[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-222-g49d5b9d
by Werner Koch
cvs at cvs.gnupg.org
Sat Sep 7 10:49:02 CEST 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 49d5b9dcd622cdc87fb02a211bd51e3d46345bf2 (commit)
via 4d8c8c7aa88cddb1624301957e6245405f46d027 (commit)
via ddfefe429660cc5d798f3517208936449247ae5c (commit)
via 1bd2c67aa55b40589654d3fa5dea05cf1ed7dc5f (commit)
from 4e4440153258e2f0dfdcaa8443820af06984ecb1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 49d5b9dcd622cdc87fb02a211bd51e3d46345bf2
Author: Werner Koch <wk at gnupg.org>
Date: Sat Sep 7 09:50:44 2013 +0200
Add configure option --disable-amd64-as-feature-detection.
* configure.ac: Implement new disable flag.
--
Doing a static build of Libgcrypt currently throws an as error on my
box. Adding this configure option as a workaround
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/configure.ac b/configure.ac
index 993577b..8deb448 100644
--- a/configure.ac
+++ b/configure.ac
@@ -613,6 +613,14 @@ AC_ARG_ENABLE([O-flag-munging],
AC_MSG_RESULT($enable_o_flag_munging)
AM_CONDITIONAL(ENABLE_O_FLAG_MUNGING, test "$enable_o_flag_munging" = "yes")
+# Implementation of the --disable-amd64-as-feature-detection switch.
+AC_MSG_CHECKING([whether to enable AMD64 as(1) feature detection])
+AC_ARG_ENABLE(amd64-as-feature-detection,
+ AC_HELP_STRING([--disable-amd64-as-feature-detection],
+ [Disable the auto-detection of AMD64 as(1) features]),
+ amd64_as_feature_detection=$enableval,
+ amd64_as_feature_detection=yes)
+AC_MSG_RESULT($amd64_as_feature_detection)
AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME",
@@ -964,7 +972,8 @@ fi
# Check whether GCC assembler supports features needed for our amd64
# implementations
#
-AC_CACHE_CHECK([whether GCC assembler is compatible for amd64 assembly implementations],
+if test $amd64_as_feature_detection = yes; then
+ AC_CACHE_CHECK([whether GCC assembler is compatible for amd64 assembly implementations],
[gcry_cv_gcc_amd64_platform_as_ok],
[gcry_cv_gcc_amd64_platform_as_ok=no
AC_COMPILE_IFELSE([AC_LANG_SOURCE(
@@ -984,9 +993,10 @@ AC_CACHE_CHECK([whether GCC assembler is compatible for amd64 assembly implement
".type asmfunc, at function;\n\t"
);]])],
[gcry_cv_gcc_amd64_platform_as_ok=yes])])
-if test "$gcry_cv_gcc_amd64_platform_as_ok" = "yes" ; then
- AC_DEFINE(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS,1,
- [Defined if underlying assembler is compatible with amd64 assembly implementations])
+ if test "$gcry_cv_gcc_amd64_platform_as_ok" = "yes" ; then
+ AC_DEFINE(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS,1,
+ [Defined if underlying assembler is compatible with amd64 assembly implementations])
+ fi
fi
commit 4d8c8c7aa88cddb1624301957e6245405f46d027
Author: Werner Koch <wk at gnupg.org>
Date: Sat Sep 7 10:06:46 2013 +0200
mpi: Improve support for non-Weierstrass support.
* mpi/ec.c (ec_p_init): Add args MODEL and P. Change all callers.
(_gcry_mpi_ec_p_internal_new): Ditto.
(_gcry_mpi_ec_p_new): Ditto.
* cipher/ecc-curves.c (_gcry_ecc_fill_in_curve): Return
GPG_ERR_UNKNOWN_CURVE instead of invalid value. Init curve model.
* cipher/ecc.c (ecc_verify, ecc_encrypt_raw): Ditto.
* cipher/pubkey.c (sexp_data_to_mpi): Fix EDDSA flag error checking.
--
(fixes commit c26be7a337d0bf98193bc58e043209e46d0769bb)
diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
index e956dad..89a4d87 100644
--- a/cipher/ecc-curves.c
+++ b/cipher/ecc-curves.c
@@ -312,29 +312,30 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name,
break;
}
if (!domain_parms[idx].desc)
- return GPG_ERR_INV_VALUE;
+ return GPG_ERR_UNKNOWN_CURVE;
/* In fips mode we only support NIST curves. Note that it is
possible to bypass this check by specifying the curve parameters
directly. */
if (fips_mode () && !domain_parms[idx].fips )
-
return GPG_ERR_NOT_SUPPORTED;
switch (domain_parms[idx].model)
{
case MPI_EC_WEIERSTRASS:
- break;
case MPI_EC_TWISTEDEDWARDS:
+ break;
case MPI_EC_MONTGOMERY:
return GPG_ERR_NOT_SUPPORTED;
default:
return GPG_ERR_BUG;
}
+
if (r_nbits)
*r_nbits = domain_parms[idx].nbits;
+ curve->model = domain_parms[idx].model;
curve->p = scanval (domain_parms[idx].p);
curve->a = scanval (domain_parms[idx].a);
curve->b = scanval (domain_parms[idx].b);
@@ -547,6 +548,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
{
gpg_err_code_t errc;
gcry_ctx_t ctx = NULL;
+ enum gcry_mpi_ec_models model = MPI_EC_WEIERSTRASS;
gcry_mpi_t p = NULL;
gcry_mpi_t a = NULL;
gcry_mpi_t b = NULL;
@@ -626,6 +628,8 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
goto leave;
}
+ model = E->model;
+
if (!p)
{
p = E->p;
@@ -657,7 +661,7 @@ _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
gcry_free (E);
}
- errc = _gcry_mpi_ec_p_new (&ctx, p, a);
+ errc = _gcry_mpi_ec_p_new (&ctx, model, p, a, b);
if (!errc)
{
mpi_ec_t ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC);
@@ -719,7 +723,7 @@ _gcry_ecc_get_param (const char *name, gcry_mpi_t *pkey)
g_x = mpi_new (0);
g_y = mpi_new (0);
- ctx = _gcry_mpi_ec_p_internal_new (E.p, E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (0, E.p, E.a, NULL);
if (_gcry_mpi_ec_get_affine (g_x, g_y, &E.G, ctx))
log_fatal ("ecc get param: Failed to get affine coordinates\n");
_gcry_mpi_ec_free (ctx);
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 5c86121..6c34902 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -53,6 +53,7 @@ _gcry_ecc_curve_copy (elliptic_curve_t E)
{
elliptic_curve_t R;
+ R.model = E.model;
R.p = mpi_copy (E.p);
R.a = mpi_copy (E.a);
R.b = mpi_copy (E.b);
diff --git a/cipher/ecc.c b/cipher/ecc.c
index 0cb279f..9d318cc 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -174,10 +174,11 @@ generate_key (ECC_secret_key *sk, unsigned int nbits, const char *name,
/* Compute Q. */
point_init (&Q);
- ctx = _gcry_mpi_ec_p_internal_new (E.p, E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (E.model, E.p, E.a, E.b);
_gcry_mpi_ec_mul_point (&Q, sk->d, &E.G, ctx);
/* Copy the stuff to the key structures. */
+ sk->E.model = E.model;
sk->E.p = mpi_copy (E.p);
sk->E.a = mpi_copy (E.a);
sk->E.b = mpi_copy (E.b);
@@ -343,7 +344,7 @@ check_secret_key (ECC_secret_key * sk)
goto leave;
}
- ctx = _gcry_mpi_ec_p_internal_new (sk->E.p, sk->E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (sk->E.model, sk->E.p, sk->E.a, sk->E.b);
_gcry_mpi_ec_mul_point (&Q, sk->E.n, &sk->E.G, ctx);
if (mpi_cmp_ui (Q.z, 0))
@@ -457,7 +458,8 @@ sign_ecdsa (gcry_mpi_t input, ECC_secret_key *skey, gcry_mpi_t r, gcry_mpi_t s,
mpi_set_ui (s, 0);
mpi_set_ui (r, 0);
- ctx = _gcry_mpi_ec_p_internal_new (skey->E.p, skey->E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (skey->E.model,
+ skey->E.p, skey->E.a, skey->E.b);
while (!mpi_cmp_ui (s, 0)) /* s == 0 */
{
@@ -556,7 +558,8 @@ verify_ecdsa (gcry_mpi_t input, ECC_public_key *pkey,
point_init (&Q1);
point_init (&Q2);
- ctx = _gcry_mpi_ec_p_internal_new (pkey->E.p, pkey->E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (pkey->E.model,
+ pkey->E.p, pkey->E.a, pkey->E.b);
/* h = s^(-1) (mod n) */
mpi_invm (h, s, pkey->E.n);
@@ -786,6 +789,7 @@ ecc_check_secret_key (int algo, gcry_mpi_t *skey)
|| !skey[6])
return GPG_ERR_BAD_MPI;
+ sk.E.model = MPI_EC_WEIERSTRASS;
sk.E.p = skey[0];
sk.E.a = skey[1];
sk.E.b = skey[2];
@@ -833,6 +837,9 @@ ecc_sign (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, gcry_mpi_t *skey,
|| !skey[6] )
return GPG_ERR_BAD_MPI;
+ sk.E.model = ((flags & PUBKEY_FLAG_EDDSA)
+ ? MPI_EC_TWISTEDEDWARDS
+ : MPI_EC_WEIERSTRASS);
sk.E.p = skey[0];
sk.E.a = skey[1];
sk.E.b = skey[2];
@@ -880,6 +887,9 @@ ecc_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey,
|| !pkey[3] || !pkey[4] || !pkey[5] )
return GPG_ERR_BAD_MPI;
+ pk.E.model = ((flags & PUBKEY_FLAG_EDDSA)
+ ? MPI_EC_TWISTEDEDWARDS
+ : MPI_EC_WEIERSTRASS);
pk.E.p = pkey[0];
pk.E.a = pkey[1];
pk.E.b = pkey[2];
@@ -976,6 +986,7 @@ ecc_encrypt_raw (int algo, gcry_mpi_t *resarr, gcry_mpi_t k,
|| !pkey[0] || !pkey[1] || !pkey[2] || !pkey[3] || !pkey[4] || !pkey[5])
return GPG_ERR_BAD_MPI;
+ pk.E.model = MPI_EC_WEIERSTRASS;
pk.E.p = pkey[0];
pk.E.a = pkey[1];
pk.E.b = pkey[2];
@@ -996,7 +1007,7 @@ ecc_encrypt_raw (int algo, gcry_mpi_t *resarr, gcry_mpi_t k,
return err;
}
- ctx = _gcry_mpi_ec_p_internal_new (pk.E.p, pk.E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (pk.E.model, pk.E.p, pk.E.a, pk.E.b);
/* The following is false: assert( mpi_cmp_ui( R.x, 1 )==0 );, so */
{
@@ -1084,7 +1095,7 @@ ecc_decrypt_raw (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
return err;
}
-
+ sk.E.model = MPI_EC_WEIERSTRASS;
sk.E.p = skey[0];
sk.E.a = skey[1];
sk.E.b = skey[2];
@@ -1108,7 +1119,7 @@ ecc_decrypt_raw (int algo, gcry_mpi_t *result, gcry_mpi_t *data,
}
sk.d = skey[6];
- ctx = _gcry_mpi_ec_p_internal_new (sk.E.p, sk.E.a);
+ ctx = _gcry_mpi_ec_p_internal_new (sk.E.model, sk.E.p, sk.E.a, sk.E.b);
/* R = dkG */
point_init (&R);
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index fb8de14..141d656 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -2588,7 +2588,7 @@ sexp_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
void *value;
size_t valuelen;
- if (lvalue)
+ if (!lvalue)
{
rc = GPG_ERR_INV_OBJ;
goto leave;
diff --git a/mpi/ec.c b/mpi/ec.c
index 7da2e3b..049afa9 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -386,14 +386,18 @@ ec_get_two_inv_p (mpi_ec_t ec)
field GF(p). P is the prime specifying this field, A is the first
coefficient. CTX is expected to be zeroized. */
static void
-ec_p_init (mpi_ec_t ctx, gcry_mpi_t p, gcry_mpi_t a)
+ec_p_init (mpi_ec_t ctx, enum gcry_mpi_ec_models model,
+ gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
{
int i;
/* Fixme: Do we want to check some constraints? e.g. a < p */
+ ctx->model = model;
ctx->p = mpi_copy (p);
ctx->a = mpi_copy (a);
+ if (b && model == MPI_EC_TWISTEDEDWARDS)
+ ctx->b = mpi_copy (b);
ec_get_reset (ctx);
@@ -461,41 +465,35 @@ ec_deinit (void *opaque)
/* This function returns a new context for elliptic curve based on the
field GF(p). P is the prime specifying this field, A is the first
- coefficient. This function is only used within Libgcrypt and not
+ coefficient, B is the second coefficient, and MODEL is the model
+ for the curve. This function is only used within Libgcrypt and not
part of the public API.
This context needs to be released using _gcry_mpi_ec_free. */
mpi_ec_t
-_gcry_mpi_ec_p_internal_new (gcry_mpi_t p, gcry_mpi_t a)
+_gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model,
+ gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
{
mpi_ec_t ctx;
ctx = gcry_xcalloc (1, sizeof *ctx);
- ec_p_init (ctx, p, a);
+ ec_p_init (ctx, model, p, a, b);
return ctx;
}
-void
-_gcry_mpi_ec_free (mpi_ec_t ctx)
-{
- if (ctx)
- {
- ec_deinit (ctx);
- gcry_free (ctx);
- }
-}
+/* This is a variant of _gcry_mpi_ec_p_internal_new which returns an
+ public contect and does some error checking on the supplied
+ arguments. On success the new context is stored at R_CTX and 0 is
+ returned; on error NULL is stored at R_CTX and an error code is
+ returned.
-
-/* This function returns a new context for elliptic curve operations
- based on the field GF(p). P is the prime specifying this field, A
- is the first coefficient. On success the new context is stored at
- R_CTX and 0 is returned; on error NULL is stored at R_CTX and an
- error code is returned. The context needs to be released using
- gcry_ctx_release. This is an internal fucntions. */
+ The context needs to be released using gcry_ctx_release. */
gpg_err_code_t
-_gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, gcry_mpi_t p, gcry_mpi_t a)
+_gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx,
+ enum gcry_mpi_ec_models model,
+ gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b)
{
gcry_ctx_t ctx;
mpi_ec_t ec;
@@ -508,12 +506,24 @@ _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx, gcry_mpi_t p, gcry_mpi_t a)
if (!ctx)
return gpg_err_code_from_syserror ();
ec = _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC);
- ec_p_init (ec, p, a);
+ ec_p_init (ec, model, p, a, b);
*r_ctx = ctx;
return 0;
}
+
+void
+_gcry_mpi_ec_free (mpi_ec_t ctx)
+{
+ if (ctx)
+ {
+ ec_deinit (ctx);
+ gcry_free (ctx);
+ }
+}
+
+
gcry_mpi_t
_gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy)
{
@@ -772,6 +782,9 @@ dup_point_weierstrass (mpi_point_t result, mpi_point_t point, mpi_ec_t ctx)
static void
dup_point_montgomery (mpi_point_t result, mpi_point_t point, mpi_ec_t ctx)
{
+ (void)result;
+ (void)point;
+ (void)ctx;
log_fatal ("%s: %s not yet supported\n",
"_gcry_mpi_ec_dup_point", "Montgomery");
}
@@ -953,6 +966,10 @@ add_points_montgomery (mpi_point_t result,
mpi_point_t p1, mpi_point_t p2,
mpi_ec_t ctx)
{
+ (void)result;
+ (void)p1;
+ (void)p2;
+ (void)ctx;
log_fatal ("%s: %s not yet supported\n",
"_gcry_mpi_ec_add_points", "Montgomery");
}
diff --git a/src/mpi.h b/src/mpi.h
index 09ba717..6406112 100644
--- a/src/mpi.h
+++ b/src/mpi.h
@@ -291,8 +291,13 @@ enum gcry_mpi_ec_models
struct mpi_ec_ctx_s;
typedef struct mpi_ec_ctx_s *mpi_ec_t;
-mpi_ec_t _gcry_mpi_ec_p_internal_new (gcry_mpi_t p, gcry_mpi_t a);
+mpi_ec_t _gcry_mpi_ec_p_internal_new (enum gcry_mpi_ec_models model,
+ gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b);
+gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx,
+ enum gcry_mpi_ec_models model,
+ gcry_mpi_t p, gcry_mpi_t a, gcry_mpi_t b);
void _gcry_mpi_ec_free (mpi_ec_t ctx);
+
int _gcry_mpi_ec_get_affine (gcry_mpi_t x, gcry_mpi_t y, mpi_point_t point,
mpi_ec_t ctx);
void _gcry_mpi_ec_dup_point (mpi_point_t result,
@@ -303,11 +308,10 @@ void _gcry_mpi_ec_add_points (mpi_point_t result,
void _gcry_mpi_ec_mul_point (mpi_point_t result,
gcry_mpi_t scalar, mpi_point_t point,
mpi_ec_t ctx);
+int _gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx);
gcry_mpi_t _gcry_mpi_ec_ec2os (gcry_mpi_point_t point, mpi_ec_t ectx);
-gpg_err_code_t _gcry_mpi_ec_p_new (gcry_ctx_t *r_ctx,
- gcry_mpi_t p, gcry_mpi_t a);
gpg_err_code_t _gcry_mpi_ec_new (gcry_ctx_t *r_ctx,
gcry_sexp_t keyparam, const char *curvename);
gcry_mpi_t _gcry_mpi_ec_get_mpi (const char *name, gcry_ctx_t ctx, int copy);
commit ddfefe429660cc5d798f3517208936449247ae5c
Author: Werner Koch <wk at gnupg.org>
Date: Fri Sep 6 20:07:07 2013 +0200
mpi: Add gcry_mpi_ec_curve_point.
* mpi/ec.c (_gcry_mpi_ec_curve_point): New.
(ec_powm): Return the absolute value.
* src/visibility.c, src/visibility.c: Add wrappers.
* src/libgcrypt.def, src/libgcrypt.vers: Export them.
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index ba9bb02..d187de9 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -4197,6 +4197,13 @@ Multiply the point @var{u} of the elliptic curve described by
@var{ctx} by @var{n} and store the result into @var{w}.
@end deftypefun
+ at deftypefun int gcry_mpi_ec_curve_point ( @
+ @w{gcry_mpi_point_t @var{point}}, @w{gcry_ctx_t @var{ctx}})
+
+Return true if @var{point} is on the elliptic curve described by
+ at var{ctx}.
+ at end deftypefun
+
@node Miscellaneous
@section Miscellaneous
diff --git a/mpi/ec.c b/mpi/ec.c
index 478416f..7da2e3b 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -328,6 +328,7 @@ ec_powm (gcry_mpi_t w, const gcry_mpi_t b, const gcry_mpi_t e,
mpi_ec_t ctx)
{
mpi_powm (w, b, e, ctx->p);
+ _gcry_mpi_abs (w);
}
static void
@@ -1104,3 +1105,52 @@ _gcry_mpi_ec_mul_point (mpi_point_t result,
mpi_free (k);
#endif
}
+
+
+/* Return true if POINT is on the curve described by CTX. */
+int
+_gcry_mpi_ec_curve_point (gcry_mpi_point_t point, mpi_ec_t ctx)
+{
+ int res = 0;
+ gcry_mpi_t x, y, w;
+
+ x = mpi_new (0);
+ y = mpi_new (0);
+ w = mpi_new (0);
+
+ if (_gcry_mpi_ec_get_affine (x, y, point, ctx))
+ return 0;
+
+ switch (ctx->model)
+ {
+ case MPI_EC_WEIERSTRASS:
+ log_fatal ("%s: %s not yet supported\n",
+ "_gcry_mpi_ec_curve_point", "Weierstrass");
+ break;
+ case MPI_EC_MONTGOMERY:
+ log_fatal ("%s: %s not yet supported\n",
+ "_gcry_mpi_ec_curve_point", "Montgomery");
+ break;
+ case MPI_EC_TWISTEDEDWARDS:
+ {
+ /* a · x^2 + y^2 - 1 - b · x^2 · y^2 == 0 */
+ ec_powm (x, x, mpi_const (MPI_C_TWO), ctx);
+ ec_powm (y, y, mpi_const (MPI_C_TWO), ctx);
+ ec_mulm (w, ctx->a, x, ctx);
+ ec_addm (w, w, y, ctx);
+ ec_subm (w, w, mpi_const (MPI_C_ONE), ctx);
+ ec_mulm (x, x, y, ctx);
+ ec_mulm (x, x, ctx->b, ctx);
+ ec_subm (w, w, x, ctx);
+ if (!mpi_cmp_ui (w, 0))
+ res = 1;
+ }
+ break;
+ }
+
+ gcry_mpi_release (w);
+ gcry_mpi_release (x);
+ gcry_mpi_release (y);
+
+ return res;
+}
diff --git a/src/libgcrypt.def b/src/libgcrypt.def
index 9539d39..9c691ec 100644
--- a/src/libgcrypt.def
+++ b/src/libgcrypt.def
@@ -239,11 +239,12 @@ EXPORTS
gcry_sexp_nth_buffer @214
- gcry_mpi_ec_curve_point @215
+ gcry_mpi_is_neg @215
+ gcry_mpi_neg @216
+ gcry_mpi_abs @217
+
+ gcry_mpi_ec_curve_point @218
- gcry_mpi_is_neg @216
- gcry_mpi_neg @217
- gcry_mpi_abs @218
;; end of file with public symbols for Windows.
diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers
index 9bb7ae2..beb691e 100644
--- a/src/libgcrypt.vers
+++ b/src/libgcrypt.vers
@@ -97,7 +97,8 @@ GCRYPT_1.6 {
gcry_mpi_ec_get_mpi; gcry_mpi_ec_get_point;
gcry_mpi_ec_set_mpi; gcry_mpi_ec_set_point;
gcry_mpi_ec_get_affine;
- gcry_mpi_ec_dup; gcry_mpi_ec_add; gcry_mpi_ec_mul; gcry_mpi_ec_curve_point;
+ gcry_mpi_ec_dup; gcry_mpi_ec_add; gcry_mpi_ec_mul;
+ gcry_mpi_ec_curve_point;
_gcry_mpi_get_const;
diff --git a/src/visibility.c b/src/visibility.c
index 0e24411..404da20 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -547,6 +547,13 @@ gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u,
_gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC));
}
+int
+gcry_mpi_ec_curve_point (gcry_mpi_point_t point, gcry_ctx_t ctx)
+{
+ return _gcry_mpi_ec_curve_point
+ (point, _gcry_ctx_get_pointer (ctx, CONTEXT_TYPE_EC));
+}
+
unsigned int
gcry_mpi_get_nbits (gcry_mpi_t a)
{
diff --git a/src/visibility.h b/src/visibility.h
index a6cb3dc..b4da48e 100644
--- a/src/visibility.h
+++ b/src/visibility.h
@@ -550,6 +550,7 @@ MARK_VISIBLE (gcry_mpi_copy)
MARK_VISIBLE (gcry_mpi_div)
MARK_VISIBLE (gcry_mpi_dump)
MARK_VISIBLEX(gcry_mpi_ec_add)
+MARK_VISIBLEX(gcry_mpi_ec_curve_point)
MARK_VISIBLEX(gcry_mpi_ec_dup)
MARK_VISIBLEX(gcry_mpi_ec_get_affine)
MARK_VISIBLEX(gcry_mpi_ec_mul)
commit 1bd2c67aa55b40589654d3fa5dea05cf1ed7dc5f
Author: Werner Koch <wk at gnupg.org>
Date: Fri Sep 6 19:58:50 2013 +0200
mpi: Add functions to manipulate the sign.
* src/gcrypt.h.in (gcry_mpi_is_neg): New.
(gcry_mpi_neg, gcry_mpi_abs): New.
* mpi/mpiutil.c (_gcry_mpi_is_neg): New.
(_gcry_mpi_neg, _gcry_mpi_abs): New.
* src/visibility.c, src/visibility.h: Add wrappers.
* src/libgcrypt.def, src/libgcrypt.vers: Export them.
* src/mpi.h (mpi_is_neg): New. Rename old macro to mpi_has_sign.
* mpi/mpi-mod.c (_gcry_mpi_mod_barrett): Use mpi_has_sign.
* mpi/mpi-mpow.c (calc_barrett): Ditto.
* cipher/primegen.c (_gcry_derive_x931_prime): Ditto
* cipher/rsa.c (secret): Ditto.
diff --git a/NEWS b/NEWS
index ee737f9..e4fe1eb 100644
--- a/NEWS
+++ b/NEWS
@@ -46,6 +46,9 @@ Noteworthy changes in version 1.6.0 (unreleased)
GCRY_RNG_TYPE_STANDARD NEW.
GCRY_RNG_TYPE_FIPS NEW.
GCRY_RNG_TYPE_SYSTEM NEW.
+ gcry_mpi_is_neg NEW.
+ gcry_mpi_neg NEW.
+ gcry_mpi_abs NEW.
gcry_mpi_snatch NEW.
gcry_mpi_point_t NEW.
gcry_mpi_point_new NEW.
@@ -65,6 +68,7 @@ Noteworthy changes in version 1.6.0 (unreleased)
gcry_mpi_ec_dup NEW.
gcry_mpi_ec_add NEW.
gcry_mpi_ec_mul NEW.
+ gcry_mpi_ec_curve_point NEW.
GCRYMPI_FLAG_IMMUTABLE NEW.
GCRYMPI_FLAG_CONST NEW.
GCRYMPI_CONST_ONE NEW.
diff --git a/cipher/primegen.c b/cipher/primegen.c
index d0cf20c..3610ae7 100644
--- a/cipher/primegen.c
+++ b/cipher/primegen.c
@@ -1351,7 +1351,7 @@ _gcry_derive_x931_prime (const gcry_mpi_t xp,
mpi_sub (r1, r1, tmp);
/* Fixup a negative value. */
- if (mpi_is_neg (r1))
+ if (mpi_has_sign (r1))
mpi_add (r1, r1, p1p2);
/* yp0 = xp + (r1 - xp mod p1*p2) */
diff --git a/cipher/rsa.c b/cipher/rsa.c
index bb22d05..8d17129 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -722,7 +722,7 @@ secret (gcry_mpi_t output, gcry_mpi_t input, RSA_secret_key *skey )
mpi_powm( m2, input, h, skey->q );
/* h = u * ( m2 - m1 ) mod q */
mpi_sub( h, m2, m1 );
- if ( mpi_is_neg( h ) )
+ if ( mpi_has_sign ( h ) )
mpi_add ( h, h, skey->q );
mpi_mulm( h, skey->u, h, skey->q );
/* m = m2 + h * p */
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 4c8cdb1..ba9bb02 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -2424,7 +2424,7 @@ For the EdDSA algorithm (cf. Ed25515) the required input parameters are:
@example
(data
(flags eddsa)
- (hash-algo sha-512)
+ (hash-algo sha512)
(value @var{message}))
@end example
@@ -3763,6 +3763,17 @@ Set @var{u} into @var{w} and release @var{u}. If @var{w} is
@code{NULL} only @var{u} will be released.
@end deftypefun
+ at deftypefun void gcry_mpi_neg (@w{gcry_mpi_t @var{w}}, @w{gcry_mpi_t @var{u}})
+
+Set the sign of @var{w} to the negative of @var{u}.
+ at end deftypefun
+
+ at deftypefun void gcry_mpi_abs (@w{gcry_mpi_t @var{w}})
+
+Clear the sign of @var{w}.
+ at end deftypefun
+
+
@node MPI formats
@section MPI formats
@@ -3949,6 +3960,11 @@ integer @var{v} returning 0 for equality, a positive value for @var{u} >
@var{v} and a negative for @var{u} < @var{v}.
@end deftypefun
+ at deftypefun int gcry_mpi_is_neg (@w{const gcry_mpi_t @var{a}})
+
+Return 1 if @var{a} is less than zero; return 0 if zero or positive.
+ at end deftypefun
+
@node Bit manipulations
@section Bit manipulations
diff --git a/mpi/ec.c b/mpi/ec.c
index 54fa028..478416f 100644
--- a/mpi/ec.c
+++ b/mpi/ec.c
@@ -1025,7 +1025,7 @@ _gcry_mpi_ec_mul_point (mpi_point_t result,
k = mpi_copy (scalar);
yy = mpi_copy (point->y);
- if ( mpi_is_neg (k) )
+ if ( mpi_has_sign (k) )
{
k->sign = 0;
ec_invm (yy, yy, ctx);
diff --git a/mpi/mpi-mod.c b/mpi/mpi-mod.c
index 7ebfe6d..795826e 100644
--- a/mpi/mpi-mod.c
+++ b/mpi/mpi-mod.c
@@ -157,7 +157,7 @@ _gcry_mpi_mod_barrett (gcry_mpi_t r, gcry_mpi_t x, mpi_barrett_t ctx)
r2->nlimbs = k+1;
mpi_sub ( r, r1, r2 );
- if ( mpi_is_neg( r ) )
+ if ( mpi_has_sign ( r ) )
{
if (!ctx->r3)
{
diff --git a/mpi/mpi-mpow.c b/mpi/mpi-mpow.c
index ca5b3f1..ec677fe 100644
--- a/mpi/mpi-mpow.c
+++ b/mpi/mpi-mpow.c
@@ -204,7 +204,7 @@ calc_barrett( gcry_mpi_t r, gcry_mpi_t x, gcry_mpi_t m, gcry_mpi_t y, int k, gcr
r2->nlimbs = k+1;
mpi_sub( r, r1, r2 );
- if( mpi_is_neg( r ) ) {
+ if( mpi_has_sign (r) ) {
gcry_mpi_t tmp;
tmp = mpi_alloc( k + 2 );
diff --git a/mpi/mpiutil.c b/mpi/mpiutil.c
index a65d236..433dda6 100644
--- a/mpi/mpiutil.c
+++ b/mpi/mpiutil.c
@@ -324,6 +324,45 @@ gcry_mpi_copy( gcry_mpi_t a )
}
+/* Return true if A is negative. */
+int
+_gcry_mpi_is_neg (gcry_mpi_t a)
+{
+ if (a->sign && _gcry_mpi_cmp_ui (a, 0))
+ return 1;
+ else
+ return 0;
+}
+
+
+/* W = - U */
+void
+_gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u)
+{
+ if (mpi_is_immutable (w))
+ {
+ mpi_immutable_failed ();
+ return;
+ }
+
+ w->sign = !u->sign;
+}
+
+
+/* W = [W] */
+void
+_gcry_mpi_abs (gcry_mpi_t w)
+{
+ if (mpi_is_immutable (w))
+ {
+ mpi_immutable_failed ();
+ return;
+ }
+
+ w->sign = 0;
+}
+
+
/****************
* This function allocates an MPI which is optimized to hold
* a value as large as the one given in the argument and allocates it
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index 06d6663..71c50ab 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -508,6 +508,15 @@ gcry_mpi_t gcry_mpi_set_ui (gcry_mpi_t w, unsigned long u);
/* Swap the values of A and B. */
void gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b);
+/* Return 1 if A is negative; 0 if zero or positive. */
+int gcry_mpi_is_neg (gcry_mpi_t a);
+
+/* W = - U */
+void gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u);
+
+/* W = [W] */
+void gcry_mpi_abs (gcry_mpi_t w);
+
/* Compare the big integer number U and V returning 0 for equality, a
positive value for U > V and a negative for U < V. */
int gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v);
@@ -661,6 +670,8 @@ void gcry_mpi_ec_add (gcry_mpi_point_t w,
void gcry_mpi_ec_mul (gcry_mpi_point_t w, gcry_mpi_t n, gcry_mpi_point_t u,
gcry_ctx_t ctx);
+/* Return true if POINT is on the curve described by CTX. */
+int gcry_mpi_ec_curve_point (gcry_mpi_point_t w, gcry_ctx_t ctx);
/* Return the number of bits required to represent A. */
unsigned int gcry_mpi_get_nbits (gcry_mpi_t a);
@@ -728,8 +739,11 @@ gcry_mpi_t _gcry_mpi_get_const (int no);
#define mpi_snatch( w, u) gcry_mpi_snatch( (w), (u) )
#define mpi_set( w, u) gcry_mpi_set( (w), (u) )
#define mpi_set_ui( w, u) gcry_mpi_set_ui( (w), (u) )
+#define mpi_abs( w ) gcry_mpi_abs( (w) )
+#define mpi_neg( w, u) gcry_mpi_neg( (w), (u) )
#define mpi_cmp( u, v ) gcry_mpi_cmp( (u), (v) )
#define mpi_cmp_ui( u, v ) gcry_mpi_cmp_ui( (u), (v) )
+#define mpi_is_neg( a ) gcry_mpi_is_new ((a))
#define mpi_add_ui(w,u,v) gcry_mpi_add_ui((w),(u),(v))
#define mpi_add(w,u,v) gcry_mpi_add ((w),(u),(v))
diff --git a/src/libgcrypt.def b/src/libgcrypt.def
index f275ae9..9539d39 100644
--- a/src/libgcrypt.def
+++ b/src/libgcrypt.def
@@ -239,5 +239,11 @@ EXPORTS
gcry_sexp_nth_buffer @214
+ gcry_mpi_ec_curve_point @215
+
+ gcry_mpi_is_neg @216
+ gcry_mpi_neg @217
+ gcry_mpi_abs @218
+
;; end of file with public symbols for Windows.
diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers
index 473ee68..9bb7ae2 100644
--- a/src/libgcrypt.vers
+++ b/src/libgcrypt.vers
@@ -77,6 +77,7 @@ GCRYPT_1.6 {
gcry_sexp_sprint; gcry_sexp_sscan; gcry_sexp_vlist;
gcry_sexp_nth_string;
+ gcry_mpi_is_neg; gcry_mpi_neg; gcry_mpi_abs;
gcry_mpi_add; gcry_mpi_add_ui; gcry_mpi_addm; gcry_mpi_aprint;
gcry_mpi_clear_bit; gcry_mpi_clear_flag; gcry_mpi_clear_highbit;
gcry_mpi_cmp; gcry_mpi_cmp_ui; gcry_mpi_copy; gcry_mpi_div;
@@ -96,7 +97,7 @@ GCRYPT_1.6 {
gcry_mpi_ec_get_mpi; gcry_mpi_ec_get_point;
gcry_mpi_ec_set_mpi; gcry_mpi_ec_set_point;
gcry_mpi_ec_get_affine;
- gcry_mpi_ec_dup; gcry_mpi_ec_add; gcry_mpi_ec_mul;
+ gcry_mpi_ec_dup; gcry_mpi_ec_add; gcry_mpi_ec_mul; gcry_mpi_ec_curve_point;
_gcry_mpi_get_const;
diff --git a/src/mpi.h b/src/mpi.h
index 0114dba..09ba717 100644
--- a/src/mpi.h
+++ b/src/mpi.h
@@ -78,7 +78,7 @@ struct gcry_mpi
#define MPI_NULL NULL
#define mpi_get_nlimbs(a) ((a)->nlimbs)
-#define mpi_is_neg(a) ((a)->sign)
+#define mpi_has_sign(a) ((a)->sign)
/*-- mpiutil.c --*/
@@ -134,6 +134,9 @@ void _gcry_mpi_m_check( gcry_mpi_t a );
void _gcry_mpi_swap( gcry_mpi_t a, gcry_mpi_t b);
gcry_mpi_t _gcry_mpi_new (unsigned int nbits);
gcry_mpi_t _gcry_mpi_snew (unsigned int nbits);
+int _gcry_mpi_is_neg (gcry_mpi_t a);
+void _gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u);
+void _gcry_mpi_abs (gcry_mpi_t w);
/* Constants used to return constant MPIs. See _gcry_mpi_init if you
want to add more constants. */
diff --git a/src/visibility.c b/src/visibility.c
index bb51d58..0e24411 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -293,6 +293,24 @@ gcry_mpi_swap (gcry_mpi_t a, gcry_mpi_t b)
}
int
+gcry_mpi_is_neg (gcry_mpi_t a)
+{
+ return _gcry_mpi_is_neg (a);
+}
+
+void
+gcry_mpi_neg (gcry_mpi_t w, gcry_mpi_t u)
+{
+ _gcry_mpi_neg (w, u);
+}
+
+void
+gcry_mpi_abs (gcry_mpi_t w)
+{
+ _gcry_mpi_abs (w);
+}
+
+int
gcry_mpi_cmp (const gcry_mpi_t u, const gcry_mpi_t v)
{
return _gcry_mpi_cmp (u, v);
diff --git a/src/visibility.h b/src/visibility.h
index 54da016..a6cb3dc 100644
--- a/src/visibility.h
+++ b/src/visibility.h
@@ -536,6 +536,7 @@ MARK_VISIBLE (gcry_sexp_sprint)
MARK_VISIBLE (gcry_sexp_sscan)
MARK_VISIBLE (gcry_sexp_vlist)
+MARK_VISIBLEX(gcry_mpi_abs)
MARK_VISIBLE (gcry_mpi_add)
MARK_VISIBLE (gcry_mpi_add_ui)
MARK_VISIBLE (gcry_mpi_addm)
@@ -561,12 +562,14 @@ MARK_VISIBLE (gcry_mpi_gcd)
MARK_VISIBLE (gcry_mpi_get_flag)
MARK_VISIBLE (gcry_mpi_get_nbits)
MARK_VISIBLE (gcry_mpi_get_opaque)
+MARK_VISIBLEX(gcry_mpi_is_neg)
MARK_VISIBLE (gcry_mpi_invm)
MARK_VISIBLE (gcry_mpi_mod)
MARK_VISIBLE (gcry_mpi_mul)
MARK_VISIBLE (gcry_mpi_mul_2exp)
MARK_VISIBLE (gcry_mpi_mul_ui)
MARK_VISIBLE (gcry_mpi_mulm)
+MARK_VISIBLEX(gcry_mpi_neg)
MARK_VISIBLE (gcry_mpi_new)
MARK_VISIBLE (gcry_mpi_point_get)
MARK_VISIBLE (gcry_mpi_point_new)
-----------------------------------------------------------------------
Summary of changes:
NEWS | 4 ++
cipher/ecc-curves.c | 14 ++++--
cipher/ecc-misc.c | 1 +
cipher/ecc.c | 25 ++++++++---
cipher/primegen.c | 2 +-
cipher/pubkey.c | 2 +-
cipher/rsa.c | 2 +-
configure.ac | 18 ++++++--
doc/gcrypt.texi | 25 +++++++++++-
mpi/ec.c | 113 ++++++++++++++++++++++++++++++++++++++++----------
mpi/mpi-mod.c | 2 +-
mpi/mpi-mpow.c | 2 +-
mpi/mpiutil.c | 39 +++++++++++++++++
src/gcrypt.h.in | 14 ++++++
src/libgcrypt.def | 7 +++
src/libgcrypt.vers | 2 +
src/mpi.h | 15 +++++--
src/visibility.c | 25 +++++++++++
src/visibility.h | 4 ++
19 files changed, 267 insertions(+), 49 deletions(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list