Loading CHANGES +26 −1 Original line number Diff line number Diff line OpenSSL CHANGES _______________ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] *) New function BN_swap. [Bodo Moeller] *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that the exponentiation functions are more likely to produce reasonable results on negative inputs. [Bodo Moeller] *) Change BN_mod_mul so that the result is always non-negative. Previously, it could be negative if one of the factors was negative; I don't think anyone really wanted that behaviour. [Bodo Moeller] *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c (except for exponentation, which stays in crypto/bn/bn_exp.c, and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c) and add new functions: BN_nnmod BN_mod_sqr BN_mod_add BN_mod_sub These functions always generate non-negative results. BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r such that |m| < r < 0, BN_nnmod will output rem + |m| instead). [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there was actually never needed) and in BN_mul(). The removal in BN_mul() required a small change in bn_mul_part_recursive() and the addition Loading TABLE +13 −13 Original line number Diff line number Diff line Loading @@ -846,20 +846,20 @@ $cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO $unistd = $thread_cflag = -D_REENTRANT $lflags = -ldl $bn_ops = $bn_obj = $des_obj = $bf_obj = $md5_obj = $sha1_obj = $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT $bn_obj = asm/bn86-elf.o asm/co86-elf.o $des_obj = asm/dx86-elf.o asm/yx86-elf.o $bf_obj = asm/bx86-elf.o $md5_obj = asm/mx86-elf.o $sha1_obj = asm/sx86-elf.o $cast_obj = asm/cx86-elf.o $rc4_obj = asm/rx86-elf.o $rmd160_obj = asm/rm86-elf.o $rc5_obj = asm/r586-elf.o $dso_scheme = dlfcn $shared_target= $shared_cflag = $shared_extension = $shared_target= linux-shared $shared_cflag = -fPIC $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** debug-linux-elf $cc = gcc Loading crypto/bn/Makefile.ssl +9 −2 Original line number Diff line number Diff line Loading @@ -35,12 +35,12 @@ TEST=bntest.c exptest.c APPS= LIB=$(TOP)/libcrypto.a LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \ bn_mpi.c bn_exp2.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o \ LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \ bn_mpi.o bn_exp2.o Loading Loading @@ -237,6 +237,13 @@ bn_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mod.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h bn_mod.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_mod.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h Loading crypto/bn/bn.h +9 −11 Original line number Diff line number Diff line Loading @@ -75,8 +75,6 @@ extern "C" { #define BN_MUL_COMBA #define BN_SQR_COMBA #define BN_RECURSION #define RECP_MUL_MOD #define MONT_MUL_MOD /* This next option uses the C libraries (2 word)/(1 word) function. * If it is not defined, I use my C version (which is slower). Loading Loading @@ -284,9 +282,6 @@ typedef struct bn_recp_ctx_st int flags; } BN_RECP_CTX; #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ r,a,&((mont)->RR),(mont),ctx) #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ Loading Loading @@ -335,6 +330,7 @@ BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); void BN_swap(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(const BIGNUM *a, unsigned char *to); BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret); Loading @@ -343,11 +339,14 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); #define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) int BN_nnmod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); int BN_mul_word(BIGNUM *a, BN_ULONG w); Loading @@ -373,8 +372,6 @@ int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx); int BN_mask_bits(BIGNUM *a,int n); int BN_mod_mul(BIGNUM *ret, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); #ifndef NO_FP_API int BN_print_fp(FILE *fp, const BIGNUM *a); #endif Loading Loading @@ -413,6 +410,8 @@ BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx); #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ (r),(a),&((mont)->RR),(mont),(ctx)) int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); Loading Loading @@ -518,4 +517,3 @@ void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); } #endif #endif crypto/bn/bn_div.c +11 −38 Original line number Diff line number Diff line Loading @@ -61,6 +61,7 @@ #include "cryptlib.h" #include "bn_lcl.h" /* The old slow way */ #if 0 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, Loading Loading @@ -152,6 +153,14 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, # endif /* __GNUC__ */ #endif /* NO_ASM */ /* BN_div computes dv := num / divisor, rounding towards zero, and sets up * rm such that dv*divisor + rm = num holds. * Thus: * dv->neg == num->neg ^ divisor->neg (unless the result is zero) * rm->neg == num->neg (unless the remainder is zero) * If 'dv' or 'rm' is NULL, the respective value is not returned. */ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX *ctx) { Loading Loading @@ -331,6 +340,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (rm != NULL) { BN_rshift(rm,snum,norm_shift); if (!BN_is_zero(rm)) rm->neg = num->neg; } BN_CTX_end(ctx); Loading @@ -341,40 +351,3 @@ err: } #endif /* rem != m */ int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) { #if 0 /* The old slow way */ int i,nm,nd; BIGNUM *dv; if (BN_ucmp(m,d) < 0) return((BN_copy(rem,m) == NULL)?0:1); BN_CTX_start(ctx); dv=BN_CTX_get(ctx); if (!BN_copy(rem,m)) goto err; nm=BN_num_bits(rem); nd=BN_num_bits(d); if (!BN_lshift(dv,d,nm-nd)) goto err; for (i=nm-nd; i>=0; i--) { if (BN_cmp(rem,dv) >= 0) { if (!BN_sub(rem,rem,dv)) goto err; } if (!BN_rshift1(dv,dv)) goto err; } BN_CTX_end(ctx); return(1); err: BN_CTX_end(ctx); return(0); #else return(BN_div(NULL,rem,m,d,ctx)); #endif } Loading
CHANGES +26 −1 Original line number Diff line number Diff line OpenSSL CHANGES _______________ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] *) New function BN_swap. [Bodo Moeller] *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that the exponentiation functions are more likely to produce reasonable results on negative inputs. [Bodo Moeller] *) Change BN_mod_mul so that the result is always non-negative. Previously, it could be negative if one of the factors was negative; I don't think anyone really wanted that behaviour. [Bodo Moeller] *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c (except for exponentation, which stays in crypto/bn/bn_exp.c, and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c) and add new functions: BN_nnmod BN_mod_sqr BN_mod_add BN_mod_sub These functions always generate non-negative results. BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder r such that |m| < r < 0, BN_nnmod will output rem + |m| instead). [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller] *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there was actually never needed) and in BN_mul(). The removal in BN_mul() required a small change in bn_mul_part_recursive() and the addition Loading
TABLE +13 −13 Original line number Diff line number Diff line Loading @@ -846,20 +846,20 @@ $cflags = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO $unistd = $thread_cflag = -D_REENTRANT $lflags = -ldl $bn_ops = $bn_obj = $des_obj = $bf_obj = $md5_obj = $sha1_obj = $cast_obj = $rc4_obj = $rmd160_obj = $rc5_obj = $bn_ops = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT $bn_obj = asm/bn86-elf.o asm/co86-elf.o $des_obj = asm/dx86-elf.o asm/yx86-elf.o $bf_obj = asm/bx86-elf.o $md5_obj = asm/mx86-elf.o $sha1_obj = asm/sx86-elf.o $cast_obj = asm/cx86-elf.o $rc4_obj = asm/rx86-elf.o $rmd160_obj = asm/rm86-elf.o $rc5_obj = asm/r586-elf.o $dso_scheme = dlfcn $shared_target= $shared_cflag = $shared_extension = $shared_target= linux-shared $shared_cflag = -fPIC $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR) *** debug-linux-elf $cc = gcc Loading
crypto/bn/Makefile.ssl +9 −2 Original line number Diff line number Diff line Loading @@ -35,12 +35,12 @@ TEST=bntest.c exptest.c APPS= LIB=$(TOP)/libcrypto.a LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c \ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \ bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \ bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c bn_recp.c bn_mont.c \ bn_mpi.c bn_exp2.c LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o \ LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \ bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \ bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) bn_recp.o bn_mont.o \ bn_mpi.o bn_exp2.o Loading Loading @@ -237,6 +237,13 @@ bn_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mod.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h bn_mod.o: ../../include/openssl/err.h ../../include/openssl/lhash.h bn_mod.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.o: ../../include/openssl/bio.h ../../include/openssl/bn.h bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h bn_mont.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h Loading
crypto/bn/bn.h +9 −11 Original line number Diff line number Diff line Loading @@ -75,8 +75,6 @@ extern "C" { #define BN_MUL_COMBA #define BN_SQR_COMBA #define BN_RECURSION #define RECP_MUL_MOD #define MONT_MUL_MOD /* This next option uses the C libraries (2 word)/(1 word) function. * If it is not defined, I use my C version (which is slower). Loading Loading @@ -284,9 +282,6 @@ typedef struct bn_recp_ctx_st int flags; } BN_RECP_CTX; #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ r,a,&((mont)->RR),(mont),ctx) #define BN_prime_checks 0 /* default: select number of iterations based on the size of the number */ Loading Loading @@ -335,6 +330,7 @@ BIGNUM *BN_new(void); void BN_init(BIGNUM *); void BN_clear_free(BIGNUM *a); BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); void BN_swap(BIGNUM *a, BIGNUM *b); BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); int BN_bn2bin(const BIGNUM *a, unsigned char *to); BIGNUM *BN_mpi2bn(const unsigned char *s,int len,BIGNUM *ret); Loading @@ -343,11 +339,14 @@ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); int BN_sqr(BIGNUM *r, const BIGNUM *a,BN_CTX *ctx); int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); #define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx)) int BN_nnmod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); int BN_mod_mul(BIGNUM *ret, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); int BN_mul_word(BIGNUM *a, BN_ULONG w); Loading @@ -373,8 +372,6 @@ int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1, int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,BN_CTX *ctx); int BN_mask_bits(BIGNUM *a,int n); int BN_mod_mul(BIGNUM *ret, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); #ifndef NO_FP_API int BN_print_fp(FILE *fp, const BIGNUM *a); #endif Loading Loading @@ -413,6 +410,8 @@ BN_MONT_CTX *BN_MONT_CTX_new(void ); void BN_MONT_CTX_init(BN_MONT_CTX *ctx); int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b, BN_MONT_CTX *mont, BN_CTX *ctx); #define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ (r),(a),&((mont)->RR),(mont),(ctx)) int BN_from_montgomery(BIGNUM *r,const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx); void BN_MONT_CTX_free(BN_MONT_CTX *mont); Loading Loading @@ -518,4 +517,3 @@ void bn_dump1(FILE *o, const char *a, const BN_ULONG *b,int n); } #endif #endif
crypto/bn/bn_div.c +11 −38 Original line number Diff line number Diff line Loading @@ -61,6 +61,7 @@ #include "cryptlib.h" #include "bn_lcl.h" /* The old slow way */ #if 0 int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, Loading Loading @@ -152,6 +153,14 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, # endif /* __GNUC__ */ #endif /* NO_ASM */ /* BN_div computes dv := num / divisor, rounding towards zero, and sets up * rm such that dv*divisor + rm = num holds. * Thus: * dv->neg == num->neg ^ divisor->neg (unless the result is zero) * rm->neg == num->neg (unless the remainder is zero) * If 'dv' or 'rm' is NULL, the respective value is not returned. */ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, BN_CTX *ctx) { Loading Loading @@ -331,6 +340,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, if (rm != NULL) { BN_rshift(rm,snum,norm_shift); if (!BN_is_zero(rm)) rm->neg = num->neg; } BN_CTX_end(ctx); Loading @@ -341,40 +351,3 @@ err: } #endif /* rem != m */ int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) { #if 0 /* The old slow way */ int i,nm,nd; BIGNUM *dv; if (BN_ucmp(m,d) < 0) return((BN_copy(rem,m) == NULL)?0:1); BN_CTX_start(ctx); dv=BN_CTX_get(ctx); if (!BN_copy(rem,m)) goto err; nm=BN_num_bits(rem); nd=BN_num_bits(d); if (!BN_lshift(dv,d,nm-nd)) goto err; for (i=nm-nd; i>=0; i--) { if (BN_cmp(rem,dv) >= 0) { if (!BN_sub(rem,rem,dv)) goto err; } if (!BN_rshift1(dv,dv)) goto err; } BN_CTX_end(ctx); return(1); err: BN_CTX_end(ctx); return(0); #else return(BN_div(NULL,rem,m,d,ctx)); #endif }
