mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-26 09:42:25 +00:00
Make the frankly ridiculous prototypes for modpow() and modmul() more sane
[originally from svn r752]
This commit is contained in:
Simon Tatham
parent
bf2744aabf
commit
e51b4da9f7
4
ssh.h
4
ssh.h
@ -153,8 +153,8 @@ Bignum newbn(int length);
|
|||||||
Bignum copybn(Bignum b);
|
Bignum copybn(Bignum b);
|
||||||
Bignum bignum_from_short(unsigned short n);
|
Bignum bignum_from_short(unsigned short n);
|
||||||
void freebn(Bignum b);
|
void freebn(Bignum b);
|
||||||
void modpow(Bignum base, Bignum exp, Bignum mod, Bignum result);
|
Bignum modpow(Bignum base, Bignum exp, Bignum mod);
|
||||||
void modmul(Bignum a, Bignum b, Bignum mod, Bignum result);
|
Bignum modmul(Bignum a, Bignum b, Bignum mod);
|
||||||
void decbn(Bignum n);
|
void decbn(Bignum n);
|
||||||
extern Bignum Zero, One;
|
extern Bignum Zero, One;
|
||||||
int ssh1_read_bignum(unsigned char *data, Bignum *result);
|
int ssh1_read_bignum(unsigned char *data, Bignum *result);
|
||||||
|
|||||||
14
sshbn.c
14
sshbn.c
@ -184,11 +184,12 @@ static void internal_mod(unsigned short *a, int alen,
|
|||||||
* The most significant word of mod MUST be non-zero.
|
* The most significant word of mod MUST be non-zero.
|
||||||
* We assume that the result array is the same size as the mod array.
|
* We assume that the result array is the same size as the mod array.
|
||||||
*/
|
*/
|
||||||
void modpow(Bignum base, Bignum exp, Bignum mod, Bignum result)
|
Bignum modpow(Bignum base, Bignum exp, Bignum mod)
|
||||||
{
|
{
|
||||||
unsigned short *a, *b, *n, *m;
|
unsigned short *a, *b, *n, *m;
|
||||||
int mshift;
|
int mshift;
|
||||||
int mlen, i, j;
|
int mlen, i, j;
|
||||||
|
Bignum result;
|
||||||
|
|
||||||
/* Allocate m of size mlen, copy mod to m */
|
/* Allocate m of size mlen, copy mod to m */
|
||||||
/* We use big endian internally */
|
/* We use big endian internally */
|
||||||
@ -252,14 +253,18 @@ void modpow(Bignum base, Bignum exp, Bignum mod, Bignum result)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Copy result to buffer */
|
/* Copy result to buffer */
|
||||||
|
result = newbn(mod[0]);
|
||||||
for (i = 0; i < mlen; i++)
|
for (i = 0; i < mlen; i++)
|
||||||
result[result[0] - i] = a[i+mlen];
|
result[result[0] - i] = a[i+mlen];
|
||||||
|
while (result[0] > 1 && result[result[0]] == 0) result[0]--;
|
||||||
|
|
||||||
/* Free temporary arrays */
|
/* Free temporary arrays */
|
||||||
for (i = 0; i < 2*mlen; i++) a[i] = 0; free(a);
|
for (i = 0; i < 2*mlen; i++) a[i] = 0; free(a);
|
||||||
for (i = 0; i < 2*mlen; i++) b[i] = 0; free(b);
|
for (i = 0; i < 2*mlen; i++) b[i] = 0; free(b);
|
||||||
for (i = 0; i < mlen; i++) m[i] = 0; free(m);
|
for (i = 0; i < mlen; i++) m[i] = 0; free(m);
|
||||||
for (i = 0; i < mlen; i++) n[i] = 0; free(n);
|
for (i = 0; i < mlen; i++) n[i] = 0; free(n);
|
||||||
|
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -267,11 +272,12 @@ void modpow(Bignum base, Bignum exp, Bignum mod, Bignum result)
|
|||||||
* The most significant word of mod MUST be non-zero.
|
* The most significant word of mod MUST be non-zero.
|
||||||
* We assume that the result array is the same size as the mod array.
|
* We assume that the result array is the same size as the mod array.
|
||||||
*/
|
*/
|
||||||
void modmul(Bignum p, Bignum q, Bignum mod, Bignum result)
|
Bignum modmul(Bignum p, Bignum q, Bignum mod)
|
||||||
{
|
{
|
||||||
unsigned short *a, *n, *m, *o;
|
unsigned short *a, *n, *m, *o;
|
||||||
int mshift;
|
int mshift;
|
||||||
int pqlen, mlen, i, j;
|
int pqlen, mlen, i, j;
|
||||||
|
Bignum result;
|
||||||
|
|
||||||
/* Allocate m of size mlen, copy mod to m */
|
/* Allocate m of size mlen, copy mod to m */
|
||||||
/* We use big endian internally */
|
/* We use big endian internally */
|
||||||
@ -320,14 +326,18 @@ void modmul(Bignum p, Bignum q, Bignum mod, Bignum result)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Copy result to buffer */
|
/* Copy result to buffer */
|
||||||
|
result = newbn(mod[0]);
|
||||||
for (i = 0; i < mlen; i++)
|
for (i = 0; i < mlen; i++)
|
||||||
result[result[0] - i] = a[i+2*pqlen-mlen];
|
result[result[0] - i] = a[i+2*pqlen-mlen];
|
||||||
|
while (result[0] > 1 && result[result[0]] == 0) result[0]--;
|
||||||
|
|
||||||
/* Free temporary arrays */
|
/* Free temporary arrays */
|
||||||
for (i = 0; i < 2*pqlen; i++) a[i] = 0; free(a);
|
for (i = 0; i < 2*pqlen; i++) a[i] = 0; free(a);
|
||||||
for (i = 0; i < mlen; i++) m[i] = 0; free(m);
|
for (i = 0; i < mlen; i++) m[i] = 0; free(m);
|
||||||
for (i = 0; i < pqlen; i++) n[i] = 0; free(n);
|
for (i = 0; i < pqlen; i++) n[i] = 0; free(n);
|
||||||
for (i = 0; i < pqlen; i++) o[i] = 0; free(o);
|
for (i = 0; i < pqlen; i++) o[i] = 0; free(o);
|
||||||
|
|
||||||
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
5
sshdh.c
5
sshdh.c
@ -99,8 +99,7 @@ Bignum dh_create_e(void) {
|
|||||||
/*
|
/*
|
||||||
* Done. Now compute e = g^x mod p.
|
* Done. Now compute e = g^x mod p.
|
||||||
*/
|
*/
|
||||||
e = newbn(P[0]);
|
e = modpow(G, x, P);
|
||||||
modpow(G, x, P, e);
|
|
||||||
|
|
||||||
return e;
|
return e;
|
||||||
}
|
}
|
||||||
@ -110,6 +109,6 @@ Bignum dh_create_e(void) {
|
|||||||
*/
|
*/
|
||||||
Bignum dh_find_K(Bignum f) {
|
Bignum dh_find_K(Bignum f) {
|
||||||
Bignum K = newbn(P[0]);
|
Bignum K = newbn(P[0]);
|
||||||
modpow(f, x, P, K);
|
K = modpow(f, x, P);
|
||||||
return K;
|
return K;
|
||||||
}
|
}
|
||||||
|
|||||||
32
sshdss.c
32
sshdss.c
@ -190,7 +190,7 @@ static int dss_verifysig(char *sig, int siglen, char *data, int datalen) {
|
|||||||
char *p;
|
char *p;
|
||||||
int slen;
|
int slen;
|
||||||
char hash[20];
|
char hash[20];
|
||||||
Bignum r, s, w, i1, i2, i3, u1, u2, sha, v;
|
Bignum r, s, w, gu1p, yu2p, gu1yu2p, u1, u2, sha, v;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
if (!dss_p)
|
if (!dss_p)
|
||||||
@ -243,34 +243,28 @@ static int dss_verifysig(char *sig, int siglen, char *data, int datalen) {
|
|||||||
/*
|
/*
|
||||||
* Step 2. u1 <- SHA(message) * w mod q.
|
* Step 2. u1 <- SHA(message) * w mod q.
|
||||||
*/
|
*/
|
||||||
u1 = newbn(dss_q[0]);
|
|
||||||
SHA_Simple(data, datalen, hash);
|
SHA_Simple(data, datalen, hash);
|
||||||
p = hash; slen = 20; sha = get160(&p, &slen);
|
p = hash; slen = 20; sha = get160(&p, &slen);
|
||||||
diagbn("sha=", sha);
|
diagbn("sha=", sha);
|
||||||
modmul(sha, w, dss_q, u1);
|
u1 = modmul(sha, w, dss_q);
|
||||||
diagbn("u1=", u1);
|
diagbn("u1=", u1);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Step 3. u2 <- r * w mod q.
|
* Step 3. u2 <- r * w mod q.
|
||||||
*/
|
*/
|
||||||
u2 = newbn(dss_q[0]);
|
u2 = modmul(r, w, dss_q);
|
||||||
modmul(r, w, dss_q, u2);
|
|
||||||
diagbn("u2=", u2);
|
diagbn("u2=", u2);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Step 4. v <- (g^u1 * y^u2 mod p) mod q.
|
* Step 4. v <- (g^u1 * y^u2 mod p) mod q.
|
||||||
*/
|
*/
|
||||||
i1 = newbn(dss_p[0]);
|
gu1p = modpow(dss_g, u1, dss_p);
|
||||||
i2 = newbn(dss_p[0]);
|
diagbn("gu1p=", gu1p);
|
||||||
i3 = newbn(dss_p[0]);
|
yu2p = modpow(dss_y, u2, dss_p);
|
||||||
v = newbn(dss_q[0]);
|
diagbn("yu2p=", yu2p);
|
||||||
modpow(dss_g, u1, dss_p, i1);
|
gu1yu2p = modmul(gu1p, yu2p, dss_p);
|
||||||
diagbn("gu1p=", i1);
|
diagbn("gu1yu2p=", gu1yu2p);
|
||||||
modpow(dss_y, u2, dss_p, i2);
|
v = modmul(gu1yu2p, One, dss_q);
|
||||||
diagbn("yu2p=", i2);
|
|
||||||
modmul(i1, i2, dss_p, i3);
|
|
||||||
diagbn("gu1yu2p=", i3);
|
|
||||||
modmul(i3, One, dss_q, v);
|
|
||||||
diagbn("gu1yu2q=v=", v);
|
diagbn("gu1yu2q=v=", v);
|
||||||
diagbn("r=", r);
|
diagbn("r=", r);
|
||||||
|
|
||||||
@ -282,9 +276,9 @@ static int dss_verifysig(char *sig, int siglen, char *data, int datalen) {
|
|||||||
|
|
||||||
freebn(w);
|
freebn(w);
|
||||||
freebn(sha);
|
freebn(sha);
|
||||||
freebn(i1);
|
freebn(gu1p);
|
||||||
freebn(i2);
|
freebn(yu2p);
|
||||||
freebn(i3);
|
freebn(gu1yu2p);
|
||||||
freebn(v);
|
freebn(v);
|
||||||
freebn(r);
|
freebn(r);
|
||||||
freebn(s);
|
freebn(s);
|
||||||
|
|||||||
@ -670,8 +670,7 @@ Bignum primegen(int bits, int modulus, int residue,
|
|||||||
/*
|
/*
|
||||||
* Compute w^q mod p.
|
* Compute w^q mod p.
|
||||||
*/
|
*/
|
||||||
wqp = newbn(p[0]);
|
wqp = modpow(w, q, p);
|
||||||
modpow(w, q, p, wqp);
|
|
||||||
freebn(w);
|
freebn(w);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -683,8 +682,7 @@ Bignum primegen(int bits, int modulus, int residue,
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
for (i = 0; i < k; i++) {
|
for (i = 0; i < k; i++) {
|
||||||
wqp2 = newbn(p[0]);
|
wqp2 = modmul(wqp, wqp, p);
|
||||||
modmul(wqp, wqp, p, wqp2);
|
|
||||||
freebn(wqp);
|
freebn(wqp);
|
||||||
wqp = wqp2;
|
wqp = wqp2;
|
||||||
if (bignum_cmp(wqp, One) == 0)
|
if (bignum_cmp(wqp, One) == 0)
|
||||||
|
|||||||
6
sshrsa.c
6
sshrsa.c
@ -65,7 +65,6 @@ void rsaencrypt(unsigned char *data, int length, struct RSAKey *key) {
|
|||||||
w = (key->bytes+1)/2;
|
w = (key->bytes+1)/2;
|
||||||
|
|
||||||
b1 = newbn(w);
|
b1 = newbn(w);
|
||||||
b2 = newbn(w);
|
|
||||||
|
|
||||||
p = data;
|
p = data;
|
||||||
for (i=1; i<=w; i++)
|
for (i=1; i<=w; i++)
|
||||||
@ -78,7 +77,7 @@ void rsaencrypt(unsigned char *data, int length, struct RSAKey *key) {
|
|||||||
b1[1+i/2] |= byte;
|
b1[1+i/2] |= byte;
|
||||||
}
|
}
|
||||||
|
|
||||||
modpow(b1, key->exponent, key->modulus, b2);
|
b2 = modpow(b1, key->exponent, key->modulus);
|
||||||
|
|
||||||
p = data;
|
p = data;
|
||||||
for (i=key->bytes; i-- ;) {
|
for (i=key->bytes; i-- ;) {
|
||||||
@ -96,8 +95,7 @@ void rsaencrypt(unsigned char *data, int length, struct RSAKey *key) {
|
|||||||
|
|
||||||
Bignum rsadecrypt(Bignum input, struct RSAKey *key) {
|
Bignum rsadecrypt(Bignum input, struct RSAKey *key) {
|
||||||
Bignum ret;
|
Bignum ret;
|
||||||
ret = newbn(key->modulus[0]);
|
ret = modpow(input, key->private_exponent, key->modulus);
|
||||||
modpow(input, key->private_exponent, key->modulus, ret);
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user