X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/53cbeae3058cdebd54bf9a6c18d9f46ee52f0595..45c0fd363937c6e9b05da04a9167e9912c05ca0c:/ec-info.c diff --git a/ec-info.c b/ec-info.c index cf65584..474691b 100644 --- a/ec-info.c +++ b/ec-info.c @@ -1,13 +1,13 @@ /* -*-c-*- * - * $Id: ec-info.c,v 1.6 2004/04/08 16:17:32 mdw Exp $ + * $Id$ * * Elliptic curve information management * * (c) 2004 Straylight/Edgeware */ -/*----- Licensing notice --------------------------------------------------* +/*----- Licensing notice --------------------------------------------------* * * This file is part of Catacomb. * @@ -15,12 +15,12 @@ * it under the terms of the GNU Library General Public License as * published by the Free Software Foundation; either version 2 of the * License, or (at your option) any later version. - * + * * Catacomb is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. - * + * * You should have received a copy of the GNU Library General Public * License along with Catacomb; if not, write to the Free * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, @@ -34,6 +34,7 @@ #include "gf.h" #include "pgen.h" #include "mprand.h" +#include "mpint.h" #include "rabin.h" /*----- Main code ---------------------------------------------------------*/ @@ -47,7 +48,7 @@ * Use: Parses an elliptic curve description, which has the form * * * a field description - * * an optional `/' + * * an optional `;' * * `prime', `primeproj', `bin', or `binproj' * * an optional `:' * * the %$a$% parameter @@ -62,7 +63,7 @@ ec_curve *ec_curveparse(qd_parse *qd) field *f; if ((f = field_parse(qd)) == 0) goto fail; - qd_delim(qd, '/'); + qd_delim(qd, ';'); switch (qd_enum(qd, "prime,primeproj,bin,binproj")) { case 0: if (F_TYPE(f) != FTY_PRIME) { @@ -163,7 +164,7 @@ fail: return (0); } -/* --- @getinfo@ --- * +/* --- @ec_infofromdata@ --- * * * Arguments: @ec_info *ei@ = where to write the information * @ecdata *ed@ = raw data @@ -174,7 +175,7 @@ fail: * curves. */ -static void getinfo(ec_info *ei, ecdata *ed) +void ec_infofromdata(ec_info *ei, ecdata *ed) { field *f; @@ -217,7 +218,7 @@ static void getinfo(ec_info *ei, ecdata *ed) * curve, or it has the form * * * elliptic curve description - * * optional `/' + * * optional `;' * * common point * * optional `:' * * group order @@ -233,11 +234,15 @@ int ec_infoparse(qd_parse *qd, ec_info *ei) const ecentry *ee; mp *r = MP_NEW, *h = MP_NEW; - for (ee = ectab; ee->name; ee++) - if (qd_enum(qd, ee->name) >= 0) { getinfo(ei, ee->data); goto found; } + for (ee = ectab; ee->name; ee++) { + if (qd_enum(qd, ee->name) >= 0) { + ec_infofromdata(ei, ee->data); + goto found; + } + } if ((c = ec_curveparse(qd)) == 0) goto fail; - qd_delim(qd, '/'); if (!ec_ptparse(qd, &g)) goto fail; + qd_delim(qd, ';'); if (!ec_ptparse(qd, &g)) goto fail; qd_delim(qd, ':'); if ((r = qd_getmp(qd)) == 0) goto fail; qd_delim(qd, '*'); if ((h = qd_getmp(qd)) == 0) goto fail; ei->c = c; ei->g = g; ei->r = r; ei->h = h; @@ -325,7 +330,7 @@ void ec_freeinfo(ec_info *ei) static int primeeltp(mp *x, field *f) { - return (!MP_ISNEG(x) && MP_CMP(x, <, f->m)); + return (!MP_NEGP(x) && MP_CMP(x, <, f->m)); } static const char *primecheck(const ec_info *ei, grand *gr) @@ -372,11 +377,6 @@ static const char *primecheck(const ec_info *ei, grand *gr) if (!pgen_primep(ei->r, gr)) return ("generator order not prime"); - /* --- Check %$0 < h \le 4$% --- */ - - if (MP_CMP(ei->h, <, MP_ONE) || MP_CMP(ei->h, >, MP_FOUR)) - return ("cofactor out of range"); - /* --- Check %$h = \lfloor (\sqrt{p} + 1)^2/r \rlfoor$% --- * * * This seems to work with the approximate-sqrt in the library, but might @@ -421,6 +421,11 @@ static const char *primecheck(const ec_info *ei, grand *gr) MP_DROP(x); if (i) return ("curve is weak"); + /* --- Check %$0 < h \le 4$% --- */ + + if (MP_CMP(ei->h, <, MP_ONE) || MP_CMP(ei->h, >, MP_FOUR)) + return ("cofactor out of range"); + /* --- Done --- */ return (0); @@ -435,6 +440,13 @@ static const char *bincheck(const ec_info *ei, grand *gr) ec p; int rc; + /* --- Check that %$m$% is prime --- */ + + x = mp_fromuint(MP_NEW, f->nbits); + rc = pfilt_smallfactor(x); + mp_drop(x); + if (rc != PGEN_DONE) return ("degree not prime"); + /* --- Check that %$p$% is irreducible --- */ if (!gf_irreduciblep(f->m)) return ("p not irreducible"); @@ -459,11 +471,6 @@ static const char *bincheck(const ec_info *ei, grand *gr) if (!pgen_primep(ei->r, gr)) return ("generator order not prime"); - /* --- Check %$0 < h \le 4$% --- */ - - if (MP_CMP(ei->h, <, MP_ONE) || MP_CMP(ei->h, >, MP_FOUR)) - return ("cofactor out of range"); - /* --- Check %$h = \lfloor (\sqrt{2^m} + 1)^2/r \rlfoor$% --- * * * This seems to work with the approximate-sqrt in the library, but might @@ -505,6 +512,11 @@ static const char *bincheck(const ec_info *ei, grand *gr) MP_DROP(x); if (i) return ("curve is weak"); + /* --- Check %$0 < h \le 4$% --- */ + + if (MP_CMP(ei->h, <, MP_ONE) || MP_CMP(ei->h, >, MP_FOUR)) + return ("cofactor out of range"); + /* --- Done --- */ return (0); @@ -551,17 +563,18 @@ int main(int argc, char *argv[]) } } } else { - fputs("checking standard curves: ", stdout); + fputs("checking standard curves:", stdout); + fflush(stdout); for (ee = ectab; ee->name; ee++) { ec_info ei; - getinfo(&ei, ee->data); + ec_infofromdata(&ei, ee->data); e = ec_checkinfo(&ei, gr); ec_freeinfo(&ei); if (e) { - fprintf(stderr, "\n*** curve %s fails: %s\n", ee->name, e); + printf(" [%s fails: %s]", ee->name, e); ok = 0; - } - putchar('.'); + } else + printf(" %s", ee->name); fflush(stdout); } fputs(ok ? " ok\n" : " failed\n", stdout);