wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Prime Number Testing

Browse Source 
1. Fixed variable name typo in DH for the FFDHE 8192-bit q value.
2. Updated some error strings in wolfSSL_BN_is_prime_ex().
3. Changed the calls to mp_prime_is_prime_ex() in fp_randprime() and
mp_randprime() so they go back to the 8 rounds of MR, which is more than
adequate in this situation.
This commit is contained in:
John Safranek
2018-07-11 16:24:41 -07:00
parent 0e06f6413d
commit 5908230d20
4 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl.c
View File

@ -22566,7 +22566,7 @@ int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int nbchecks,
if (rng) { if (rng) {
if (mp_prime_is_prime_ex((mp_int*)bn->internal, if (mp_prime_is_prime_ex((mp_int*)bn->internal,
nbchecks, &res, rng) != MP_OKAY) { nbchecks, &res, rng) != MP_OKAY) {
WOLFSSL_MSG("mp_prime_is_prime error"); WOLFSSL_MSG("mp_prime_is_prime_ex error");
res = MP_NO; res = MP_NO;
} }
} }
@ -22579,7 +22579,7 @@ int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int nbchecks,
#endif #endif
if (res != MP_YES) { if (res != MP_YES) {
WOLFSSL_MSG("mp_prime_is_prime not prime"); WOLFSSL_MSG("mp_prime_is_prime_ex not prime");
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
} }

2
wolfcrypt/src/dh.c
View File

@ -765,7 +765,7 @@ static const byte dh_ffdhe8192_p[] = {
}; };
static const byte dh_ffdhe8192_g[] = { 0x02 }; static const byte dh_ffdhe8192_g[] = { 0x02 };
#ifdef HAVE_FFDHE_Q #ifdef HAVE_FFDHE_Q
static const byte dh_ffdhe8192_g[] = { static const byte dh_ffdhe8192_q[] = {
0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D, 0xD6, 0xFC, 0x2A, 0x2C, 0x51, 0x5D, 0xA5, 0x4D,
0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78, 0x57, 0xEE, 0x2B, 0x10, 0x13, 0x9E, 0x9E, 0x78,

8
wolfcrypt/src/integer.c
View File

@ -4529,9 +4529,11 @@ int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap)
} }
/* test */ /* test */
/* Running Miller-Rabin up to 40 times gives us a 2^{-80} chance /* Running Miller-Rabin up to 3 times gives us a 2^{-80} chance
* of a candidate being a false positive. */ * of a 1024-bit candidate being a false positive, when it is our
if ((err = mp_prime_is_prime_ex(N, 40, &res, rng)) != MP_OKAY) { * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.)
* Using 8 because we've always used 8. */
if ((err = mp_prime_is_prime_ex(N, 8, &res, rng)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA); XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err; return err;
} }

8
wolfcrypt/src/tfm.c
View File

@ -3067,9 +3067,11 @@ int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap)
fp_read_unsigned_bin(N, buf, len); fp_read_unsigned_bin(N, buf, len);
/* test */ /* test */
/* Running Miller-Rabin up to 40 times gives us a 2^{-80} chance /* Running Miller-Rabin up to 3 times gives us a 2^{-80} chance
* of a candidate being a false positive. */ * of a 1024-bit candidate being a false positive, when it is our
mp_prime_is_prime_ex(N, 40, &isPrime, rng); * prime candidate. (Note 4.49 of Handbook of Applied Cryptography.)
* Using 8 because we've always used 8 */
mp_prime_is_prime_ex(N, 8, &isPrime, rng);
} while (isPrime == FP_NO); } while (isPrime == FP_NO);
XMEMSET(buf, 0, len); XMEMSET(buf, 0, len);