[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-2-gcd95
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-2-gcd9596a |
|
Date: |
Fri, 16 Dec 2011 04:06:04 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=cd9596adfd9348b4fab60e8613586597af4c9722
The branch, gnutls_2_12_x has been updated
via cd9596adfd9348b4fab60e8613586597af4c9722 (commit)
from 4bfa35209036a66106f71cfbebfbe1fe6a686c8e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cd9596adfd9348b4fab60e8613586597af4c9722
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Dec 16 05:05:58 2011 +0100
optimized DH group generation process (ported from 3.0.x)
-----------------------------------------------------------------------
Summary of changes:
NEWS | 8 ++++++++
lib/nettle/mpi.c | 38 ++++++++++++++++++--------------------
tests/Makefile.am | 2 +-
3 files changed, 27 insertions(+), 21 deletions(-)
diff --git a/NEWS b/NEWS
index 977e3c8..182a0cd 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,14 @@ Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005,
2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
See the end for copying conditions.
+Version 2.12.15 (unreleased)
+
+** libgnutls: Optimized DH generation process (ported from 3.0.x)
+
+** API and ABI modifications:
+
+No changes since last version.
+
Version 2.12.14 (released 2011-11-08)
** libgnutls: Corrected fix in gnutls_session_get_data()
diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c
index c76705c..5c5e973 100644
--- a/lib/nettle/mpi.c
+++ b/lib/nettle/mpi.c
@@ -1,6 +1,5 @@
/*
- * Copyright (C) 2010 Free
- * Software Foundation, Inc.
+ * Copyright (C) 2010,2011 Free Software Foundation, Inc.
*
* Author: Nikos Mavrogiannopoulos
*
@@ -408,7 +407,7 @@ wrap_nettle_prime_check (bigint_t pp)
/* generate a prime of the form p=2qw+1
* The algorithm is simple but probably it has to be modified to gcrypt's
- * since it is really really slow. Nature did not want 2qw+1 to be prime.
+ * since it is slow. Nature did not want 2qw+1 to be prime.
* The generator will be the generator of a subgroup of order q-1.
*
* Algorithm based on the algorithm in "A Computational Introduction to Number
@@ -441,6 +440,11 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits)
if (nbits % 8 != 0)
p_bytes++;
+ w_bits = nbits - q_bytes * 8;
+ w_bytes = w_bits / 8;
+ if (w_bits % 8 != 0)
+ w_bytes++;
+
_gnutls_debug_log
("Generating group of prime of %u bits and format of 2wq+1. q_size=%u
bits\n",
nbits, q_bytes * 8);
@@ -468,11 +472,11 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits)
goto fail;
}
- nettle_mpz_set_str_256_u (q, q_bytes, buffer);
+ nettle_mpz_set_str_256_u (w, w_bytes, buffer);
/* always odd */
- mpz_setbit (q, 0);
+ mpz_setbit (w, 0);
- ret = mpz_probab_prime_p (q, PRIME_CHECK_PARAM);
+ ret = mpz_probab_prime_p (w, PRIME_CHECK_PARAM);
if (ret > 0)
{
break;
@@ -481,30 +485,24 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits)
/* now generate w of size p_bytes - q_bytes */
- w_bits = nbits - wrap_nettle_mpi_get_nbits (&q);
-
_gnutls_debug_log
- ("Found prime q of %u bits. Will look for w of %u bits...\n",
- wrap_nettle_mpi_get_nbits (&q), w_bits);
-
- w_bytes = w_bits / 8;
- if (w_bits % 8 != 0)
- w_bytes++;
+ ("Found prime w of %u bits. Will look for q of %u bits...\n",
+ wrap_nettle_mpi_get_nbits (&w), q_bytes*8);
for (;;)
{
- ret = _gnutls_rnd (GNUTLS_RND_RANDOM, buffer, w_bytes);
+ ret = _gnutls_rnd (GNUTLS_RND_RANDOM, buffer, q_bytes);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
- nettle_mpz_set_str_256_u (w, w_bytes, buffer);
+ nettle_mpz_set_str_256_u (q, q_bytes, buffer);
/* always odd */
- mpz_setbit (w, 0);
+ mpz_setbit (q, 0);
- ret = mpz_probab_prime_p (w, PRIME_CHECK_PARAM);
+ ret = mpz_probab_prime_p (q, PRIME_CHECK_PARAM);
if (ret == 0)
{
continue;
@@ -522,8 +520,8 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits)
}
}
- _gnutls_debug_log ("Found prime w of %u bits. Looking for generator...\n",
- wrap_nettle_mpi_get_nbits (&w));
+ _gnutls_debug_log ("Found prime q of %u bits. Looking for generator...\n",
+ wrap_nettle_mpi_get_nbits (&q));
/* finally a prime! Let calculate generator
*/
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 53012fa..457926e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -64,7 +64,7 @@ ctests = simple gc set_pkcs12_cred certder certuniqueid mpi
\
crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 \
crq_apis init_roundtrip pkcs12_s2k_pem dn2 mini-eagain \
nul-in-x509-names x509_altname pkcs12_encode mini-x509 \
- mini-x509-rehandshake rng-fork x509cert #gendh
+ mini-x509-rehandshake rng-fork x509cert gendh
if ENABLE_OPENSSL
ctests += openssl
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_14a-2-gcd9596a,
Nikos Mavrogiannopoulos <=