
|
||||||
*/
|
*/
|
||||||
va_list clean_args;
|
va_list clean_args;
|
||||||
|
|
||||||
/* end the current list */
|
/* end the current list */
|
||||||
va_end(args);
|
va_end(args);
|
||||||
|
|
||||||
/* now start cleaning up */
|
/* now start cleaning up */
|
||||||
cur_arg = mp;
|
cur_arg = mp;
|
||||||
va_start(clean_args, mp);
|
va_start(clean_args, mp);
|
||||||
while (n--) {
|
while (n--) {
|
||||||
@ -1484,7 +1484,7 @@ static int mp_init_multi(mp_int *mp, ...)
|
|||||||
|
|
||||||
|
|
||||||
#ifdef BN_MP_CLEAR_MULTI_C
|
#ifdef BN_MP_CLEAR_MULTI_C
|
||||||
static void mp_clear_multi(mp_int *mp, ...)
|
static void mp_clear_multi(mp_int *mp, ...)
|
||||||
{
|
{
|
||||||
mp_int* next_mp = mp;
|
mp_int* next_mp = mp;
|
||||||
va_list args;
|
va_list args;
|
||||||
@ -1558,7 +1558,7 @@ static int mp_count_bits (mp_int * a)
|
|||||||
|
|
||||||
/* get number of digits and add that */
|
/* get number of digits and add that */
|
||||||
r = (a->used - 1) * DIGIT_BIT;
|
r = (a->used - 1) * DIGIT_BIT;
|
||||||
|
|
||||||
/* take the last digit and count the bits in it */
|
/* take the last digit and count the bits in it */
|
||||||
q = a->dp[a->used - 1];
|
q = a->dp[a->used - 1];
|
||||||
while (q > ((mp_digit) 0)) {
|
while (q > ((mp_digit) 0)) {
|
||||||
@ -1628,7 +1628,7 @@ static int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
}
|
}
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* init our temps */
|
/* init our temps */
|
||||||
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
if ((res = mp_init_multi(&ta, &tb, &tq, &q, NULL)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
@ -1638,7 +1638,7 @@ static int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
mp_set(&tq, 1);
|
mp_set(&tq, 1);
|
||||||
n = mp_count_bits(a) - mp_count_bits(b);
|
n = mp_count_bits(a) - mp_count_bits(b);
|
||||||
if (((res = mp_abs(a, &ta)) != MP_OKAY) ||
|
if (((res = mp_abs(a, &ta)) != MP_OKAY) ||
|
||||||
((res = mp_abs(b, &tb)) != MP_OKAY) ||
|
((res = mp_abs(b, &tb)) != MP_OKAY) ||
|
||||||
((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) ||
|
((res = mp_mul_2d(&tb, n, &tb)) != MP_OKAY) ||
|
||||||
((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) {
|
((res = mp_mul_2d(&tq, n, &tq)) != MP_OKAY)) {
|
||||||
goto LBL_ERR;
|
goto LBL_ERR;
|
||||||
@ -1675,17 +1675,17 @@ LBL_ERR:
|
|||||||
|
|
||||||
#else
|
#else
|
||||||
|
|
||||||
/* integer signed division.
|
/* integer signed division.
|
||||||
* c*b + d == a [e.g. a/b, c=quotient, d=remainder]
|
* c*b + d == a [e.g. a/b, c=quotient, d=remainder]
|
||||||
* HAC pp.598 Algorithm 14.20
|
* HAC pp.598 Algorithm 14.20
|
||||||
*
|
*
|
||||||
* Note that the description in HAC is horribly
|
* Note that the description in HAC is horribly
|
||||||
* incomplete. For example, it doesn't consider
|
* incomplete. For example, it doesn't consider
|
||||||
* the case where digits are removed from 'x' in
|
* the case where digits are removed from 'x' in
|
||||||
* the inner loop. It also doesn't consider the
|
* the inner loop. It also doesn't consider the
|
||||||
* case that y has fewer than three digits, etc..
|
* case that y has fewer than three digits, etc..
|
||||||
*
|
*
|
||||||
* The overall algorithm is as described as
|
* The overall algorithm is as described as
|
||||||
* 14.20 from HAC but fixed to treat these cases.
|
* 14.20 from HAC but fixed to treat these cases.
|
||||||
*/
|
*/
|
||||||
static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
||||||
@ -1775,7 +1775,7 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* step 3.1 if xi == yt then set q{i-t-1} to b-1,
|
/* step 3.1 if xi == yt then set q{i-t-1} to b-1,
|
||||||
* otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
|
* otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */
|
||||||
if (x.dp[i] == y.dp[t]) {
|
if (x.dp[i] == y.dp[t]) {
|
||||||
q.dp[i - t - 1] = ((((mp_digit)1) << DIGIT_BIT) - 1);
|
q.dp[i - t - 1] = ((((mp_digit)1) << DIGIT_BIT) - 1);
|
||||||
@ -1789,10 +1789,10 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
q.dp[i - t - 1] = (mp_digit) (tmp & (mp_word) (MP_MASK));
|
q.dp[i - t - 1] = (mp_digit) (tmp & (mp_word) (MP_MASK));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* while (q{i-t-1} * (yt * b + y{t-1})) >
|
/* while (q{i-t-1} * (yt * b + y{t-1})) >
|
||||||
xi * b**2 + xi-1 * b + xi-2
|
xi * b**2 + xi-1 * b + xi-2
|
||||||
|
|
||||||
do q{i-t-1} -= 1;
|
do q{i-t-1} -= 1;
|
||||||
*/
|
*/
|
||||||
q.dp[i - t - 1] = (q.dp[i - t - 1] + 1) & MP_MASK;
|
q.dp[i - t - 1] = (q.dp[i - t - 1] + 1) & MP_MASK;
|
||||||
do {
|
do {
|
||||||
@ -1843,10 +1843,10 @@ static int mp_div (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* now q is the quotient and x is the remainder
|
/* now q is the quotient and x is the remainder
|
||||||
* [which we have to normalize]
|
* [which we have to normalize]
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* get sign before writing to c */
|
/* get sign before writing to c */
|
||||||
x.sign = x.used == 0 ? MP_ZPOS : a->sign;
|
x.sign = x.used == 0 ? MP_ZPOS : a->sign;
|
||||||
|
|
||||||
@ -1914,7 +1914,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red
|
|||||||
/* init M array */
|
/* init M array */
|
||||||
/* init first cell */
|
/* init first cell */
|
||||||
if ((err = mp_init(&M[1])) != MP_OKAY) {
|
if ((err = mp_init(&M[1])) != MP_OKAY) {
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* now init the second half of the array */
|
/* now init the second half of the array */
|
||||||
@ -1932,7 +1932,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red
|
|||||||
if ((err = mp_init (&mu)) != MP_OKAY) {
|
if ((err = mp_init (&mu)) != MP_OKAY) {
|
||||||
goto LBL_M;
|
goto LBL_M;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (redmode == 0) {
|
if (redmode == 0) {
|
||||||
if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
|
if ((err = mp_reduce_setup (&mu, P)) != MP_OKAY) {
|
||||||
goto LBL_MU;
|
goto LBL_MU;
|
||||||
@ -1943,22 +1943,22 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red
|
|||||||
goto LBL_MU;
|
goto LBL_MU;
|
||||||
}
|
}
|
||||||
redux = mp_reduce_2k_l;
|
redux = mp_reduce_2k_l;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* create M table
|
/* create M table
|
||||||
*
|
*
|
||||||
* The M table contains powers of the base,
|
* The M table contains powers of the base,
|
||||||
* e.g. M[x] = G**x mod P
|
* e.g. M[x] = G**x mod P
|
||||||
*
|
*
|
||||||
* The first half of the table is not
|
* The first half of the table is not
|
||||||
* computed though accept for M[0] and M[1]
|
* computed though accept for M[0] and M[1]
|
||||||
*/
|
*/
|
||||||
if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) {
|
if ((err = mp_mod (G, P, &M[1])) != MP_OKAY) {
|
||||||
goto LBL_MU;
|
goto LBL_MU;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* compute the value at M[1<<(winsize-1)] by squaring
|
/* compute the value at M[1<<(winsize-1)] by squaring
|
||||||
* M[1] (winsize-1) times
|
* M[1] (winsize-1) times
|
||||||
*/
|
*/
|
||||||
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
|
if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) {
|
||||||
goto LBL_MU;
|
goto LBL_MU;
|
||||||
@ -1966,7 +1966,7 @@ static int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int red
|
|||||||
|
|
||||||
for (x = 0; x < (winsize - 1); x++) {
|
for (x = 0; x < (winsize - 1); x++) {
|
||||||
/* square it */
|
/* square it */
|
||||||
if ((err = mp_sqr (&M[1 << (winsize - 1)],
|
if ((err = mp_sqr (&M[1 << (winsize - 1)],
|
||||||
&M[1 << (winsize - 1)])) != MP_OKAY) {
|
&M[1 << (winsize - 1)])) != MP_OKAY) {
|
||||||
goto LBL_MU;
|
goto LBL_MU;
|
||||||
}
|
}
|
||||||
@ -2117,18 +2117,18 @@ static int mp_sqr (mp_int * a, mp_int * b)
|
|||||||
if (a->used >= TOOM_SQR_CUTOFF) {
|
if (a->used >= TOOM_SQR_CUTOFF) {
|
||||||
res = mp_toom_sqr(a, b);
|
res = mp_toom_sqr(a, b);
|
||||||
/* Karatsuba? */
|
/* Karatsuba? */
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
#ifdef BN_MP_KARATSUBA_SQR_C
|
#ifdef BN_MP_KARATSUBA_SQR_C
|
||||||
if (a->used >= KARATSUBA_SQR_CUTOFF) {
|
if (a->used >= KARATSUBA_SQR_CUTOFF) {
|
||||||
res = mp_karatsuba_sqr (a, b);
|
res = mp_karatsuba_sqr (a, b);
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
#ifdef BN_FAST_S_MP_SQR_C
|
#ifdef BN_FAST_S_MP_SQR_C
|
||||||
/* can we use the fast comba multiplier? */
|
/* can we use the fast comba multiplier? */
|
||||||
if ((a->used * 2 + 1) < MP_WARRAY &&
|
if ((a->used * 2 + 1) < MP_WARRAY &&
|
||||||
a->used <
|
a->used <
|
||||||
(1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) {
|
(1 << (sizeof(mp_word) * CHAR_BIT - 2*DIGIT_BIT - 1))) {
|
||||||
res = fast_s_mp_sqr (a, b);
|
res = fast_s_mp_sqr (a, b);
|
||||||
} else
|
} else
|
||||||
@ -2145,7 +2145,7 @@ if (a->used >= KARATSUBA_SQR_CUTOFF) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* reduces a modulo n where n is of the form 2**p - d
|
/* reduces a modulo n where n is of the form 2**p - d
|
||||||
This differs from reduce_2k since "d" can be larger
|
This differs from reduce_2k since "d" can be larger
|
||||||
than a single digit.
|
than a single digit.
|
||||||
*/
|
*/
|
||||||
@ -2153,33 +2153,33 @@ static int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d)
|
|||||||
{
|
{
|
||||||
mp_int q;
|
mp_int q;
|
||||||
int p, res;
|
int p, res;
|
||||||
|
|
||||||
if ((res = mp_init(&q)) != MP_OKAY) {
|
if ((res = mp_init(&q)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
p = mp_count_bits(n);
|
p = mp_count_bits(n);
|
||||||
top:
|
top:
|
||||||
/* q = a/2**p, a = a mod 2**p */
|
/* q = a/2**p, a = a mod 2**p */
|
||||||
if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
|
if ((res = mp_div_2d(a, p, &q, a)) != MP_OKAY) {
|
||||||
goto ERR;
|
goto ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* q = q * d */
|
/* q = q * d */
|
||||||
if ((res = mp_mul(&q, d, &q)) != MP_OKAY) {
|
if ((res = mp_mul(&q, d, &q)) != MP_OKAY) {
|
||||||
goto ERR;
|
goto ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* a = a + q */
|
/* a = a + q */
|
||||||
if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
|
if ((res = s_mp_add(a, &q, a)) != MP_OKAY) {
|
||||||
goto ERR;
|
goto ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (mp_cmp_mag(a, n) != MP_LT) {
|
if (mp_cmp_mag(a, n) != MP_LT) {
|
||||||
s_mp_sub(a, n, a);
|
s_mp_sub(a, n, a);
|
||||||
goto top;
|
goto top;
|
||||||
}
|
}
|
||||||
|
|
||||||
ERR:
|
ERR:
|
||||||
mp_clear(&q);
|
mp_clear(&q);
|
||||||
return res;
|
return res;
|
||||||
@ -2191,26 +2191,26 @@ static int mp_reduce_2k_setup_l(mp_int *a, mp_int *d)
|
|||||||
{
|
{
|
||||||
int res;
|
int res;
|
||||||
mp_int tmp;
|
mp_int tmp;
|
||||||
|
|
||||||
if ((res = mp_init(&tmp)) != MP_OKAY) {
|
if ((res = mp_init(&tmp)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) {
|
if ((res = mp_2expt(&tmp, mp_count_bits(a))) != MP_OKAY) {
|
||||||
goto ERR;
|
goto ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) {
|
if ((res = s_mp_sub(&tmp, a, d)) != MP_OKAY) {
|
||||||
goto ERR;
|
goto ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
ERR:
|
ERR:
|
||||||
mp_clear(&tmp);
|
mp_clear(&tmp);
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* computes a = 2**b
|
/* computes a = 2**b
|
||||||
*
|
*
|
||||||
* Simple algorithm which zeroes the int, grows it then just sets one bit
|
* Simple algorithm which zeroes the int, grows it then just sets one bit
|
||||||
* as required.
|
* as required.
|
||||||
@ -2243,7 +2243,7 @@ static int mp_2expt (mp_int * a, int b)
|
|||||||
static int mp_reduce_setup (mp_int * a, mp_int * b)
|
static int mp_reduce_setup (mp_int * a, mp_int * b)
|
||||||
{
|
{
|
||||||
int res;
|
int res;
|
||||||
|
|
||||||
if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) {
|
if ((res = mp_2expt (a, b->used * 2 * DIGIT_BIT)) != MP_OKAY) {
|
||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
@ -2251,7 +2251,7 @@ static int mp_reduce_setup (mp_int * a, mp_int * b)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* reduces x mod m, assumes 0 < x < m**2, mu is
|
/* reduces x mod m, assumes 0 < x < m**2, mu is
|
||||||
* precomputed via mp_reduce_setup.
|
* precomputed via mp_reduce_setup.
|
||||||
* From HAC pp.604 Algorithm 14.42
|
* From HAC pp.604 Algorithm 14.42
|
||||||
*/
|
*/
|
||||||
@ -2266,7 +2266,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* q1 = x / b**(k-1) */
|
/* q1 = x / b**(k-1) */
|
||||||
mp_rshd (&q, um - 1);
|
mp_rshd (&q, um - 1);
|
||||||
|
|
||||||
/* according to HAC this optimization is ok */
|
/* according to HAC this optimization is ok */
|
||||||
if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
|
if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) {
|
||||||
@ -2282,8 +2282,8 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
|
|||||||
if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
|
if ((res = fast_s_mp_mul_high_digs (&q, mu, &q, um)) != MP_OKAY) {
|
||||||
goto CLEANUP;
|
goto CLEANUP;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
{
|
{
|
||||||
#error mp_reduce would always fail
|
#error mp_reduce would always fail
|
||||||
res = MP_VAL;
|
res = MP_VAL;
|
||||||
goto CLEANUP;
|
goto CLEANUP;
|
||||||
@ -2292,7 +2292,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* q3 = q2 / b**(k+1) */
|
/* q3 = q2 / b**(k+1) */
|
||||||
mp_rshd (&q, um + 1);
|
mp_rshd (&q, um + 1);
|
||||||
|
|
||||||
/* x = x mod b**(k+1), quick (no division) */
|
/* x = x mod b**(k+1), quick (no division) */
|
||||||
if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) {
|
if ((res = mp_mod_2d (x, DIGIT_BIT * (um + 1), x)) != MP_OKAY) {
|
||||||
@ -2326,7 +2326,7 @@ static int mp_reduce (mp_int * x, mp_int * m, mp_int * mu)
|
|||||||
goto CLEANUP;
|
goto CLEANUP;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
CLEANUP:
|
CLEANUP:
|
||||||
mp_clear (&q);
|
mp_clear (&q);
|
||||||
|
|
||||||
@ -2335,7 +2335,7 @@ CLEANUP:
|
|||||||
|
|
||||||
|
|
||||||
/* multiplies |a| * |b| and only computes up to digs digits of result
|
/* multiplies |a| * |b| and only computes up to digs digits of result
|
||||||
* HAC pp. 595, Algorithm 14.12 Modified so you can control how
|
* HAC pp. 595, Algorithm 14.12 Modified so you can control how
|
||||||
* many digits of output are created.
|
* many digits of output are created.
|
||||||
*/
|
*/
|
||||||
static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
||||||
@ -2349,7 +2349,7 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
|||||||
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
||||||
/* can we use the fast multiplier? */
|
/* can we use the fast multiplier? */
|
||||||
if (((digs) < MP_WARRAY) &&
|
if (((digs) < MP_WARRAY) &&
|
||||||
MIN (a->used, b->used) <
|
MIN (a->used, b->used) <
|
||||||
(1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
(1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
||||||
return fast_s_mp_mul_digs (a, b, c, digs);
|
return fast_s_mp_mul_digs (a, b, c, digs);
|
||||||
}
|
}
|
||||||
@ -2372,10 +2372,10 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
|||||||
/* setup some aliases */
|
/* setup some aliases */
|
||||||
/* copy of the digit from a used within the nested loop */
|
/* copy of the digit from a used within the nested loop */
|
||||||
tmpx = a->dp[ix];
|
tmpx = a->dp[ix];
|
||||||
|
|
||||||
/* an alias for the destination shifted ix places */
|
/* an alias for the destination shifted ix places */
|
||||||
tmpt = t.dp + ix;
|
tmpt = t.dp + ix;
|
||||||
|
|
||||||
/* an alias for the digits of b */
|
/* an alias for the digits of b */
|
||||||
tmpy = b->dp;
|
tmpy = b->dp;
|
||||||
|
|
||||||
@ -2409,15 +2409,15 @@ static int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
|||||||
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
#ifdef BN_FAST_S_MP_MUL_DIGS_C
|
||||||
/* Fast (comba) multiplier
|
/* Fast (comba) multiplier
|
||||||
*
|
*
|
||||||
* This is the fast column-array [comba] multiplier. It is
|
* This is the fast column-array [comba] multiplier. It is
|
||||||
* designed to compute the columns of the product first
|
* designed to compute the columns of the product first
|
||||||
* then handle the carries afterwards. This has the effect
|
* then handle the carries afterwards. This has the effect
|
||||||
* of making the nested loops that compute the columns very
|
* of making the nested loops that compute the columns very
|
||||||
* simple and schedulable on super-scalar processors.
|
* simple and schedulable on super-scalar processors.
|
||||||
*
|
*
|
||||||
* This has been modified to produce a variable number of
|
* This has been modified to produce a variable number of
|
||||||
* digits of output so if say only a half-product is required
|
* digits of output so if say only a half-product is required
|
||||||
* you don't have to compute the upper half (a feature
|
* you don't have to compute the upper half (a feature
|
||||||
* required for fast Barrett reduction).
|
* required for fast Barrett reduction).
|
||||||
*
|
*
|
||||||
* Based on Algorithm 14.12 on pp.595 of HAC.
|
* Based on Algorithm 14.12 on pp.595 of HAC.
|
||||||
@ -2441,7 +2441,7 @@ static int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
|||||||
|
|
||||||
/* clear the carry */
|
/* clear the carry */
|
||||||
_W = 0;
|
_W = 0;
|
||||||
for (ix = 0; ix < pa; ix++) {
|
for (ix = 0; ix < pa; ix++) {
|
||||||
int tx, ty;
|
int tx, ty;
|
||||||
int iy;
|
int iy;
|
||||||
mp_digit *tmpx, *tmpy;
|
mp_digit *tmpx, *tmpy;
|
||||||
@ -2454,7 +2454,7 @@ static int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs)
|
|||||||
tmpx = a->dp + tx;
|
tmpx = a->dp + tx;
|
||||||
tmpy = b->dp + ty;
|
tmpy = b->dp + ty;
|
||||||
|
|
||||||
/* this is the number of times the loop will iterrate, essentially
|
/* this is the number of times the loop will iterrate, essentially
|
||||||
while (tx++ < a->used && ty-- >= 0) { ... }
|
while (tx++ < a->used && ty-- >= 0) { ... }
|
||||||
*/
|
*/
|
||||||
iy = MIN(a->used-tx, ty+1);
|
iy = MIN(a->used-tx, ty+1);
|
||||||
@ -2501,8 +2501,8 @@ static int mp_init_size (mp_int * a, int size)
|
|||||||
int x;
|
int x;
|
||||||
|
|
||||||
/* pad size so there are always extra digits */
|
/* pad size so there are always extra digits */
|
||||||
size += (MP_PREC * 2) - (size % MP_PREC);
|
size += (MP_PREC * 2) - (size % MP_PREC);
|
||||||
|
|
||||||
/* alloc mem */
|
/* alloc mem */
|
||||||
a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size);
|
a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size);
|
||||||
if (a->dp == NULL) {
|
if (a->dp == NULL) {
|
||||||
@ -2556,7 +2556,7 @@ static int s_mp_sqr (mp_int * a, mp_int * b)
|
|||||||
|
|
||||||
/* alias for where to store the results */
|
/* alias for where to store the results */
|
||||||
tmpt = t.dp + (2*ix + 1);
|
tmpt = t.dp + (2*ix + 1);
|
||||||
|
|
||||||
for (iy = ix + 1; iy < pa; iy++) {
|
for (iy = ix + 1; iy < pa; iy++) {
|
||||||
/* first calculate the product */
|
/* first calculate the product */
|
||||||
r = ((mp_word)tmpx) * ((mp_word)a->dp[iy]);
|
r = ((mp_word)tmpx) * ((mp_word)a->dp[iy]);
|
||||||
@ -2863,24 +2863,24 @@ static int mp_mul_2(mp_int * a, mp_int * b)
|
|||||||
|
|
||||||
/* alias for source */
|
/* alias for source */
|
||||||
tmpa = a->dp;
|
tmpa = a->dp;
|
||||||
|
|
||||||
/* alias for dest */
|
/* alias for dest */
|
||||||
tmpb = b->dp;
|
tmpb = b->dp;
|
||||||
|
|
||||||
/* carry */
|
/* carry */
|
||||||
r = 0;
|
r = 0;
|
||||||
for (x = 0; x < a->used; x++) {
|
for (x = 0; x < a->used; x++) {
|
||||||
|
|
||||||
/* get what will be the *next* carry bit from the
|
/* get what will be the *next* carry bit from the
|
||||||
* MSB of the current digit
|
* MSB of the current digit
|
||||||
*/
|
*/
|
||||||
rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1));
|
rr = *tmpa >> ((mp_digit)(DIGIT_BIT - 1));
|
||||||
|
|
||||||
/* now shift up this digit, add in the carry [from the previous] */
|
/* now shift up this digit, add in the carry [from the previous] */
|
||||||
*tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK;
|
*tmpb++ = ((*tmpa++ << ((mp_digit)1)) | r) & MP_MASK;
|
||||||
|
|
||||||
/* copy the carry that would be from the source
|
/* copy the carry that would be from the source
|
||||||
* digit into the next iteration
|
* digit into the next iteration
|
||||||
*/
|
*/
|
||||||
r = rr;
|
r = rr;
|
||||||
}
|
}
|
||||||
@ -2892,8 +2892,8 @@ static int mp_mul_2(mp_int * a, mp_int * b)
|
|||||||
++(b->used);
|
++(b->used);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* now zero any excess digits on the destination
|
/* now zero any excess digits on the destination
|
||||||
* that we didn't write to
|
* that we didn't write to
|
||||||
*/
|
*/
|
||||||
tmpb = b->dp + b->used;
|
tmpb = b->dp + b->used;
|
||||||
for (x = b->used; x < oldused; x++) {
|
for (x = b->used; x < oldused; x++) {
|
||||||
@ -3011,7 +3011,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int
|
|||||||
|
|
||||||
/* determine and setup reduction code */
|
/* determine and setup reduction code */
|
||||||
if (redmode == 0) {
|
if (redmode == 0) {
|
||||||
#ifdef BN_MP_MONTGOMERY_SETUP_C
|
#ifdef BN_MP_MONTGOMERY_SETUP_C
|
||||||
/* now setup montgomery */
|
/* now setup montgomery */
|
||||||
if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) {
|
if ((err = mp_montgomery_setup (P, &mp)) != MP_OKAY) {
|
||||||
goto LBL_M;
|
goto LBL_M;
|
||||||
@ -3026,7 +3026,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int
|
|||||||
if (((P->used * 2 + 1) < MP_WARRAY) &&
|
if (((P->used * 2 + 1) < MP_WARRAY) &&
|
||||||
P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) {
|
||||||
redux = fast_mp_montgomery_reduce;
|
redux = fast_mp_montgomery_reduce;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
#ifdef BN_MP_MONTGOMERY_REDUCE_C
|
#ifdef BN_MP_MONTGOMERY_REDUCE_C
|
||||||
@ -3077,7 +3077,7 @@ static int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int
|
|||||||
if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) {
|
if ((err = mp_montgomery_calc_normalization (&res, P)) != MP_OKAY) {
|
||||||
goto LBL_RES;
|
goto LBL_RES;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
err = MP_VAL;
|
err = MP_VAL;
|
||||||
goto LBL_RES;
|
goto LBL_RES;
|
||||||
#endif
|
#endif
|
||||||
@ -3245,10 +3245,10 @@ LBL_M:
|
|||||||
|
|
||||||
#ifdef BN_FAST_S_MP_SQR_C
|
#ifdef BN_FAST_S_MP_SQR_C
|
||||||
/* the jist of squaring...
|
/* the jist of squaring...
|
||||||
* you do like mult except the offset of the tmpx [one that
|
* you do like mult except the offset of the tmpx [one that
|
||||||
* starts closer to zero] can't equal the offset of tmpy.
|
* starts closer to zero] can't equal the offset of tmpy.
|
||||||
* So basically you set up iy like before then you min it with
|
* So basically you set up iy like before then you min it with
|
||||||
* (ty-tx) so that it never happens. You double all those
|
* (ty-tx) so that it never happens. You double all those
|
||||||
* you add in the inner loop
|
* you add in the inner loop
|
||||||
|
|
||||||
After that loop you do the squares and add them in.
|
After that loop you do the squares and add them in.
|
||||||
@ -3270,7 +3270,7 @@ static int fast_s_mp_sqr (mp_int * a, mp_int * b)
|
|||||||
|
|
||||||
/* number of output digits to produce */
|
/* number of output digits to produce */
|
||||||
W1 = 0;
|
W1 = 0;
|
||||||
for (ix = 0; ix < pa; ix++) {
|
for (ix = 0; ix < pa; ix++) {
|
||||||
int tx, ty, iy;
|
int tx, ty, iy;
|
||||||
mp_word _W;
|
mp_word _W;
|
||||||
mp_digit *tmpy;
|
mp_digit *tmpy;
|
||||||
@ -3291,7 +3291,7 @@ static int fast_s_mp_sqr (mp_int * a, mp_int * b)
|
|||||||
*/
|
*/
|
||||||
iy = MIN(a->used-tx, ty+1);
|
iy = MIN(a->used-tx, ty+1);
|
||||||
|
|
||||||
/* now for squaring tx can never equal ty
|
/* now for squaring tx can never equal ty
|
||||||
* we halve the distance since they approach at a rate of 2x
|
* we halve the distance since they approach at a rate of 2x
|
||||||
* and we have to round because odd cases need to be executed
|
* and we have to round because odd cases need to be executed
|
||||||
*/
|
*/
|
||||||
|
|||||||
@ -80,7 +80,7 @@ crypto_rsa_import_public_key(const u8 *buf, size_t len)
|
|||||||
* PKCS #1, 7.1:
|
* PKCS #1, 7.1:
|
||||||
* RSAPublicKey ::= SEQUENCE {
|
* RSAPublicKey ::= SEQUENCE {
|
||||||
* modulus INTEGER, -- n
|
* modulus INTEGER, -- n
|
||||||
* publicExponent INTEGER -- e
|
* publicExponent INTEGER -- e
|
||||||
* }
|
* }
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|||||||
@ -264,7 +264,7 @@ failed:
|
|||||||
* @in_data: Pointer to plaintext data to be encrypted
|
* @in_data: Pointer to plaintext data to be encrypted
|
||||||
* @in_len: Input buffer length
|
* @in_len: Input buffer length
|
||||||
* @out_data: Pointer to output buffer (encrypted TLS data)
|
* @out_data: Pointer to output buffer (encrypted TLS data)
|
||||||
* @out_len: Maximum out_data length
|
* @out_len: Maximum out_data length
|
||||||
* Returns: Number of bytes written to out_data, -1 on failure
|
* Returns: Number of bytes written to out_data, -1 on failure
|
||||||
*
|
*
|
||||||
* This function is used after TLS handshake has been completed successfully to
|
* This function is used after TLS handshake has been completed successfully to
|
||||||
|
|||||||
@ -21,7 +21,7 @@
|
|||||||
* RFC 2246 Section 9: Mandatory to implement TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
|
* RFC 2246 Section 9: Mandatory to implement TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
|
||||||
* Add support for commonly used cipher suites; don't bother with exportable
|
* Add support for commonly used cipher suites; don't bother with exportable
|
||||||
* suites.
|
* suites.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static const struct tls_cipher_suite tls_cipher_suites[] = {
|
static const struct tls_cipher_suite tls_cipher_suites[] = {
|
||||||
{ TLS_NULL_WITH_NULL_NULL, TLS_KEY_X_NULL, TLS_CIPHER_NULL,
|
{ TLS_NULL_WITH_NULL_NULL, TLS_KEY_X_NULL, TLS_CIPHER_NULL,
|
||||||
|
|||||||
@ -216,7 +216,7 @@ failed:
|
|||||||
* @in_data: Pointer to plaintext data to be encrypted
|
* @in_data: Pointer to plaintext data to be encrypted
|
||||||
* @in_len: Input buffer length
|
* @in_len: Input buffer length
|
||||||
* @out_data: Pointer to output buffer (encrypted TLS data)
|
* @out_data: Pointer to output buffer (encrypted TLS data)
|
||||||
* @out_len: Maximum out_data length
|
* @out_len: Maximum out_data length
|
||||||
* Returns: Number of bytes written to out_data, -1 on failure
|
* Returns: Number of bytes written to out_data, -1 on failure
|
||||||
*
|
*
|
||||||
* This function is used after TLS handshake has been completed successfully to
|
* This function is used after TLS handshake has been completed successfully to
|
||||||
|
|||||||
@ -2039,7 +2039,7 @@ int x509_certificate_chain_validate(struct x509_certificate *trusted,
|
|||||||
|
|
||||||
for (cert = chain, idx = 0; cert; cert = cert->next, idx++) {
|
for (cert = chain, idx = 0; cert; cert = cert->next, idx++) {
|
||||||
cert->issuer_trusted = 0;
|
cert->issuer_trusted = 0;
|
||||||
x509_name_string(&cert->subject, buf, sizeof(buf));
|
x509_name_string(&cert->subject, buf, sizeof(buf));
|
||||||
wpa_printf(MSG_DEBUG, "X509: %lu: %s", idx, buf);
|
wpa_printf(MSG_DEBUG, "X509: %lu: %s", idx, buf);
|
||||||
|
|
||||||
if (chain_trusted)
|
if (chain_trusted)
|
||||||
@ -2063,11 +2063,11 @@ int x509_certificate_chain_validate(struct x509_certificate *trusted,
|
|||||||
wpa_printf(MSG_DEBUG, "X509: Certificate "
|
wpa_printf(MSG_DEBUG, "X509: Certificate "
|
||||||
"chain issuer name mismatch");
|
"chain issuer name mismatch");
|
||||||
x509_name_string(&cert->issuer, buf,
|
x509_name_string(&cert->issuer, buf,
|
||||||
sizeof(buf));
|
sizeof(buf));
|
||||||
wpa_printf(MSG_DEBUG, "X509: cert issuer: %s",
|
wpa_printf(MSG_DEBUG, "X509: cert issuer: %s",
|
||||||
buf);
|
buf);
|
||||||
x509_name_string(&cert->next->subject, buf,
|
x509_name_string(&cert->next->subject, buf,
|
||||||
sizeof(buf));
|
sizeof(buf));
|
||||||
wpa_printf(MSG_DEBUG, "X509: next cert "
|
wpa_printf(MSG_DEBUG, "X509: next cert "
|
||||||
"subject: %s", buf);
|
"subject: %s", buf);
|
||||||
*reason = X509_VALIDATE_CERTIFICATE_UNKNOWN;
|
*reason = X509_VALIDATE_CERTIFICATE_UNKNOWN;
|
||||||
|
|||||||
@ -243,7 +243,7 @@ static int wlantest_inject_prot(struct wlantest *wt, struct wlantest_bss *bss,
|
|||||||
inc_byte_array(pn, 6);
|
inc_byte_array(pn, 6);
|
||||||
|
|
||||||
os_memset(dummy, 0x11, sizeof(dummy));
|
os_memset(dummy, 0x11, sizeof(dummy));
|
||||||
if (tk)
|
if (tk)
|
||||||
crypt = ccmp_encrypt(incorrect_key ? dummy : tk,
|
crypt = ccmp_encrypt(incorrect_key ? dummy : tk,
|
||||||
frame, len, hdrlen, qos, pn, 0,
|
frame, len, hdrlen, qos, pn, 0,
|
||||||
&crypt_len);
|
&crypt_len);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user