mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-24 16:52:24 +00:00
18fd47b618
Conveniently checkable certificates of primality aren't a new concept. I didn't invent them, and I wasn't the first to implement them. Given that, I thought it might be useful to be able to independently verify a prime generated by PuTTY's provable prime system. Then, even if you don't trust _this_ code, you might still trust someone else's verifier, or at least be less willing to believe that both were colluding. The Perl module Math::Prime::Util is the only free software I've found that defines a specific text-file format for certificates of primality. The MPU format (as it calls it) supports various different methods of certifying the primality of a number (most of which, like Pockle's, depend on having previously proved some smaller number(s) to be prime). The system implemented by Pockle is on its list: MPU calls it by the name "BLS5". So this commit introduces extra stored data inside Pockle so that it remembers not just _that_ it believes certain numbers to be prime, but also _why_ it believed each one to be prime. Then there's an extra method in the Pockle API to translate its internal data structures into the text of an MPU certificate for any number it knows about. Math::Prime::Util doesn't come with a command-line verification tool, unfortunately; only a Perl function which you feed a string argument. So also in this commit I add test/mpu-check.pl, which is a trivial command-line client of that function. At the moment, this new piece of API is only exposed via testcrypt. I could easily put some user interface into the key generation tools that would save a few primality certificates alongside the private key, but I have yet to think of any good reason to do it. Mostly this facility is intended for debugging and cross-checking of the _algorithm_, not of any particular prime.
20 lines
432 B
Perl
Executable File
20 lines
432 B
Perl
Executable File
#!/usr/bin/perl
|
|
|
|
# Trivial command-line client for the function
|
|
# Math::Prime::Util::verify_prime, which checks a certificate of
|
|
# primality in MPU format.
|
|
|
|
use strict;
|
|
use warnings;
|
|
use Math::Prime::Util;
|
|
|
|
Math::Prime::Util::prime_set_config(verbose => 1);
|
|
|
|
my $cert = "";
|
|
$cert .= $_ while <<>>;
|
|
|
|
my $success = Math::Prime::Util::verify_prime($cert);
|
|
|
|
die "verification failed\n" unless $success;
|
|
warn "verification succeeded\n";
|