/* -*-c-*-
*
- * $Id: dh-check.c,v 1.1 2001/02/03 16:08:24 mdw Exp $
+ * $Id: dh-check.c,v 1.2 2001/06/16 12:56:38 mdw Exp $
*
* Checks Diffie-Hellman group parameters
*
/*----- Revision history --------------------------------------------------*
*
* $Log: dh-check.c,v $
+ * Revision 1.2 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.1 2001/02/03 16:08:24 mdw
* Add consistency checking for public keys.
*
mpmont mm;
mp *pm1 = MP_NEW;
mp *q = MP_NEW;
+ mp *x;
mpmul mu;
size_t i;
goto fail;
q = mp_odd(q, dp->q, &i);
mpmont_create(&mm, dp->p);
- q = mpmont_expr(&mm, q, dp->g, q);
+ x = mpmont_mul(&mm, MP_NEW, dp->g, mm.r2);
+ q = mpmont_expr(&mm, q, x, q);
+ mp_drop(x);
do {
if (mp_eq(q, mm.r) != !i) {
if (keycheck_report(kc, KCSEV_ERR, "order of g != q")) {
/* -*-c-*-
*
- * $Id: dsa-verify.c,v 1.5 2000/10/08 12:13:17 mdw Exp $
+ * $Id: dsa-verify.c,v 1.6 2001/06/16 12:56:38 mdw Exp $
*
* DSA signature verification
*
/*----- Revision history --------------------------------------------------*
*
* $Log: dsa-verify.c,v $
+ * Revision 1.6 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.5 2000/10/08 12:13:17 mdw
* Use @MP_EQ@ instead of @MP_CMP@.
*
{
mpmont pm, qm;
mp *w;
- mpmont_factor f[2];
+ mp_expfactor f[2];
int ok;
/* --- Ensure that all of the signature bits are in range --- */
/* -*-c-*-
*
- * $Id: mp-modsqrt.c,v 1.3 2001/02/03 12:00:29 mdw Exp $
+ * $Id: mp-modsqrt.c,v 1.4 2001/06/16 12:56:38 mdw Exp $
*
* Compute square roots modulo a prime
*
/*----- Revision history --------------------------------------------------*
*
* $Log: mp-modsqrt.c,v $
+ * Revision 1.4 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.3 2001/02/03 12:00:29 mdw
* Now @mp_drop@ checks its argument is non-NULL before attempting to free
* it. Note that the macro version @MP_DROP@ doesn't do this.
/* --- Now to really get going --- */
mpmont_create(&mm, p);
+ b = mpmont_mul(&mm, b, b, mm.r2);
c = mpmont_expr(&mm, b, b, t);
t = mp_add(t, t, MP_ONE);
t = mp_lsr(t, t, 1);
- r = mpmont_expr(&mm, t, a, t);
+ dd = mpmont_mul(&mm, MP_NEW, a, mm.r2);
+ r = mpmont_expr(&mm, t, dd, t);
+ mp_drop(dd);
ainv = mpmont_mul(&mm, ainv, ainv, mm.r2);
mone = mp_sub(MP_NEW, p, mm.r);
/* -*-c-*-
*
- * $Id: rabin.c,v 1.5 2000/10/08 12:11:22 mdw Exp $
+ * $Id: rabin.c,v 1.6 2001/06/16 12:56:38 mdw Exp $
*
* Miller-Rabin primality test
*
/*----- Revision history --------------------------------------------------*
*
* $Log: rabin.c,v $
+ * Revision 1.6 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.5 2000/10/08 12:11:22 mdw
* Use @MP_EQ@ instead of @MP_CMP@.
*
* @y@ here has an extra factor of %$R$%.
*/
- y = mpmont_expr(&r->mm, MP_NEW, g, r->r);
+ y = mpmont_mul(&r->mm, MP_NEW, g, r->mm.r2);
+ y = mpmont_expr(&r->mm, y, y, r->r);
if (MP_EQ(y, r->mm.r) || MP_EQ(y, r->m1)) {
rc = PGEN_PASS;
goto done;
/* -*-c-*-
*
- * $Id: rho.c,v 1.2 2000/10/08 12:11:22 mdw Exp $
+ * $Id: rho.c,v 1.3 2001/06/16 12:56:38 mdw Exp $
*
* Pollard's rho algorithm for discrete logs
*
/*----- Revision history --------------------------------------------------*
*
* $Log: rho.c,v $
+ * Revision 1.3 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.2 2000/10/08 12:11:22 mdw
* Use @MP_EQ@ instead of @MP_CMP@.
*
/* --- The main loop --- */
while ((l = rho(&cc, &x, &y, aa, bb)) == 0) {
- mpmont_factor f[2];
+ mp_expfactor f[2];
if (!r)
r = fibrand_create(0);
aa = mprand_range(MP_NEW, n, r, 0);
bb = mprand_range(MP_NEW, n, r, 0);
- f[0].base = g; f[0].exp = aa;
- f[1].base = a; f[1].exp = bb;
+ f[0].base = cc.g; f[0].exp = aa;
+ f[1].base = cc.a; f[1].exp = bb;
x = mpmont_mexpr(&mm, MP_NEW, f, 2);
y = MP_COPY(x);
}
/* -*-c-*-
*
- * $Id: rsa-priv.c,v 1.2 2000/10/08 12:11:22 mdw Exp $
+ * $Id: rsa-priv.c,v 1.3 2001/06/16 12:56:38 mdw Exp $
*
* RSA private-key operations
*
/*----- Revision history --------------------------------------------------*
*
* $Log: rsa-priv.c,v $
+ * Revision 1.3 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.2 2000/10/08 12:11:22 mdw
* Use @MP_EQ@ instead of @MP_CMP@.
*
k = mprand_range(k, rp->n, rd->r, 0);
mp_gcd(&g, 0, &ki, rp->n, k);
} while (!MP_EQ(g, MP_ONE));
+ k = mpmont_mul(&rd->nm, k, k, rd->nm.r2);
k = mpmont_expr(&rd->nm, k, k, rp->e);
c = mpmont_mul(&rd->nm, c, c, k);
mp_drop(k);
/* -*-c-*-
*
- * $Id: rsa-recover.c,v 1.5 2000/10/08 12:11:22 mdw Exp $
+ * $Id: rsa-recover.c,v 1.6 2001/06/16 12:56:38 mdw Exp $
*
* Recover RSA parameters
*
/*----- Revision history --------------------------------------------------*
*
* $Log: rsa-recover.c,v $
+ * Revision 1.6 2001/06/16 12:56:38 mdw
+ * Fixes for interface change to @mpmont_expr@ and @mpmont_mexpr@.
+ *
* Revision 1.5 2000/10/08 12:11:22 mdw
* Use @MP_EQ@ instead of @MP_CMP@.
*
*/
aw = primetab[i++];
- z = mpmont_expr(&mm, z, &a, t);
+ z = mpmont_mul(&mm, z, &a, mm.r2);
+ z = mpmont_expr(&mm, z, z, t);
if (MP_EQ(z, mm.r) || MP_EQ(z, m1))
continue;