-/* $OpenBSD: moduli.c,v 1.16 2006/07/26 13:57:17 stevesk Exp $ */
+/* $OpenBSD: moduli.c,v 1.21 2008/06/26 09:19:40 djm Exp $ */
/*
* Copyright 1994 Phil Karn <karn@qualcomm.com>
* Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
#include <sys/types.h>
#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <stdarg.h>
#include <time.h>
#include "xmalloc.h"
+#include "dh.h"
#include "log.h"
/*
/* need line long enough for largest moduli plus headers */
#define QLINESIZE (100+8192)
-/* Type: decimal.
- * Specifies the internal structure of the prime modulus.
- */
-#define QTYPE_UNKNOWN (0)
-#define QTYPE_UNSTRUCTURED (1)
-#define QTYPE_SAFE (2)
-#define QTYPE_SCHNORR (3)
-#define QTYPE_SOPHIE_GERMAIN (4)
-#define QTYPE_STRONG (5)
-
-/* Tests: decimal (bit field).
- * Specifies the methods used in checking for primality.
- * Usually, more than one test is used.
- */
-#define QTEST_UNTESTED (0x00)
-#define QTEST_COMPOSITE (0x01)
-#define QTEST_SIEVE (0x02)
-#define QTEST_MILLER_RABIN (0x04)
-#define QTEST_JACOBI (0x08)
-#define QTEST_ELLIPTIC (0x10)
-
/*
* Size: decimal.
* Specifies the number of the most significant bit (0 to M).
/* validation check: count the number of primes tried */
largetries = 0;
- q = BN_new();
+ if ((q = BN_new()) == NULL)
+ fatal("BN_new failed");
/*
* Generate random starting point for subprime search, or use
* specified parameter.
*/
- largebase = BN_new();
- if (start == NULL)
- BN_rand(largebase, power, 1, 1);
- else
- BN_copy(largebase, start);
+ if ((largebase = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if (start == NULL) {
+ if (BN_rand(largebase, power, 1, 1) == 0)
+ fatal("BN_rand failed");
+ } else {
+ if (BN_copy(largebase, start) == NULL)
+ fatal("BN_copy: failed");
+ }
/* ensure odd */
- BN_set_bit(largebase, 0);
+ if (BN_set_bit(largebase, 0) == 0)
+ fatal("BN_set_bit: failed");
time(&time_start);
continue; /* Definitely composite, skip */
debug2("test q = largebase+%u", 2 * j);
- BN_set_word(q, 2 * j);
- BN_add(q, q, largebase);
- if (qfileout(out, QTYPE_SOPHIE_GERMAIN, QTEST_SIEVE,
- largetries, (power - 1) /* MSB */, (0), q) == -1) {
+ if (BN_set_word(q, 2 * j) == 0)
+ fatal("BN_set_word failed");
+ if (BN_add(q, q, largebase) == 0)
+ fatal("BN_add failed");
+ if (qfileout(out, MODULI_TYPE_SOPHIE_GERMAIN,
+ MODULI_TESTS_SIEVE, largetries,
+ (power - 1) /* MSB */, (0), q) == -1) {
ret = -1;
break;
}
time(&time_start);
- p = BN_new();
- q = BN_new();
- ctx = BN_CTX_new();
+ if ((p = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if ((q = BN_new()) == NULL)
+ fatal("BN_new failed");
+ if ((ctx = BN_CTX_new()) == NULL)
+ fatal("BN_CTX_new failed");
debug2("%.24s Final %u Miller-Rabin trials (%x generator)",
ctime(&time_start), trials, generator_wanted);
res = 0;
lp = xmalloc(QLINESIZE + 1);
- while (fgets(lp, QLINESIZE, in) != NULL) {
- int ll = strlen(lp);
-
+ while (fgets(lp, QLINESIZE + 1, in) != NULL) {
count_in++;
- if (ll < 14 || *lp == '!' || *lp == '#') {
+ if (strlen(lp) < 14 || *lp == '!' || *lp == '#') {
debug2("%10u: comment or short line", count_in);
continue;
}
/* tests */
in_tests = strtoul(cp, &cp, 10);
- if (in_tests & QTEST_COMPOSITE) {
+ if (in_tests & MODULI_TESTS_COMPOSITE) {
debug2("%10u: known composite", count_in);
continue;
}
/* modulus (hex) */
switch (in_type) {
- case QTYPE_SOPHIE_GERMAIN:
+ case MODULI_TYPE_SOPHIE_GERMAIN:
debug2("%10u: (%u) Sophie-Germain", count_in, in_type);
a = q;
- BN_hex2bn(&a, cp);
+ if (BN_hex2bn(&a, cp) == 0)
+ fatal("BN_hex2bn failed");
/* p = 2*q + 1 */
- BN_lshift(p, q, 1);
- BN_add_word(p, 1);
+ if (BN_lshift(p, q, 1) == 0)
+ fatal("BN_lshift failed");
+ if (BN_add_word(p, 1) == 0)
+ fatal("BN_add_word failed");
in_size += 1;
generator_known = 0;
break;
- case QTYPE_UNSTRUCTURED:
- case QTYPE_SAFE:
- case QTYPE_SCHNORR:
- case QTYPE_STRONG:
- case QTYPE_UNKNOWN:
+ case MODULI_TYPE_UNSTRUCTURED:
+ case MODULI_TYPE_SAFE:
+ case MODULI_TYPE_SCHNORR:
+ case MODULI_TYPE_STRONG:
+ case MODULI_TYPE_UNKNOWN:
debug2("%10u: (%u)", count_in, in_type);
a = p;
- BN_hex2bn(&a, cp);
+ if (BN_hex2bn(&a, cp) == 0)
+ fatal("BN_hex2bn failed");
/* q = (p-1) / 2 */
- BN_rshift(q, p, 1);
+ if (BN_rshift(q, p, 1) == 0)
+ fatal("BN_rshift failed");
break;
default:
debug2("Unknown prime type");
continue;
}
- if (in_tests & QTEST_MILLER_RABIN)
+ if (in_tests & MODULI_TESTS_MILLER_RABIN)
in_tries += trials;
else
in_tries = trials;
}
debug("%10u: q is almost certainly prime", count_in);
- if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN),
+ if (qfileout(out, MODULI_TYPE_SAFE,
+ in_tests | MODULI_TESTS_MILLER_RABIN,
in_tries, in_size, generator_known, p)) {
res = -1;
break;