[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_5-32-g2dd78b3
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_5-32-g2dd78b3 |
|
Date: |
Sat, 05 Nov 2011 08:11:05 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2dd78b367c3c01780615f2a06329611092430f63
The branch, master has been updated
via 2dd78b367c3c01780615f2a06329611092430f63 (commit)
via 28602012b231b2836214b2239936d6b06f9e7769 (commit)
from f5a7e3a9e3564db739b72e208e1daba711a379f1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2dd78b367c3c01780615f2a06329611092430f63
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Nov 5 09:11:06 2011 +0100
converted more things to native gmp. This solves issue noticed in mips64 by
Joseph Graham.
commit 28602012b231b2836214b2239936d6b06f9e7769
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Nov 5 08:22:25 2011 +0100
Added tests for null ciphersuites.
-----------------------------------------------------------------------
Summary of changes:
lib/nettle/ecc.h | 3 -
lib/nettle/ecc_mulmod.c | 24 ++----
lib/nettle/ecc_projective_add_point.c | 2 +-
lib/nettle/ecc_projective_dbl_point.c | 2 +-
lib/nettle/ecc_projective_dbl_point_3.c | 2 +-
lib/nettle/ecc_test.c | 142 +++++++++++++++++++++++++++++++
tests/suite/testcompat-main | 23 +++++
7 files changed, 174 insertions(+), 24 deletions(-)
create mode 100644 lib/nettle/ecc_test.c
diff --git a/lib/nettle/ecc.h b/lib/nettle/ecc.h
index caa465b..ea2b837 100644
--- a/lib/nettle/ecc.h
+++ b/lib/nettle/ecc.h
@@ -118,6 +118,3 @@ int ecc_map(ecc_point *P, mpz_t modulus);
/* helper functions */
int mp_init_multi(mpz_t *a, ...);
void mp_clear_multi(mpz_t *a, ...);
-#define mp_isodd(a) (mpz_size(a) > 0 ? (mpz_getlimbn(a, 0) &
1 ? 1 : 0) : 0)
-
-#define MP_DIGIT_BIT (sizeof(mp_limb_t) * 8 - GMP_NAIL_BITS)
diff --git a/lib/nettle/ecc_mulmod.c b/lib/nettle/ecc_mulmod.c
index e9eebe3..05762ea 100644
--- a/lib/nettle/ecc_mulmod.c
+++ b/lib/nettle/ecc_mulmod.c
@@ -45,6 +45,7 @@ ecc_mulmod (mpz_t k, ecc_point * G, ecc_point * R, mpz_t a,
mpz_t modulus,
{
ecc_point *tG, *M[3];
int i, j, err;
+ int bit_to_read;
unsigned long buf;
int bitcnt, mode, digidx;
@@ -91,29 +92,16 @@ ecc_mulmod (mpz_t k, ecc_point * G, ecc_point * R, mpz_t a,
mpz_t modulus,
/* setup sliding window */
mode = 0;
- bitcnt = 1;
- buf = 0;
- digidx = mpz_size (k) - 1;
+ bit_to_read = mpz_size (k) * GMP_NUMB_BITS - 1;
/* perform ops */
for (;;)
{
/* grab next digit as required */
- if (--bitcnt == 0)
- {
- if (digidx == -1)
- {
- break;
- }
- buf = mpz_getlimbn (k, digidx);
- bitcnt = (int) MP_DIGIT_BIT;
- --digidx;
- }
-
- /* grab the next msb from the ltiplicand */
- i = (buf >> (MP_DIGIT_BIT - 1)) & 1;
- buf <<= 1;
-
+ if (bit_to_read == -1)
+ break;
+ i = mpz_tstbit (k, bit_to_read--);
+
if (mode == 0 && i == 0)
{
/* dummy operations */
diff --git a/lib/nettle/ecc_projective_add_point.c
b/lib/nettle/ecc_projective_add_point.c
index 292a0a3..6e8d599 100644
--- a/lib/nettle/ecc_projective_add_point.c
+++ b/lib/nettle/ecc_projective_add_point.c
@@ -207,7 +207,7 @@ ecc_projective_add_point (ecc_point * P, ecc_point * Q,
ecc_point * R,
mpz_add (y, y, modulus);
}
/* Y = Y/2 */
- if (mp_isodd (y))
+ if (mpz_odd_p (y))
{
mpz_add (y, y, modulus);
}
diff --git a/lib/nettle/ecc_projective_dbl_point.c
b/lib/nettle/ecc_projective_dbl_point.c
index 4128062..2df4e52 100644
--- a/lib/nettle/ecc_projective_dbl_point.c
+++ b/lib/nettle/ecc_projective_dbl_point.c
@@ -156,7 +156,7 @@ ecc_projective_dbl_point (ecc_point * P, ecc_point * R,
mpz_t a,
mpz_mod (R->y, R->y, modulus);
/* Y = 8y^4 */
- if (mp_isodd (R->y))
+ if (mpz_odd_p (R->y))
{
mpz_add (R->y, R->y, modulus);
}
diff --git a/lib/nettle/ecc_projective_dbl_point_3.c
b/lib/nettle/ecc_projective_dbl_point_3.c
index e25c612..64e1cf9 100644
--- a/lib/nettle/ecc_projective_dbl_point_3.c
+++ b/lib/nettle/ecc_projective_dbl_point_3.c
@@ -107,7 +107,7 @@ ecc_projective_dbl_point (ecc_point * P, ecc_point * R,
mpz_t a /* a is -3 */,
mpz_mul(t2, R->y, R->y);
mpz_mod(t2, t2, modulus);
/* T2 = T2/2 */
- if (mp_isodd(t2)) {
+ if (mpz_odd_p(t2)) {
mpz_add(t2, t2, modulus);
}
mpz_divexact_ui(t2, t2, 2);
diff --git a/lib/nettle/ecc_test.c b/lib/nettle/ecc_test.c
new file mode 100644
index 0000000..30250fa
--- /dev/null
+++ b/lib/nettle/ecc_test.c
@@ -0,0 +1,142 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, address@hidden, http://libtom.org
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 + ax + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "ecc.h"
+#include "gnettle.h"
+#include <gnutls_int.h>
+#include <algorithms.h>
+
+/**
+ @file ecc_test.c
+ ECC Crypto, Tom St Denis
+*/
+
+/**
+ Perform on the ECC system
+ @return 0 if successful
+*/
+int
+ecc_test (void)
+{
+ mpz_t modulus, order, A;
+ ecc_point *G, *GG;
+ int i, err;
+
+ if ((err = mp_init_multi (&modulus, &A, &order, NULL)) != 0)
+ {
+ return err;
+ }
+
+ G = ecc_new_point ();
+ GG = ecc_new_point ();
+ if (G == NULL || GG == NULL)
+ {
+ mp_clear_multi (&modulus, &order, NULL);
+ ecc_del_point (G);
+ ecc_del_point (GG);
+ return -1;
+ }
+
+ for (i = 1; i <= 3; i++)
+ {
+ const gnutls_ecc_curve_entry_st *st = _gnutls_ecc_curve_get_params (i);
+
+ printf ("Testing %s (%d)\n", gnutls_ecc_curve_get_name (i), i);
+
+ if (mpz_set_str (A, (char *) st->A, 16) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if (mpz_set_str (modulus, (char *) st->prime, 16) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if (mpz_set_str (order, (char *) st->order, 16) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ /* is prime actually prime? */
+ if ((err = mpz_probab_prime_p (modulus, PRIME_CHECK_PARAM)) <= 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if ((err = mpz_probab_prime_p (order, PRIME_CHECK_PARAM)) <= 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if (mpz_set_str (G->x, (char *) st->Gx, 16) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if (mpz_set_str (G->y, (char *) st->Gy, 16) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+ mpz_set_ui (G->z, 1);
+
+ /* then we should have G == (order + 1)G */
+ mpz_add_ui (order, order, 1);
+ if ((err = ecc_mulmod (order, G, GG, A, modulus, 1)) != 0)
+ {
+ goto done;
+ }
+
+ if (mpz_cmp (G->y, GG->y) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ if (mpz_cmp (G->x, GG->x) != 0)
+ {
+ fprintf (stderr, "XXX %d\n", __LINE__);
+ err = -1;
+ goto done;
+ }
+
+ }
+ err = 0;
+done:
+ ecc_del_point (GG);
+ ecc_del_point (G);
+ mp_clear_multi (&order, &modulus, &A, NULL);
+ return err;
+}
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_test.c,v $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2007/05/12 14:32:35 $ */
diff --git a/tests/suite/testcompat-main b/tests/suite/testcompat-main
index 22eb039..2c72233 100755
--- a/tests/suite/testcompat-main
+++ b/tests/suite/testcompat-main
@@ -87,6 +87,19 @@ $CLI $DEBUG -p $PORT 127.0.0.1 --priority
"NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL
kill $PID
wait
+#-cipher RSA-NULL
+launch_bare_server $$ s_server -cipher NULL -quiet -www -accept $PORT -keyform
pem -certform pem -tls1 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT
-Verify 1 -CAfile $CA_CERT &
+PID=$!
+wait_server $PID
+
+# Test TLS 1.0 with RSA-NULL ciphersuite
+echo "Checking TLS 1.0 with RSA-NULL..."
+$CLI $DEBUG -p $PORT 127.0.0.1 --priority
"NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA" --insecure
--x509certfile $CLI_CERT --x509keyfile $CLI_KEY </dev/null >/dev/null || \
+ fail $PID "Failed"
+
+kill $PID
+wait
+
#-cipher
RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA
launch_bare_server $$ s_server -quiet -www -accept $PORT -keyform pem
-certform pem -tls1 -dhparam params.dh -key $RSA_KEY -cert $RSA_CERT -dkey
$DSA_KEY -dcert $DSA_CERT -Verify 1 -CAfile $CA_CERT &
PID=$!
@@ -231,6 +244,16 @@ wait
#kill $PID
#wait
+echo "Check TLS 1.0 with RSA-NULL ciphersuite"
+launch_server $$ --priority
"NONE:+NULL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+RSA:+DHE-RSA"
--x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT
--dhparams params.dh & PID=$!
+wait_server $PID
+
+$OPENSSL_CLI s_client -cipher NULL-SHA -host localhost -tls1 -port $PORT -cert
$CLI_CERT -key $CLI_KEY -CAfile $CA_CERT </dev/null 2>&1 | grep "\:error\:" && \
+ fail $PID "Failed"
+
+kill $PID
+wait
+
echo "Check TLS 1.0 with DHE-RSA ciphersuite"
launch_server $$ --priority
"NONE:+CIPHER-ALL:+SIGN-ALL:+COMP-NULL:+MAC-ALL:+VERS-TLS1.0:+DHE-RSA"
--x509certfile $SERV_CERT --x509keyfile $SERV_KEY --x509cafile $CA_CERT
--dhparams params.dh & PID=$!
wait_server $PID
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_5-32-g2dd78b3,
Nikos Mavrogiannopoulos <=