From 0eef90f9513150ec0a16c2f03db584a5cbb9ecb6 Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Thu, 10 Mar 2022 11:40:32 -0700 Subject: [PATCH 1/2] Fix for ZD13795 and also remove all-caps parameter --- wolfcrypt/src/integer.c | 6 +++--- wolfcrypt/src/tfm.c | 12 ++++++------ wolfssl/wolfcrypt/integer.h | 2 +- wolfssl/wolfcrypt/tfm.h | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index ac795a160..da2609d33 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -5000,7 +5000,7 @@ LBL_B:mp_clear (&b); static const int USE_BBS = 1; -int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap) +int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap) { int err, res, type; byte* buf; @@ -5045,7 +5045,7 @@ int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap) buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00); /* load value */ - if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) { + if ((err = mp_read_unsigned_bin(a, buf, len)) != MP_OKAY) { XFREE(buf, heap, DYNAMIC_TYPE_RSA); return err; } @@ -5055,7 +5055,7 @@ int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap) * of a 1024-bit candidate being a false positive, when it is our * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.) * Using 8 because we've always used 8. */ - if ((err = mp_prime_is_prime_ex(N, 8, &res, rng)) != MP_OKAY) { + if ((err = mp_prime_is_prime_ex(a, 8, &res, rng)) != MP_OKAY) { XFREE(buf, heap, DYNAMIC_TYPE_RSA); return err; } diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 60a902a69..79022d236 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -5189,7 +5189,7 @@ int mp_cond_swap_ct(mp_int * a, mp_int * b, int c, int m) static int fp_gcd(fp_int *a, fp_int *b, fp_int *c); static int fp_lcm(fp_int *a, fp_int *b, fp_int *c); -static int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap); +static int fp_randprime(fp_int* a, int len, WC_RNG* rng, void* heap); int mp_gcd(fp_int *a, fp_int *b, fp_int *c) { @@ -5202,11 +5202,11 @@ int mp_lcm(fp_int *a, fp_int *b, fp_int *c) return fp_lcm(a, b, c); } -int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap) +int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap) { int err; - err = fp_randprime(N, len, rng, heap); + err = fp_randprime(a, len, rng, heap); switch(err) { case FP_VAL: return MP_VAL; @@ -5226,7 +5226,7 @@ int mp_exch (mp_int * a, mp_int * b) -int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap) +int fp_randprime(fp_int* a, int len, WC_RNG* rng, void* heap) { static const int USE_BBS = 1; int err, type; @@ -5274,7 +5274,7 @@ int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap) buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00); /* load value */ - err = fp_read_unsigned_bin(N, buf, len); + err = fp_read_unsigned_bin(a, buf, len); if (err != 0) { XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER); return err; @@ -5285,7 +5285,7 @@ int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap) * of a 1024-bit candidate being a false positive, when it is our * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.) * Using 8 because we've always used 8 */ - mp_prime_is_prime_ex(N, 8, &isPrime, rng); + mp_prime_is_prime_ex(a, 8, &isPrime, rng); } while (isPrime == FP_NO); XMEMSET(buf, 0, len); diff --git a/wolfssl/wolfcrypt/integer.h b/wolfssl/wolfcrypt/integer.h index d7a6286c8..b1b48ad4f 100644 --- a/wolfssl/wolfcrypt/integer.h +++ b/wolfssl/wolfcrypt/integer.h @@ -398,7 +398,7 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size); #ifdef WOLFSSL_KEY_GEN MP_API int mp_gcd (mp_int * a, mp_int * b, mp_int * c); MP_API int mp_lcm (mp_int * a, mp_int * b, mp_int * c); - MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap); + MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap); #endif MP_API int mp_cnt_lsb(mp_int *a); diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h index be06d0851..d562a8aab 100644 --- a/wolfssl/wolfcrypt/tfm.h +++ b/wolfssl/wolfcrypt/tfm.h @@ -843,7 +843,7 @@ MP_API int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng); #ifdef WOLFSSL_KEY_GEN MP_API int mp_gcd(fp_int *a, fp_int *b, fp_int *c); MP_API int mp_lcm(fp_int *a, fp_int *b, fp_int *c); -MP_API int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap); +MP_API int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap); MP_API int mp_exch(mp_int *a, mp_int *b); #endif /* WOLFSSL_KEY_GEN */ MP_API int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m); From fc92584bd261c9a2f035a3707f66e0be2a2eb8ae Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Fri, 11 Mar 2022 08:36:36 -0700 Subject: [PATCH 2/2] Address the one that was missed --- wolfcrypt/src/integer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index da2609d33..cbdd3f661 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -5005,7 +5005,7 @@ int mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap) int err, res, type; byte* buf; - if (N == NULL || rng == NULL) + if (a == NULL || rng == NULL) return MP_VAL; /* get type */