diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | cipher/ecc.c | 78 | ||||
| -rw-r--r-- | doc/gcrypt.texi | 7 | ||||
| -rw-r--r-- | mpi/ec.c | 71 | ||||
| -rw-r--r-- | mpi/mpiutil.c | 19 | ||||
| -rw-r--r-- | src/gcrypt.h.in | 5 | ||||
| -rw-r--r-- | src/libgcrypt.def | 2 | ||||
| -rw-r--r-- | src/libgcrypt.vers | 2 | ||||
| -rw-r--r-- | src/mpi.h | 30 | ||||
| -rw-r--r-- | src/visibility.c | 7 | ||||
| -rw-r--r-- | src/visibility.h | 3 |
11 files changed, 137 insertions, 89 deletions
@@ -36,6 +36,7 @@ Noteworthy changes in version 1.6.0 (unreleased) GCRY_RNG_TYPE_STANDARD NEW. GCRY_RNG_TYPE_FIPS NEW. GCRY_RNG_TYPE_SYSTEM NEW. + gcry_mpi_snatch NEW. Noteworthy changes in version 1.5.0 (2011-06-29) @@ -705,6 +706,7 @@ Noteworthy changes in version 1.1.3 (2001-05-31) Copyright 2001, 2002, 2003, 2004, 2007, 2008, 2009, 2011 Free Software Foundation, Inc. +Copyright 2013 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff --git a/cipher/ecc.c b/cipher/ecc.c index 22de3d8b..789fc6c3 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1,22 +1,22 @@ /* ecc.c - Elliptic Curve Cryptography - Copyright (C) 2007, 2008, 2010, 2011 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, - USA. */ + * Copyright (C) 2007, 2008, 2010, 2011 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ /* This code is originally based on the Patch 0.1.6 for the gnupg 1.4.x branch as retrieved on 2007-03-21 from @@ -46,8 +46,6 @@ - In mpi/ec.c we use mpi_powm for x^2 mod p: Either implement a special case in mpi_powm or check whether mpi_mulm is faster. - - - Decide whether we should hide the mpi_point_t definition. */ @@ -63,25 +61,25 @@ /* Definition of a curve. */ typedef struct { - gcry_mpi_t p; /* Prime specifying the field GF(p). */ - gcry_mpi_t a; /* First coefficient of the Weierstrass equation. */ - gcry_mpi_t b; /* Second coefficient of the Weierstrass equation. */ - mpi_point_t G; /* Base point (generator). */ - gcry_mpi_t n; /* Order of G. */ - const char *name; /* Name of curve or NULL. */ + gcry_mpi_t p; /* Prime specifying the field GF(p). */ + gcry_mpi_t a; /* First coefficient of the Weierstrass equation. */ + gcry_mpi_t b; /* Second coefficient of the Weierstrass equation. */ + mpi_point_struct G; /* Base point (generator). */ + gcry_mpi_t n; /* Order of G. */ + const char *name; /* Name of the curve or NULL. */ } elliptic_curve_t; typedef struct { elliptic_curve_t E; - mpi_point_t Q; /* Q = [d]G */ + mpi_point_struct Q; /* Q = [d]G */ } ECC_public_key; typedef struct { elliptic_curve_t E; - mpi_point_t Q; + mpi_point_struct Q; gcry_mpi_t d; } ECC_secret_key; @@ -292,8 +290,8 @@ static void (*progress_cb) (void *, const char*, int, int, int); static void *progress_cb_data; -#define point_init(a) _gcry_mpi_ec_point_init ((a)) -#define point_free(a) _gcry_mpi_ec_point_free ((a)) +#define point_init(a) _gcry_mpi_point_init ((a)) +#define point_free(a) _gcry_mpi_point_free_parts ((a)) @@ -333,7 +331,7 @@ _gcry_register_pk_ecc_progress (void (*cb) (void *, const char *, /* Set the value from S into D. */ static void -point_set (mpi_point_t *d, mpi_point_t *s) +point_set (mpi_point_t d, mpi_point_t s) { mpi_set (d->x, s->x); mpi_set (d->y, s->y); @@ -521,7 +519,7 @@ generate_key (ECC_secret_key *sk, unsigned int nbits, const char *name, gpg_err_code_t err; elliptic_curve_t E; gcry_mpi_t d; - mpi_point_t Q; + mpi_point_struct Q; mpi_ec_t ctx; gcry_random_level_t random_level; @@ -600,7 +598,7 @@ test_keys (ECC_secret_key *sk, unsigned int nbits) { ECC_public_key pk; gcry_mpi_t test = mpi_new (nbits); - mpi_point_t R_; + mpi_point_struct R_; gcry_mpi_t c = mpi_new (nbits); gcry_mpi_t out = mpi_new (nbits); gcry_mpi_t r = mpi_new (nbits); @@ -648,7 +646,7 @@ static int check_secret_key (ECC_secret_key * sk) { int rc = 1; - mpi_point_t Q; + mpi_point_struct Q; gcry_mpi_t y_2, y2; mpi_ec_t ctx = NULL; @@ -719,7 +717,7 @@ sign (gcry_mpi_t input, ECC_secret_key *skey, gcry_mpi_t r, gcry_mpi_t s) { gpg_err_code_t err = 0; gcry_mpi_t k, dr, sum, k_1, x; - mpi_point_t I; + mpi_point_struct I; mpi_ec_t ctx; if (DBG_CIPHER) @@ -790,7 +788,7 @@ verify (gcry_mpi_t input, ECC_public_key *pkey, gcry_mpi_t r, gcry_mpi_t s) { gpg_err_code_t err = 0; gcry_mpi_t h, h1, h2, x, y; - mpi_point_t Q, Q1, Q2; + mpi_point_struct Q, Q1, Q2; mpi_ec_t ctx; if( !(mpi_cmp_ui (r, 0) > 0 && mpi_cmp (r, pkey->E.n) < 0) ) @@ -925,7 +923,7 @@ ec2os (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t p) /* RESULT must have been initialized and is set on success to the point given by VALUE. */ static gcry_error_t -os2ec (mpi_point_t *result, gcry_mpi_t value) +os2ec (mpi_point_t result, gcry_mpi_t value) { gcry_error_t err; size_t n; @@ -1430,7 +1428,7 @@ ecc_encrypt_raw (int algo, gcry_mpi_t *resarr, gcry_mpi_t k, /* The following is false: assert( mpi_cmp_ui( R.x, 1 )==0 );, so */ { - mpi_point_t R; /* Result that we return. */ + mpi_point_struct R; /* Result that we return. */ gcry_mpi_t x, y; x = mpi_new (0); @@ -1490,8 +1488,8 @@ ecc_decrypt_raw (int algo, gcry_mpi_t *result, gcry_mpi_t *data, gcry_mpi_t *skey, int flags) { ECC_secret_key sk; - mpi_point_t R; /* Result that we return. */ - mpi_point_t kG; + mpi_point_struct R; /* Result that we return. */ + mpi_point_struct kG; mpi_ec_t ctx; gcry_mpi_t r; int err; diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index fa24defb..8bfcbfde 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -3600,6 +3600,13 @@ small values (usually up to the word size of the CPU). Swap the values of @var{a} and @var{b}. @end deftypefun +@deftypefun void gcry_mpi_snatch (@w{gcry_mpi_t @var{w}}, @ + @w{const gcry_mpi_t @var{u}}) + +Set @var{u} into @var{w} and release @var{u}. If @var{w} is +@code{NULL} only @var{u} will be released. +@end deftypefun + @node MPI formats @section MPI formats @@ -1,23 +1,22 @@ /* ec.c - Elliptic Curve functions - Copyright (C) 2007 Free Software Foundation, Inc. - - This file is part of Libgcrypt. - - Libgcrypt is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - Libgcrypt is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, - USA. */ - + * Copyright (C) 2007 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see <http://www.gnu.org/licenses/>. + */ #include <config.h> #include <stdio.h> @@ -28,8 +27,8 @@ #include "g10lib.h" -#define point_init(a) _gcry_mpi_ec_point_init ((a)) -#define point_free(a) _gcry_mpi_ec_point_free ((a)) +#define point_init(a) _gcry_mpi_point_init ((a)) +#define point_free(a) _gcry_mpi_point_free_parts ((a)) /* Object to represent a point in projective coordinates. */ @@ -64,10 +63,10 @@ struct mpi_ec_ctx_s -/* Initialized a point object. gcry_mpi_ec_point_free shall be used - to release this object. */ +/* Initialize the fields of a point object. gcry_mpi_point_free_parts + may be used to release the fields. */ void -_gcry_mpi_ec_point_init (mpi_point_t *p) +_gcry_mpi_point_init (mpi_point_t p) { p->x = mpi_new (0); p->y = mpi_new (0); @@ -75,18 +74,19 @@ _gcry_mpi_ec_point_init (mpi_point_t *p) } -/* Release a point object. */ +/* Release the parts of a point object. */ void -_gcry_mpi_ec_point_free (mpi_point_t *p) +_gcry_mpi_point_free_parts (mpi_point_t p) { mpi_free (p->x); p->x = NULL; mpi_free (p->y); p->y = NULL; mpi_free (p->z); p->z = NULL; } + /* Set the value from S into D. */ static void -point_set (mpi_point_t *d, mpi_point_t *s) +point_set (mpi_point_t d, mpi_point_t s) { mpi_set (d->x, s->x); mpi_set (d->y, s->y); @@ -339,12 +339,13 @@ _gcry_mpi_ec_free (mpi_ec_t ctx) gcry_free (ctx); } + /* Compute the affine coordinates from the projective coordinates in POINT. Set them into X and Y. If one coordinate is not required, X or Y may be passed as NULL. CTX is the usual context. Returns: 0 on success or !0 if POINT is at infinity. */ int -_gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t *point, +_gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t point, mpi_ec_t ctx) { gcry_mpi_t z1, z2, z3; @@ -374,12 +375,10 @@ _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t *point, } - - /* RESULT = 2 * POINT */ void -_gcry_mpi_ec_dup_point (mpi_point_t *result, mpi_point_t *point, mpi_ec_t ctx) +_gcry_mpi_ec_dup_point (mpi_point_t result, mpi_point_t point, mpi_ec_t ctx) { #define x3 (result->x) #define y3 (result->y) @@ -463,8 +462,8 @@ _gcry_mpi_ec_dup_point (mpi_point_t *result, mpi_point_t *point, mpi_ec_t ctx) /* RESULT = P1 + P2 */ void -_gcry_mpi_ec_add_points (mpi_point_t *result, - mpi_point_t *p1, mpi_point_t *p2, +_gcry_mpi_ec_add_points (mpi_point_t result, + mpi_point_t p1, mpi_point_t p2, mpi_ec_t ctx) { #define x1 (p1->x ) @@ -608,8 +607,8 @@ _gcry_mpi_ec_add_points (mpi_point_t *result, an integer SCALAR and a POINT as well as the usual context CTX. RESULT will be set to the resulting point. */ void -_gcry_mpi_ec_mul_point (mpi_point_t *result, - gcry_mpi_t scalar, mpi_point_t *point, +_gcry_mpi_ec_mul_point (mpi_point_t result, + gcry_mpi_t scalar, mpi_point_t point, mpi_ec_t ctx) { #if 0 @@ -632,7 +631,7 @@ _gcry_mpi_ec_mul_point (mpi_point_t *result, #else gcry_mpi_t x1, y1, z1, k, h, yy; unsigned int i, loops; - mpi_point_t p1, p2, p1inv; + mpi_point_struct p1, p2, p1inv; x1 = mpi_alloc_like (ctx->p); y1 = mpi_alloc_like (ctx->p); diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c index 76630a62..d410d90b 100644 --- a/mpi/mpiutil.c +++ b/mpi/mpiutil.c @@ -1,6 +1,7 @@ /* mpiutil.ac - Utility functions for MPI * Copyright (C) 1998, 2000, 2001, 2002, 2003, * 2007 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -296,6 +297,24 @@ _gcry_mpi_alloc_like( gcry_mpi_t a ) } +/* Set U into W and release U. If W is NULL only U will be released. */ +void +gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u) +{ + if (w) + { + _gcry_mpi_assign_limb_space (w, u->d, u->alloced); + w->nlimbs = u->nlimbs; + w->sign = u->sign; + w->flags = u->flags; + u->alloced = 0; + u->nlimbs = 0; + u->d = NULL; + } + _gcry_mpi_free (u); +} + + gcry_mpi_t gcry_mpi_set( gcry_mpi_t w, gcry_mpi_t u) { diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index dae8d1ca..7d2b89db 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -2,6 +2,7 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, * 2006, 2007, 2008, 2009, 2010, 2011, * 2012 Free Software Foundation, Inc. + * Copyright (C) 2012, 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -466,6 +467,9 @@ void gcry_mpi_release (gcry_mpi_t a); /* Create a new number with the same value as A. */ gcry_mpi_t gcry_mpi_copy (const gcry_mpi_t a); +/* Store the big integer value U in W and release U. */ +void gcry_mpi_snatch (gcry_mpi_t w, gcry_mpi_t u); + /* Store the big integer value U in W. */ gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u); @@ -629,6 +633,7 @@ int gcry_mpi_get_flag (gcry_mpi_t a, enum gcry_mpi_flag flag); while (0) #define mpi_copy( a ) gcry_mpi_copy( (a) ) +#define mpi_snatch( w, u) gcry_mpi_snatch( (w), (u) ) #define mpi_set( w, u) gcry_mpi_set( (w), (u) ) #define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) ) #define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) ) diff --git a/src/libgcrypt.def b/src/libgcrypt.def index 9bf01670..cc49e748 100644 --- a/src/libgcrypt.def +++ b/src/libgcrypt.def @@ -211,3 +211,5 @@ EXPORTS gcry_pk_get_param @193 gcry_kdf_derive @194 + + gcry_mpi_snatch @195 diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers index dcb37490..200f04e6 100644 --- a/src/libgcrypt.vers +++ b/src/libgcrypt.vers @@ -86,7 +86,7 @@ GCRYPT_1.6 { gcry_mpi_set_flag; gcry_mpi_set_highbit; gcry_mpi_set_opaque; gcry_mpi_set_ui; gcry_mpi_snew; gcry_mpi_sub; gcry_mpi_sub_ui; gcry_mpi_subm; gcry_mpi_swap; gcry_mpi_test_bit; - gcry_mpi_lshift; + gcry_mpi_lshift; gcry_mpi_snatch; local: *; @@ -108,6 +108,7 @@ struct gcry_mpi #define mpi_is_secure(a) ((a) && ((a)->flags&1)) #define mpi_clear(a) _gcry_mpi_clear ((a)) #define mpi_alloc_like(a) _gcry_mpi_alloc_like((a)) +#define mpi_snatch(a,b) _gcry_mpi_snatch ((a),(b)) #define mpi_set(a,b) _gcry_mpi_set ((a),(b)) #define mpi_set_ui(a,b) _gcry_mpi_set_ui ((a),(b)) #define mpi_get_ui(a,b) _gcry_mpi_get_ui ((a),(b)) @@ -230,32 +231,37 @@ void _gcry_mpi_normalize( gcry_mpi_t a ); /*-- ec.c --*/ /* Object to represent a point in projective coordinates. */ -struct mpi_point_s; -typedef struct mpi_point_s mpi_point_t; -struct mpi_point_s +struct gcry_mpi_point { gcry_mpi_t x; gcry_mpi_t y; gcry_mpi_t z; }; +typedef struct gcry_mpi_point mpi_point_struct; +typedef struct gcry_mpi_point *mpi_point_t; + +void _gcry_mpi_point_init (mpi_point_t p); +void _gcry_mpi_point_free_parts (mpi_point_t p); +void _gcry_mpi_get_point (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + mpi_point_t point); +void _gcry_mpi_snatch_point (gcry_mpi_t x, gcry_mpi_t y, gcry_mpi_t z, + mpi_point_t point); /* Context used with elliptic curve functions. */ struct mpi_ec_ctx_s; typedef struct mpi_ec_ctx_s *mpi_ec_t; -void _gcry_mpi_ec_point_init (mpi_point_t *p); -void _gcry_mpi_ec_point_free (mpi_point_t *p); mpi_ec_t _gcry_mpi_ec_init (gcry_mpi_t p, gcry_mpi_t a); void _gcry_mpi_ec_free (mpi_ec_t ctx); -int _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t *point, +int _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t point, mpi_ec_t ctx); -void _gcry_mpi_ec_dup_point (mpi_point_t *result, - mpi_point_t *point, mpi_ec_t ctx); -void _gcry_mpi_ec_add_points (mpi_point_t *result, - mpi_point_t *p1, mpi_point_t *p2, +void _gcry_mpi_ec_dup_point (mpi_point_t result, + mpi_point_t point, mpi_ec_t ctx); +void _gcry_mpi_ec_add_points (mpi_point_t result, + mpi_point_t p1, mpi_point_t p2, mpi_ec_t ctx); -void _gcry_mpi_ec_mul_point (mpi_point_t *result, - gcry_mpi_t scalar, mpi_point_t *point, +void _gcry_mpi_ec_mul_point (mpi_point_t result, + gcry_mpi_t scalar, mpi_point_t point, mpi_ec_t ctx); diff --git a/src/visibility.c b/src/visibility.c index 2d3edbc9..732f0582 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -1,5 +1,6 @@ /* visibility.c - Wrapper for all public functions. * Copyright (C) 2007, 2008, 2011 Free Software Foundation, Inc. + * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -261,6 +262,12 @@ gcry_mpi_copy (const gcry_mpi_t a) return _gcry_mpi_copy (a); } +void +gcry_mpi_snatch (gcry_mpi_t w, const gcry_mpi_t u) +{ + return _gcry_mpi_snatch (w, u); +} + gcry_mpi_t gcry_mpi_set (gcry_mpi_t w, const gcry_mpi_t u) { diff --git a/src/visibility.h b/src/visibility.h index 4606a209..429c2461 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -172,6 +172,7 @@ #define gcry_mpi_rshift _gcry_mpi_rshift #define gcry_mpi_lshift _gcry_mpi_lshift #define gcry_mpi_scan _gcry_mpi_scan +#define gcry_mpi_snatch _gcry_mpi_snatch #define gcry_mpi_set _gcry_mpi_set #define gcry_mpi_set_bit _gcry_mpi_set_bit #define gcry_mpi_set_flag _gcry_mpi_set_flag @@ -378,6 +379,7 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, #undef gcry_mpi_rshift #undef gcry_mpi_lshift #undef gcry_mpi_scan +#undef gcry_mpi_snatch #undef gcry_mpi_set #undef gcry_mpi_set_bit #undef gcry_mpi_set_flag @@ -544,6 +546,7 @@ MARK_VISIBLE (gcry_mpi_release) MARK_VISIBLE (gcry_mpi_rshift) MARK_VISIBLE (gcry_mpi_lshift) MARK_VISIBLE (gcry_mpi_scan) +MARK_VISIBLE (gcry_mpi_snatch) MARK_VISIBLE (gcry_mpi_set) MARK_VISIBLE (gcry_mpi_set_bit) MARK_VISIBLE (gcry_mpi_set_flag) |