提交 992bba11 编写于 作者: B Ben Laurie

Merge branch 'erbridge-probable_primes'

......@@ -4,6 +4,10 @@
Changes between 1.0.2 and 1.1.0 [xx XXX xxxx]
*) Experimental support for a new, fast, unbiased prime candidate generator,
bn_probable_prime_dh_coprime(). Not currently used by any prime generator.
[Felix Laurie von Massenbach <felix@erbridge.co.uk>]
*) New output format NSS in the sess_id command line tool. This allows
exporting the session id and the master key in NSS keylog format.
[Martin Kaiser <martin@kaiser.cx>]
......
......@@ -60,7 +60,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# 386 generate 80386 code
# no-sse2 disables IA-32 SSE2 code, above option implies no-sse2
# no-<cipher> build without specified algorithm (rsa, idea, rc5, ...)
# -<xxx> +<xxx> compiler options are passed through
# -<xxx> +<xxx> compiler options are passed through
#
# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
# provided to stack calls. Generates unique stack functions for
......@@ -101,7 +101,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# AES_ASM ASE_[en|de]crypt is implemented in assembler
# Minimum warning options... any contributions to OpenSSL should at least get
# past these.
# past these.
my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
......@@ -144,7 +144,7 @@ my $ppc32_asm=$ppc64_asm;
my $no_asm=":::::::::::::::void";
# As for $BSDthreads. Idea is to maintain "collective" set of flags,
# which would cover all BSD flavors. -pthread applies to them all,
# which would cover all BSD flavors. -pthread applies to them all,
# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
# which has to be accompanied by explicit -D_THREAD_SAFE and
......@@ -180,6 +180,7 @@ my %table=(
"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -DMD32_REG_T=int -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:$x86_64_asm:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-erbridge", "gcc:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
......@@ -224,7 +225,7 @@ my %table=(
# compiler:-)
# <appro@fy.chalmers.se>
"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
#### Solaris x86 with Sun C setups
"solaris-x86-cc","cc:-fast -xarch=generic -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
......@@ -249,7 +250,7 @@ my %table=(
"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
####
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
#### SunOS configs, assuming sparc for the gcc one.
#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
......@@ -319,7 +320,7 @@ my %table=(
"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
# GCC builds...
"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
# Legacy HPUX 9.X configs...
"hpux-cc", "cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
......@@ -557,7 +558,7 @@ my %table=(
# with itself, Applink is never engaged and can as well be omitted.
"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
# UWIN
# UWIN
"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
# Cygwin
......@@ -636,7 +637,7 @@ my %table=(
my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
debug-VC-WIN64I debug-VC-WIN64A
VC-NT VC-CE VC-WIN32 debug-VC-WIN32
BC-32
BC-32
netware-clib netware-clib-bsdsock
netware-libc netware-libc-bsdsock);
......@@ -836,7 +837,7 @@ PROCESS_ARGS:
{
$disabled{$1} = "option";
}
}
}
}
elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
{
......@@ -1127,7 +1128,7 @@ foreach (sort (keys %disabled))
{
$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
print " OPENSSL_NO_$ALGO";
if (/^err$/) { $flags .= "-DOPENSSL_NO_ERR "; }
elsif (/^asm$/) { $no_asm = 1; }
}
......@@ -1395,7 +1396,7 @@ else
# $thread_defines .= "#define $def\n";
# }
# }
}
}
$lflags="$libs$lflags" if ($libs ne "");
......@@ -2014,8 +2015,8 @@ print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
print "BF_PTR used\n" if $bf_ptr == 1;
print "BF_PTR2 used\n" if $bf_ptr == 2;
print "BF_PTR used\n" if $bf_ptr == 1;
print "BF_PTR2 used\n" if $bf_ptr == 2;
if($IsMK1MF) {
open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
......@@ -2093,7 +2094,7 @@ BEGIN
#if defined(FIPS)
VALUE "Comments", "WARNING: TEST VERSION ONLY ***NOT*** FIPS 140-2 VALIDATED.\\0"
#endif
// Required:
// Required:
VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
#if defined(FIPS)
VALUE "FileDescription", "TEST UNVALIDATED FIPS140-2 DLL\\0"
......@@ -2129,7 +2130,7 @@ END
EOF
close(OUT);
}
print <<EOF;
Configured for $target.
......@@ -2159,7 +2160,7 @@ generate a fipscanister.o object module for TESTING PURPOSES ONLY; that
compiled module is NOT FIPS 140-2 validated and CANNOT be used to replace the
OpenSSL FIPS Object Module as identified by the CMVP
(http://csrc.nist.gov/cryptval/) in any application requiring the use of FIPS
140-2 validated software.
140-2 validated software.
This is a test OpenSSL 2.0 FIPS module.
......@@ -2246,7 +2247,7 @@ sub print_table_entry
my $perlasm_scheme,my $dso_scheme,my $shared_target,my $shared_cflag,
my $shared_ldflag,my $shared_extension,my $ranlib,my $arflags,my $multilib)=
split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
print <<EOF
*** $target
......
......@@ -74,9 +74,10 @@
#ifndef OPENSSL_NO_SPEED
#undef SECONDS
#define SECONDS 3
#define RSA_SECONDS 10
#define DSA_SECONDS 10
#define SECONDS 3
#define PRIME_SECONDS 10
#define RSA_SECONDS 10
#define DSA_SECONDS 10
#define ECDSA_SECONDS 10
#define ECDH_SECONDS 10
......@@ -191,6 +192,8 @@
#endif
#include <openssl/modes.h>
#include "../crypto/bn/bn_lcl.h"
#ifndef HAVE_FORK
# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
# define HAVE_FORK 0
......@@ -214,15 +217,18 @@ static int usertime=1;
static double Time_F(int s);
static void print_message(const char *s,long num,int length);
static void prime_print_message(const char *s, long num);
static void pkey_print_message(const char *str, const char *str2,
long num, int bits, int sec);
static void print_result(int alg,int run_no,int count,double time_used);
static void prime_print_result(int alg, int count, double time_used);
#ifndef NO_FORK
static int do_multi(int multi);
#endif
#define ALGOR_NUM 30
#define SIZE_NUM 5
#define PRIME_NUM 3
#define RSA_NUM 4
#define DSA_NUM 3
......@@ -239,6 +245,8 @@ static const char *names[ALGOR_NUM]={
"aes-128 ige","aes-192 ige","aes-256 ige","ghash" };
static double results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
static const char *prime_names[PRIME_NUM]={
"prime trial division", "prime trial division retry", "prime coprime" };
#ifndef OPENSSL_NO_RSA
static double rsa_results[RSA_NUM][2];
#endif
......@@ -492,6 +500,12 @@ int MAIN(int argc, char **argv)
#define D_GHASH 29
double d=0.0;
long c[ALGOR_NUM][SIZE_NUM];
#define D_PRIME_TRIAL_DIVISION 0
#define D_PRIME_TRIAL_DIVISION_RETRY 1
#define D_PRIME_COPRIME 2
long prime_c[PRIME_NUM];
#define R_DSA_512 0
#define R_DSA_1024 1
#define R_DSA_2048 2
......@@ -605,6 +619,7 @@ int MAIN(int argc, char **argv)
long ecdh_c[EC_NUM][2];
#endif
int prime_doit[PRIME_NUM];
int rsa_doit[RSA_NUM];
int dsa_doit[DSA_NUM];
#ifndef OPENSSL_NO_ECDSA
......@@ -685,6 +700,8 @@ int MAIN(int argc, char **argv)
for (i=0; i<EC_NUM; i++)
ecdh_doit[i]=0;
#endif
for (i=0; i<PRIME_NUM; i++)
prime_doit[i]=0;
j=0;
......@@ -974,7 +991,7 @@ int MAIN(int argc, char **argv)
else
#endif
#ifndef OPENSSL_NO_ECDH
if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
else if (strcmp(*argv,"ecdhp192") == 0) ecdh_doit[R_EC_P192]=2;
else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
......@@ -997,6 +1014,18 @@ int MAIN(int argc, char **argv)
}
else
#endif
if (strcmp(*argv,"prime-trial-division") == 0)
prime_doit[D_PRIME_TRIAL_DIVISION] = 1;
else if (strcmp(*argv,"prime-trial-division-retry") == 0)
prime_doit[D_PRIME_TRIAL_DIVISION_RETRY] = 1;
else if (strcmp(*argv,"prime-coprime") == 0)
prime_doit[D_PRIME_COPRIME] = 1;
else if (strcmp(*argv,"prime") == 0)
{
for (i=0; i < PRIME_NUM; i++)
prime_doit[i]=1;
}
else
{
BIO_printf(bio_err,"Error: bad option or value\n");
BIO_printf(bio_err,"\n");
......@@ -1123,6 +1152,7 @@ int MAIN(int argc, char **argv)
!defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
BIO_printf(bio_err,"\n");
#endif
BIO_printf(bio_err,"prime-trial-division prime-coprime\n");
BIO_printf(bio_err,"\n");
BIO_printf(bio_err,"Available options:\n");
......@@ -1291,25 +1321,26 @@ int MAIN(int argc, char **argv)
c[D_IGE_256_AES][0]=count;
c[D_GHASH][0]=count;
for (i=1; i<SIZE_NUM; i++)
{
c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
c[D_MD4][i]=c[D_MD4][0]*4*lengths[0]/lengths[i];
c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
c[D_SHA256][i]=c[D_SHA256][0]*4*lengths[0]/lengths[i];
c[D_SHA512][i]=c[D_SHA512][0]*4*lengths[0]/lengths[i];
c[D_WHIRLPOOL][i]=c[D_WHIRLPOOL][0]*4*lengths[0]/lengths[i];
}
for (i=1; i<SIZE_NUM; i++)
{
long l0,l1;
l0=(long)lengths[i-1];
l0=(long)lengths[0];
l1=(long)lengths[i];
c[D_MD2][i]=c[D_MD2][0]*4*l0/l1;
c[D_MDC2][i]=c[D_MDC2][0]*4*l0/l1;
c[D_MD4][i]=c[D_MD4][0]*4*l0/l1;
c[D_MD5][i]=c[D_MD5][0]*4*l0/l1;
c[D_HMAC][i]=c[D_HMAC][0]*4*l0/l1;
c[D_SHA1][i]=c[D_SHA1][0]*4*l0/l1;
c[D_RMD160][i]=c[D_RMD160][0]*4*l0/l1;
c[D_SHA256][i]=c[D_SHA256][0]*4*l0/l1;
c[D_SHA512][i]=c[D_SHA512][0]*4*l0/l1;
c[D_WHIRLPOOL][i]=c[D_WHIRLPOOL][0]*4*l0/l1;
l0=(long)lengths[i-1];
c[D_RC4][i]=c[D_RC4][i-1]*l0/l1;
c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
......@@ -1329,6 +1360,11 @@ int MAIN(int argc, char **argv)
c[D_IGE_192_AES][i]=c[D_IGE_192_AES][i-1]*l0/l1;
c[D_IGE_256_AES][i]=c[D_IGE_256_AES][i-1]*l0/l1;
}
prime_c[D_PRIME_TRIAL_DIVISION]=count;
prime_c[D_PRIME_TRIAL_DIVISION_RETRY]=count;
prime_c[D_PRIME_COPRIME]=count;
#ifndef OPENSSL_NO_RSA
rsa_c[R_RSA_512][0]=count/2000;
rsa_c[R_RSA_512][1]=count/400;
......@@ -1995,6 +2031,66 @@ int MAIN(int argc, char **argv)
print_result(D_EVP,j,count,d);
}
}
if (prime_doit[D_PRIME_TRIAL_DIVISION])
{
BIGNUM *rnd = BN_new();
BIGNUM *add = BN_new();
BN_CTX *ctx = BN_CTX_new();
BN_set_word(add, 2);
prime_print_message(prime_names[D_PRIME_TRIAL_DIVISION],
prime_c[D_PRIME_TRIAL_DIVISION]);
Time_F(START);
for (count=0, run=1; COND(prime_c[D_PRIME_TRIAL_DIVISION]); count++)
if (!bn_probable_prime_dh(rnd, 1024, add, NULL, ctx)) count--;
d=Time_F(STOP);
prime_print_result(D_PRIME_TRIAL_DIVISION, count, d);
BN_CTX_free(ctx);
BN_free(add);
BN_free(rnd);
}
if (prime_doit[D_PRIME_TRIAL_DIVISION_RETRY])
{
BIGNUM *rnd = BN_new();
BN_CTX *ctx = BN_CTX_new();
prime_print_message(prime_names[D_PRIME_TRIAL_DIVISION_RETRY],
prime_c[D_PRIME_TRIAL_DIVISION_RETRY]);
Time_F(START);
for (count=0, run=1; COND(prime_c[D_PRIME_TRIAL_DIVISION_RETRY]); count++)
if (!bn_probable_prime_dh_retry(rnd, 1024, ctx)) count--;
d=Time_F(STOP);
prime_print_result(D_PRIME_TRIAL_DIVISION_RETRY, count, d);
BN_CTX_free(ctx);
BN_free(rnd);
}
if (prime_doit[D_PRIME_COPRIME])
{
BIGNUM *rnd = BN_new();
BN_CTX *ctx = BN_CTX_new();
prime_print_message(prime_names[D_PRIME_COPRIME],
prime_c[D_PRIME_COPRIME]);
Time_F(START);
for (count=0, run=1; COND(prime_c[D_PRIME_COPRIME]); count++)
if (!bn_probable_prime_dh_coprime(rnd, 1024, ctx)) count--;
d=Time_F(STOP);
prime_print_result(D_PRIME_COPRIME, count, d);
BN_CTX_free(ctx);
BN_free(rnd);
}
RAND_pseudo_bytes(buf,36);
#ifndef OPENSSL_NO_RSA
......@@ -2586,6 +2682,23 @@ static void print_message(const char *s, long num, int length)
#endif
}
static void prime_print_message(const char *s, long num)
{
#ifdef SIGALRM
BIO_printf(bio_err,mr ? "+DT:%s:%d\n"
: "Doing %s for %ds: ", s, PRIME_SECONDS);
(void)BIO_flush(bio_err);
alarm(PRIME_SECONDS);
#else
BIO_printf(bio_err,mr ? "+DN:%s:%ld\n"
: "Doing %s %ld times: ", s, num);
(void)BIO_flush(bio_err);
#endif
#ifdef LINT
num=num;
#endif
}
static void pkey_print_message(const char *str, const char *str2, long num,
int bits, int tm)
{
......@@ -2611,6 +2724,14 @@ static void print_result(int alg,int run_no,int count,double time_used)
results[alg][run_no]=((double)count)/time_used*lengths[run_no];
}
static void prime_print_result(int alg, int count, double time_used)
{
BIO_printf(bio_err,
mr ? "+R:%d:%s:%f:%f\n" : "%d %s's in %.2fs (%.2f microseconds / run)\n",
count, prime_names[alg], time_used,
time_used / ((double)count) * 1000000);
}
#ifndef NO_FORK
static char *sstrsep(char **string, const char *delim)
{
......
......@@ -534,6 +534,11 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_U
BIGNUM *int_bn_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx, int *noinv);
int bn_probable_prime_dh(BIGNUM *rnd, int bits,
const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx);
int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx);
#ifdef __cplusplus
}
#endif
......
......@@ -129,11 +129,54 @@
static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
static int probable_prime(BIGNUM *rnd, int bits);
static int probable_prime_dh(BIGNUM *rnd, int bits,
const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
static const int prime_offsets[480] = {
13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83,
89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163,
167, 169, 173, 179, 181, 191, 193, 197, 199, 211, 221, 223, 227, 229,
233, 239, 241, 247, 251, 257, 263, 269, 271, 277, 281, 283, 289, 293,
299, 307, 311, 313, 317, 323, 331, 337, 347, 349, 353, 359, 361, 367,
373, 377, 379, 383, 389, 391, 397, 401, 403, 409, 419, 421, 431, 433,
437, 439, 443, 449, 457, 461, 463, 467, 479, 481, 487, 491, 493, 499,
503, 509, 521, 523, 527, 529, 533, 541, 547, 551, 557, 559, 563, 569,
571, 577, 587, 589, 593, 599, 601, 607, 611, 613, 617, 619, 629, 631,
641, 643, 647, 653, 659, 661, 667, 673, 677, 683, 689, 691, 697, 701,
703, 709, 713, 719, 727, 731, 733, 739, 743, 751, 757, 761, 767, 769,
773, 779, 787, 793, 797, 799, 809, 811, 817, 821, 823, 827, 829, 839,
841, 851, 853, 857, 859, 863, 871, 877, 881, 883, 887, 893, 899, 901,
907, 911, 919, 923, 929, 937, 941, 943, 947, 949, 953, 961, 967, 971,
977, 983, 989, 991, 997, 1003, 1007, 1009, 1013, 1019, 1021, 1027, 1031,
1033, 1037, 1039, 1049, 1051, 1061, 1063, 1069, 1073, 1079, 1081, 1087,
1091, 1093, 1097, 1103, 1109, 1117, 1121, 1123, 1129, 1139, 1147, 1151,
1153, 1157, 1159, 1163, 1171, 1181, 1187, 1189, 1193, 1201, 1207, 1213,
1217, 1219, 1223, 1229, 1231, 1237, 1241, 1247, 1249, 1259, 1261, 1271,
1273, 1277, 1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307, 1313, 1319,
1321, 1327, 1333, 1339, 1343, 1349, 1357, 1361, 1363, 1367, 1369, 1373,
1381, 1387, 1391, 1399, 1403, 1409, 1411, 1417, 1423, 1427, 1429, 1433,
1439, 1447, 1451, 1453, 1457, 1459, 1469, 1471, 1481, 1483, 1487, 1489,
1493, 1499, 1501, 1511, 1513, 1517, 1523, 1531, 1537, 1541, 1543, 1549,
1553, 1559, 1567, 1571, 1577, 1579, 1583, 1591, 1597, 1601, 1607, 1609,
1613, 1619, 1621, 1627, 1633, 1637, 1643, 1649, 1651, 1657, 1663, 1667,
1669, 1679, 1681, 1691, 1693, 1697, 1699, 1703, 1709, 1711, 1717, 1721,
1723, 1733, 1739, 1741, 1747, 1751, 1753, 1759, 1763, 1769, 1777, 1781,
1783, 1787, 1789, 1801, 1807, 1811, 1817, 1819, 1823, 1829, 1831, 1843,
1847, 1849, 1853, 1861, 1867, 1871, 1873, 1877, 1879, 1889, 1891, 1901,
1907, 1909, 1913, 1919, 1921, 1927, 1931, 1933, 1937, 1943, 1949, 1951,
1957, 1961, 1963, 1973, 1979, 1987, 1993, 1997, 1999, 2003, 2011, 2017,
2021, 2027, 2029, 2033, 2039, 2041, 2047, 2053, 2059, 2063, 2069, 2071,
2077, 2081, 2083, 2087, 2089, 2099, 2111, 2113, 2117, 2119, 2129, 2131,
2137, 2141, 2143, 2147, 2153, 2159, 2161, 2171, 2173, 2179, 2183, 2197,
2201, 2203, 2207, 2209, 2213, 2221, 2227, 2231, 2237, 2239, 2243, 2249,
2251, 2257, 2263, 2267, 2269, 2273, 2279, 2281, 2287, 2291, 2293, 2297,
2309, 2311 };
static const int prime_offset_count = 480;
static const int prime_multiplier = 2310;
static const int prime_multiplier_bits = 11; /* 2^|prime_multiplier_bits|
<= |prime_multiplier| */
static const int first_prime_index = 5;
int BN_GENCB_call(BN_GENCB *cb, int a, int b)
{
/* No callback means continue */
......@@ -198,7 +241,7 @@ loop:
}
else
{
if (!probable_prime_dh(ret,bits,add,rem,ctx))
if (!bn_probable_prime_dh(ret,bits,add,rem,ctx))
goto err;
}
}
......@@ -362,6 +405,73 @@ err:
return(ret);
}
int bn_probable_prime_dh_retry(BIGNUM *rnd, int bits, BN_CTX *ctx)
{
int i;
int ret = 0;
loop:
if (!BN_rand(rnd, bits, 0, 1)) goto err;
/* we now have a random number 'rand' to test. */
for (i = 1; i < NUMPRIMES; i++)
{
/* check that rnd is a prime */
if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1)
{
goto loop;
}
}
ret=1;
err:
bn_check_top(rnd);
return(ret);
}
int bn_probable_prime_dh_coprime(BIGNUM *rnd, int bits, BN_CTX *ctx)
{
int i;
BIGNUM *offset_index;
BIGNUM *offset_count;
int ret = 0;
OPENSSL_assert(bits > prime_multiplier_bits);
BN_CTX_start(ctx);
if ((offset_index = BN_CTX_get(ctx)) == NULL) goto err;
if ((offset_count = BN_CTX_get(ctx)) == NULL) goto err;
BN_add_word(offset_count, prime_offset_count);
loop:
if (!BN_rand(rnd, bits - prime_multiplier_bits, 0, 1)) goto err;
if (BN_is_bit_set(rnd, bits)) goto loop;
if (!BN_rand_range(offset_index, offset_count)) goto err;
BN_mul_word(rnd, prime_multiplier);
BN_add_word(rnd, prime_offsets[BN_get_word(offset_index)]);
/* we now have a random number 'rand' to test. */
/* skip coprimes */
for (i = first_prime_index; i < NUMPRIMES; i++)
{
/* check that rnd is a prime */
if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1)
{
goto loop;
}
}
ret = 1;
err:
BN_CTX_end(ctx);
bn_check_top(rnd);
return ret;
}
static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont)
{
......@@ -409,7 +519,7 @@ again:
maxdelta = size_limit;
}
delta=0;
loop:
loop:
if (is_single_word)
{
BN_ULONG rnd_word = BN_get_word(rnd);
......@@ -454,7 +564,7 @@ again:
return(1);
}
static int probable_prime_dh(BIGNUM *rnd, int bits,
int bn_probable_prime_dh(BIGNUM *rnd, int bits,
const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx)
{
int i,ret=0;
......@@ -476,7 +586,8 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
/* we now have a random number 'rand' to test. */
loop: for (i=1; i<NUMPRIMES; i++)
loop:
for (i=1; i<NUMPRIMES; i++)
{
/* check that rnd is a prime */
if (BN_mod_word(rnd,(BN_ULONG)primes[i]) <= 1)
......@@ -486,6 +597,7 @@ static int probable_prime_dh(BIGNUM *rnd, int bits,
}
}
ret=1;
err:
BN_CTX_end(ctx);
bn_check_top(rnd);
......@@ -524,12 +636,13 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
if (!BN_lshift1(p,q)) goto err;
if (!BN_add_word(p,1)) goto err;
loop: for (i=1; i<NUMPRIMES; i++)
loop:
for (i=1; i<NUMPRIMES; i++)
{
/* check that p and q are prime */
/* check that for p and q
* gcd(p-1,primes) == 1 (except for 2) */
if ( (BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
if ((BN_mod_word(p,(BN_ULONG)primes[i]) == 0) ||
(BN_mod_word(q,(BN_ULONG)primes[i]) == 0))
{
if (!BN_add(p,p,padd)) goto err;
......@@ -538,6 +651,7 @@ static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
}
}
ret=1;
err:
BN_CTX_end(ctx);
bn_check_top(p);
......
......@@ -87,6 +87,8 @@
#include <openssl/x509.h>
#include <openssl/err.h>
#include "../crypto/bn/bn_lcl.h"
const int num0 = 100; /* number of tests */
const int num1 = 50; /* additional tests for some functions */
const int num2 = 5; /* number of tests for slow functions */
......@@ -121,6 +123,7 @@ int test_gf2m_mod_solve_quad(BIO *bp,BN_CTX *ctx);
int test_kron(BIO *bp,BN_CTX *ctx);
int test_sqrt(BIO *bp,BN_CTX *ctx);
int test_small_prime(BIO *bp,BN_CTX *ctx);
int test_probable_prime_coprime(BIO *bp,BN_CTX *ctx);
int rand_neg(void);
static int results=0;
......@@ -270,6 +273,10 @@ int main(int argc, char *argv[])
if (!test_small_prime(out,ctx)) goto err;
(void)BIO_flush(out);
message(out,"Probable prime generation with coprimes");
if (!test_probable_prime_coprime(out,ctx)) goto err;
(void)BIO_flush(out);
#ifndef OPENSSL_NO_EC2M
message(out,"BN_GF2m_add");
if (!test_gf2m_add(out)) goto err;
......@@ -1923,6 +1930,37 @@ err:
return ret;
}
int test_probable_prime_coprime(BIO *bp, BN_CTX *ctx)
{
int i, j, ret = 0;
BIGNUM r;
BN_ULONG primes[5] = { 2, 3, 5, 7, 11 };
BN_init(&r);
for (i = 0; i < 1000; i++)
{
if (!bn_probable_prime_dh_coprime(&r, 1024, ctx)) goto err;
for (j = 0; j < 5; j++)
{
if (BN_mod_word(&r, primes[j]) == 0)
{
BIO_printf(bp, "Number generated is not coprime to %ld:\n", primes[j]);
BN_print_fp(stdout, &r);
BIO_printf(bp, "\n");
goto err;
}
}
}
ret = 1;
err:
BN_clear(&r);
return ret;
}
int test_lshift(BIO *bp,BN_CTX *ctx,BIGNUM *a_)
{
BIGNUM *a,*b,*c,*d;
......
primes = [2, 3, 5, 7, 11]
safe = False # Not sure if the period's right on safe primes.
muliplier = 1 if not safe else 2
for p in primes:
muliplier *= p
offsets = []
for x in range(3, muliplier + 3, 2):
prime = True
for p in primes:
if not x % p or (safe and not ((x - 1) / 2) % p):
prime = False
break
if prime:
offsets.append(x)
print(offsets)
print(len(offsets))
print(muliplier)
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册