From cae70ded344fd001ec0435494755fc94bc82cb88 Mon Sep 17 00:00:00 2001 From: "mcgreer%netscape.com" Date: Fri, 22 Sep 2000 16:24:16 +0000 Subject: [PATCH] revert changes to DH param gen. MPI does compute q=2p+1 for strong primes, but returns q not p. #ifdef in rsa for testing mp_exptmod_d vs. mp_exptmod, mp_exptmod is considerably faster. --- security/nss/lib/freebl/dh.c | 22 +++++++++++----------- security/nss/lib/freebl/manifest.mn | 1 + security/nss/lib/freebl/rsa.c | 13 +++++-------- 3 files changed, 17 insertions(+), 19 deletions(-) diff --git a/security/nss/lib/freebl/dh.c b/security/nss/lib/freebl/dh.c index 0d29b9c4fce..11a1d437b57 100644 --- a/security/nss/lib/freebl/dh.c +++ b/security/nss/lib/freebl/dh.c @@ -48,7 +48,7 @@ DH_GenParam(int primeLen, DHParams **params) { PRArenaPool *arena; DHParams *dhparams; - unsigned char *qb = NULL; + unsigned char *pb = NULL; unsigned char *ab = NULL; unsigned long counter = 0; mp_int p, q, a, h, psub1, test; @@ -83,15 +83,15 @@ DH_GenParam(int primeLen, DHParams **params) CHECK_MPI_OK( mp_init(&psub1) ); CHECK_MPI_OK( mp_init(&test) ); /* generate prime with MPI, uses Miller-Rabin to generate strong prime. */ - qb = PORT_Alloc(primeLen); - CHECK_SEC_OK(RNG_GenerateGlobalRandomBytes(qb, primeLen) ); - qb[0] |= 0x80; /* set high-order bit */ - qb[primeLen-1] |= 0x01; /* set low-order bit */ - CHECK_MPI_OK( mp_read_unsigned_octets(&q, qb, primeLen) ); - CHECK_MPI_OK( mpp_make_prime(&q, primeLen * 8, PR_TRUE, &counter) ); - /* construct Sophie-Germain prime p = 2q + 1. */ - CHECK_MPI_OK( mp_mul_2(&q, &psub1) ); - CHECK_MPI_OK( mp_add_d(&psub1, 1, &p) ); + pb = PORT_Alloc(primeLen); + CHECK_SEC_OK( RNG_GenerateGlobalRandomBytes(pb, primeLen) ); + pb[0] |= 0x80; /* set high-order bit */ + pb[primeLen-1] |= 0x01; /* set low-order bit */ + CHECK_MPI_OK( mp_read_unsigned_octets(&p, pb, primeLen) ); + CHECK_MPI_OK( mpp_make_prime(&p, primeLen * 8, PR_TRUE, &counter) ); + /* construct Sophie-Germain prime q = (p-1)/2. */ + CHECK_MPI_OK( mp_sub_d(&p, 1, &psub1) ); + CHECK_MPI_OK( mp_div_2(&psub1, &q) ); /* construct a generator from the prime. */ ab = PORT_Alloc(primeLen); do { @@ -116,7 +116,7 @@ cleanup: mp_clear(&h); mp_clear(&psub1); mp_clear(&test); - if (qb) PORT_ZFree(qb, primeLen); + if (pb) PORT_ZFree(pb, primeLen); if (ab) PORT_ZFree(ab, primeLen); if (err) { MP_TO_SEC_ERROR(err); diff --git a/security/nss/lib/freebl/manifest.mn b/security/nss/lib/freebl/manifest.mn index 66eb7c1b93f..85751e1c039 100644 --- a/security/nss/lib/freebl/manifest.mn +++ b/security/nss/lib/freebl/manifest.mn @@ -77,3 +77,4 @@ CSRCS = \ $(NULL) endif +#DEFINES += -DUSE_MPI_EXPT_D diff --git a/security/nss/lib/freebl/rsa.c b/security/nss/lib/freebl/rsa.c index 8ccc8fccd1e..6e51a2d48d9 100644 --- a/security/nss/lib/freebl/rsa.c +++ b/security/nss/lib/freebl/rsa.c @@ -30,7 +30,7 @@ * may use your version of this file under either the MPL or the * GPL. * - * $Id: rsa.c,v 1.14 2000-09-19 06:18:04 mcgreer%netscape.com Exp $ + * $Id: rsa.c,v 1.15 2000-09-22 16:24:16 mcgreer%netscape.com Exp $ */ #include "secerr.h" @@ -275,20 +275,17 @@ RSA_PublicKeyOp(RSAPublicKey *key, modLen = rsa_modulusLen(&key->modulus); /* 1. Obtain public key (n, e) */ SECITEM_TO_MPINT(key->modulus, &n); -#ifdef USE_MPI_EXPT_D - /* XXX convert exponent to mp_digit */ -#else SECITEM_TO_MPINT(key->publicExponent, &e); -#endif /* 2. Represent message as integer in range [0..n-1] */ CHECK_MPI_OK( mp_read_unsigned_octets(&m, input, modLen) ); /* 3. Compute c = m**e mod n */ #ifdef USE_MPI_EXPT_D /* XXX see which is faster */ - CHECK_MPI_OK( mp_exptmod_d(&m, exp, &n, &c) ); -#else - CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) ); + if (MP_USED(&e) == 1) { + CHECK_MPI_OK( mp_exptmod_d(&m, MP_DIGIT(&e, 0), &n, &c) ); + } else #endif + CHECK_MPI_OK( mp_exptmod(&m, &e, &n, &c) ); /* 4. result c is ciphertext */ err = mp_to_fixlen_octets(&c, output, modLen); if (err >= 0) err = MP_OKAY;