[svn] gcry - r1102 - trunk/cipher

svn author wk cvs at cvs.gnupg.org
Mon Aug 22 11:30:27 CEST 2005 

Author: wk
Date: 2005-08-22 11:30:25 +0200 (Mon, 22 Aug 2005)
New Revision: 1102

Modified:
   trunk/cipher/ChangeLog
   trunk/cipher/primegen.c
Log:
Made gcry_prime_check more robust (and slower).

Modified: trunk/cipher/ChangeLog
===================================================================
--- trunk/cipher/ChangeLog	2005-08-19 07:58:27 UTC (rev 1101)
+++ trunk/cipher/ChangeLog	2005-08-22 09:30:25 UTC (rev 1102)
@@ -1,3 +1,11 @@
+2005-08-22  Werner Koch  <wk at g10code.com>
+
+	* primegen.c (check_prime): New arg RM_ROUNDS.
+	(prime_generate_internal): Call it here with 5 rounds as used
+	before.
+	(gcry_prime_check): But here with 64 rounds.
+	(is_prime): Make sure never to use less than 5 rounds.
+
 2005-04-16  Moritz Schulte  <moritz at g10code.com>
 
 	* ac.c (_gcry_ac_init): New function.

Modified: trunk/cipher/primegen.c
===================================================================
--- trunk/cipher/primegen.c	2005-08-19 07:58:27 UTC (rev 1101)
+++ trunk/cipher/primegen.c	2005-08-22 09:30:25 UTC (rev 1102)
@@ -39,7 +39,7 @@
 static gcry_mpi_t gen_prime (unsigned int nbits, int secret, int randomlevel, 
                              int (*extra_check)(void *, gcry_mpi_t),
                              void *extra_check_arg);
-static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2,
+static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds,
                         gcry_prime_check_func_t cb_func, void *cb_arg );
 static int is_prime( gcry_mpi_t n, int steps, int *count );
 static void m_out_of_n( char *array, int m, int n );
@@ -372,7 +372,8 @@
 	else
 	  count2 = 0;
     }
-  while (! ((nprime == pbits) && check_prime (prime, val_2, cb_func, cb_arg)));
+  while (! ((nprime == pbits) && check_prime (prime, val_2, 5,
+                                              cb_func, cb_arg)));
 
   if (DBG_CIPHER)
     {
@@ -637,9 +638,10 @@
 
 /****************
  * Returns: true if this may be a prime
+ * RM_ROUNDS gives the number of Rabin-Miller tests to run.
  */
 static int
-check_prime( gcry_mpi_t prime, gcry_mpi_t val_2,
+check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds,
              gcry_prime_check_func_t cb_func, void *cb_arg)
 {
   int i;
@@ -673,7 +675,7 @@
   if (!cb_func || cb_func (cb_arg, GCRY_PRIME_CHECK_AT_MAYBE_PRIME, prime))
     {
       /* Perform stronger tests. */
-      if ( is_prime( prime, 5, &count ) )
+      if ( is_prime( prime, rm_rounds, &count ) )
         {
           if (!cb_func
               || cb_func (cb_arg, GCRY_PRIME_CHECK_AT_GOT_PRIME, prime))
@@ -701,6 +703,9 @@
   int rc = 0;
   unsigned nbits = mpi_get_nbits( n );
 
+  if (steps < 5) /* Make sure that we do at least 5 rounds. */
+    steps = 5; 
+
   mpi_sub_ui( nminus1, n, 1 );
 
   /* Find q and k, so that n = 1 + 2^k * q . */
@@ -935,7 +940,9 @@
   gcry_err_code_t err = GPG_ERR_NO_ERROR;
   gcry_mpi_t val_2 = mpi_alloc_set_ui (2); /* Used by the Fermat test. */
 
-  if (! check_prime (x, val_2, NULL, NULL))
+  /* We use 64 rounds because the prime we are going to test is not
+     guaranteed to be a random one. */
+  if (! check_prime (x, val_2, 64, NULL, NULL))
     err = GPG_ERR_NO_PRIME;
 
   mpi_free (val_2);

More information about the Gnupg-commits mailing list