这篇教程C++ BN_is_odd函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中BN_is_odd函数的典型用法代码示例。如果您正苦于以下问题:C++ BN_is_odd函数的具体用法?C++ BN_is_odd怎么用?C++ BN_is_odd使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了BN_is_odd函数的28个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: selfTestGeneralOps1CHECK_RETVAL_BOOL /static BOOLEAN selfTestGeneralOps1( void ) { BIGNUM a; /* Simple tests that don't need the support of higher-level routines like importBignum() */ BN_init( &a ); if( !BN_zero( &a ) ) return( FALSE ); if( !BN_is_zero( &a ) || BN_is_one( &a ) ) return( FALSE ); if( !BN_is_word( &a, 0 ) || BN_is_word( &a, 1 ) ) return( FALSE ); if( BN_is_odd( &a ) ) return( FALSE ); if( BN_get_word( &a ) != 0 ) return( FALSE ); if( !BN_one( &a ) ) return( FALSE ); if( BN_is_zero( &a ) || !BN_is_one( &a ) ) return( FALSE ); if( BN_is_word( &a, 0 ) || !BN_is_word( &a, 1 ) ) return( FALSE ); if( !BN_is_odd( &a ) ) return( FALSE ); if( BN_num_bytes( &a ) != 1 ) return( FALSE ); if( BN_get_word( &a ) != 1 ) return( FALSE ); BN_clear( &a ); return( TRUE ); }
开发者ID:deflomu,项目名称:cryptlib,代码行数:34,
示例2: bn_check_topstatic BIGNUM *euclid(BIGNUM *a, BIGNUM *b) { BIGNUM *t; int shifts=0; bn_check_top(a); bn_check_top(b); /* 0 <= b <= a */ while (!BN_is_zero(b)) { /* 0 < b <= a */ if (BN_is_odd(a)) { if (BN_is_odd(b)) { if (!BN_sub(a,a,b)) goto err; if (!BN_rshift1(a,a)) goto err; if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } } else /* a odd - b even */ { if (!BN_rshift1(b,b)) goto err; if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } } } else /* a is even */ { if (BN_is_odd(b)) { if (!BN_rshift1(a,a)) goto err; if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } } else /* a even - b even */ { if (!BN_rshift1(a,a)) goto err; if (!BN_rshift1(b,b)) goto err; shifts++; } } /* 0 <= b <= a */ } if (shifts) { if (!BN_lshift(a,a,shifts)) goto err; } bn_check_top(a); return(a);err: return(NULL); }
开发者ID:RyunosukeOno,项目名称:rayjack,代码行数:56,
示例3: rsa_public_encryptvoidrsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key){ u_char *inbuf, *outbuf; int len, ilen, olen; if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) fatal("rsa_public_encrypt() exponent too small or not odd"); olen = BN_num_bytes(key->n); outbuf = xmalloc(olen); ilen = BN_num_bytes(in); inbuf = xmalloc(ilen); BN_bn2bin(in, inbuf); if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) fatal("rsa_public_encrypt() failed"); if (BN_bin2bn(outbuf, len, out) == NULL) fatal("rsa_public_encrypt: BN_bin2bn failed"); explicit_bzero(outbuf, olen); explicit_bzero(inbuf, ilen); free(outbuf); free(inbuf);}
开发者ID:Alkzndr,项目名称:freebsd,代码行数:28,
示例4: rsa_public_encryptvoidrsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key){ u_char *inbuf, *outbuf; int len, ilen, olen; if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) errx(1, "rsa_public_encrypt() exponent too small or not odd"); olen = BN_num_bytes(key->n); outbuf = (u_char*)malloc(olen); ilen = BN_num_bytes(in); inbuf = (u_char*)malloc(ilen); if (outbuf == NULL || inbuf == NULL) err(1, "malloc"); BN_bn2bin(in, inbuf); if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) errx(1, "rsa_public_encrypt() failed"); BN_bin2bn(outbuf, len, out); memset(outbuf, 0, olen); memset(inbuf, 0, ilen); free(outbuf); free(inbuf);}
开发者ID:Lorindellia,项目名称:dsniff,代码行数:31,
示例5: LoadPublicKeyRSA* LoadPublicKey(const char* filename){ unsigned long err; FILE* fp; RSA* key; static char *passphrase = "Cfengine passphrase"; fp = fopen(filename, "r"); if (fp == NULL) { Log(LOG_LEVEL_ERR, "Cannot open file '%s'. (fopen: %s)", filename, GetErrorStr()); return NULL; }; if ((key = PEM_read_RSAPublicKey(fp, NULL, NULL, passphrase)) == NULL) { err = ERR_get_error(); Log(LOG_LEVEL_ERR, "Error reading public key. (PEM_read_RSAPublicKey: %s)", ERR_reason_error_string(err)); fclose(fp); return NULL; }; fclose(fp); if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) { Log(LOG_LEVEL_ERR, "RSA Exponent in key '%s' too small or not odd. (BN_num_bits: %s)", filename, GetErrorStr()); return NULL; }; return key;}
开发者ID:fordindin,项目名称:core,代码行数:34,
示例6: ec_GFp_simple_group_set_curveint ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx){ int ret = 0; BN_CTX *new_ctx = NULL; BIGNUM *tmp_a; /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD); return 0; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); tmp_a = BN_CTX_get(ctx); if (tmp_a == NULL) goto err; /* group->field */ if (!BN_copy(&group->field, p)) goto err; BN_set_negative(&group->field, 0); /* group->a */ if (!BN_nnmod(tmp_a, a, p, ctx)) goto err; if (group->meth->field_encode) { if (!group->meth->field_encode(group, &group->a, tmp_a, ctx)) goto err; } else if (!BN_copy(&group->a, tmp_a)) goto err; /* group->b */ if (!BN_nnmod(&group->b, b, p, ctx)) goto err; if (group->meth->field_encode) if (!group->meth->field_encode(group, &group->b, &group->b, ctx)) goto err; /* group->a_is_minus3 */ if (!BN_add_word(tmp_a, 3)) goto err; group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field)); ret = 1;err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret;}
开发者ID:GrayKing,项目名称:Leakfix-on-OpenSSL,代码行数:59,
示例7: BN_expint BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) { int i, bits, ret = 0; BIGNUM *v, *rr; if ((p->flags & BN_FLG_CONSTTIME) != 0) { /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */ OPENSSL_PUT_ERROR(BN, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } BN_CTX_start(ctx); if (r == a || r == p) { rr = BN_CTX_get(ctx); } else { rr = r; } v = BN_CTX_get(ctx); if (rr == NULL || v == NULL) { goto err; } if (BN_copy(v, a) == NULL) { goto err; } bits = BN_num_bits(p); if (BN_is_odd(p)) { if (BN_copy(rr, a) == NULL) { goto err; } } else { if (!BN_one(rr)) { goto err; } } for (i = 1; i < bits; i++) { if (!BN_sqr(v, v, ctx)) { goto err; } if (BN_is_bit_set(p, i)) { if (!BN_mul(rr, rr, v, ctx)) { goto err; } } } if (r != rr && !BN_copy(r, rr)) { goto err; } ret = 1;err: BN_CTX_end(ctx); return ret;}
开发者ID:DemiMarie,项目名称:ring,代码行数:57,
示例8: BN_is_prime_fasttest_exint BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx, int do_trial_division, BN_GENCB *cb) { if (BN_cmp(a, BN_value_one()) <= 0) { return 0; } /* first look for small factors */ if (!BN_is_odd(a)) { /* a is even => a is prime if and only if a == 2 */ return BN_is_word(a, 2); } /* Enhanced Miller-Rabin does not work for three. */ if (BN_is_word(a, 3)) { return 1; } if (do_trial_division) { for (int i = 1; i < NUMPRIMES; i++) { BN_ULONG mod = BN_mod_word(a, primes[i]); if (mod == (BN_ULONG)-1) { return -1; } if (mod == 0) { return BN_is_word(a, primes[i]); } } if (!BN_GENCB_call(cb, 1, -1)) { return -1; } } int ret = -1; BN_CTX *ctx_allocated = NULL; if (ctx == NULL) { ctx_allocated = BN_CTX_new(); if (ctx_allocated == NULL) { return -1; } ctx = ctx_allocated; } enum bn_primality_result_t result; if (!BN_enhanced_miller_rabin_primality_test(&result, a, checks, ctx, cb)) { goto err; } ret = (result == bn_probably_prime);err: BN_CTX_free(ctx_allocated); return ret;}
开发者ID:ThomasWo,项目名称:proto-quic,代码行数:54,
示例9: BN_is_prime_fasttest_ex/* See FIPS 186-4 C.3.1 Miller Rabin Probabilistic Primality Test. */int BN_is_prime_fasttest_ex(const BIGNUM *w, int checks, BN_CTX *ctx_passed, int do_trial_division, BN_GENCB *cb){ int i, status, ret = -1; BN_CTX *ctx = NULL; /* w must be bigger than 1 */ if (BN_cmp(w, BN_value_one()) <= 0) return 0; /* w must be odd */ if (BN_is_odd(w)) { /* Take care of the really small prime 3 */ if (BN_is_word(w, 3)) return 1; } else { /* 2 is the only even prime */ return BN_is_word(w, 2); } /* first look for small factors */ if (do_trial_division) { for (i = 1; i < NUMPRIMES; i++) { BN_ULONG mod = BN_mod_word(w, primes[i]); if (mod == (BN_ULONG)-1) return -1; if (mod == 0) return BN_is_word(w, primes[i]); } if (!BN_GENCB_call(cb, 1, -1)) return -1; } if (ctx_passed != NULL) ctx = ctx_passed; else if ((ctx = BN_CTX_new()) == NULL) goto err; ret = bn_miller_rabin_is_prime(w, checks, ctx, cb, 0, &status); if (!ret) goto err; ret = (status == BN_PRIMETEST_PROBABLY_PRIME);err: if (ctx_passed == NULL) BN_CTX_free(ctx); return ret;}
开发者ID:Ana06,项目名称:openssl,代码行数:47,
示例10: rsa_public_encryptintrsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key){ u_char *inbuf = NULL, *outbuf = NULL; int len, ilen, olen, r = SSH_ERR_INTERNAL_ERROR; if (BN_num_bits(key->e) < 2 || !BN_is_odd(key->e)) return SSH_ERR_INVALID_ARGUMENT; olen = BN_num_bytes(key->n); if ((outbuf = malloc(olen)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } ilen = BN_num_bytes(in); if ((inbuf = malloc(ilen)) == NULL) { r = SSH_ERR_ALLOC_FAIL; goto out; } BN_bn2bin(in, inbuf); if ((len = RSA_public_encrypt(ilen, inbuf, outbuf, key, RSA_PKCS1_PADDING)) <= 0) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } if (BN_bin2bn(outbuf, len, out) == NULL) { r = SSH_ERR_LIBCRYPTO_ERROR; goto out; } r = 0; out: if (outbuf != NULL) { explicit_bzero(outbuf, olen); free(outbuf); } if (inbuf != NULL) { explicit_bzero(inbuf, ilen); free(inbuf); } return r;}
开发者ID:SylvestreG,项目名称:bitrig,代码行数:45,
示例11: bn_x931_derive_pistatic int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, BN_GENCB *cb){ int i = 0; if (!BN_copy(pi, Xpi)) return 0; if (!BN_is_odd(pi) && !BN_add_word(pi, 1)) return 0; for (;;) { i++; BN_GENCB_call(cb, 0, i); /* NB 27 MR is specificed in X9.31 */ if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb)) break; if (!BN_add_word(pi, 2)) return 0; } BN_GENCB_call(cb, 2, i); return 1;}
开发者ID:AndreV84,项目名称:openssl,代码行数:20,
示例12: EC_GROUP_set_generatorint EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor){ if (generator == NULL) { ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (group->generator == NULL) { group->generator = EC_POINT_new(group); if (group->generator == NULL) return 0; } if (!EC_POINT_copy(group->generator, generator)) return 0; if (order != NULL) { if (!BN_copy(group->order, order)) return 0; } else BN_zero(group->order); if (cofactor != NULL) { if (!BN_copy(group->cofactor, cofactor)) return 0; } else BN_zero(group->cofactor); /* * Some groups have an order with * factors of two, which makes the Montgomery setup fail. * |group->mont_data| will be NULL in this case. */ if (BN_is_odd(group->order)) { return ec_precompute_mont_data(group); } BN_MONT_CTX_free(group->mont_data); group->mont_data = NULL; return 1;}
开发者ID:Castaglia,项目名称:openssl,代码行数:41,
示例13: RSA_newstatic RSA *parse_public_key(CBS *cbs, int buggy) { RSA *ret = RSA_new(); if (ret == NULL) { return NULL; } CBS child; if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || !parse_integer_buggy(&child, &ret->n, buggy) || !parse_integer(&child, &ret->e) || CBS_len(&child) != 0) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); RSA_free(ret); return NULL; } if (!BN_is_odd(ret->e) || BN_num_bits(ret->e) < 2) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS); RSA_free(ret); return NULL; } return ret;}
开发者ID:LiTianjue,项目名称:etls,代码行数:24,
示例14: ec_GFp_simple_oct2pointstatic int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, const uint8_t *buf, size_t len, BN_CTX *ctx) { point_conversion_form_t form; int y_bit; BN_CTX *new_ctx = NULL; BIGNUM *x, *y; size_t field_len, enc_len; int ret = 0; if (len == 0) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; y_bit = form & 1; form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } return EC_POINT_set_to_infinity(group, point); } field_len = BN_num_bytes(&group->field); enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) goto err; if (BN_ucmp(x, &group->field) >= 0) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } if (form == POINT_CONVERSION_COMPRESSED) { if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx)) goto err; } else { if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err; if (BN_ucmp(y, &group->field) >= 0) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } if (form == POINT_CONVERSION_HYBRID) { if (y_bit != BN_is_odd(y)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } } if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err; } if (!EC_POINT_is_on_curve(group, point, ctx)) /* test required by X9.62 */ { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } ret = 1;err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret;}
开发者ID:ZzeetteEZzOLARINventionZ,项目名称:libwebrtc,代码行数:100,
示例15: pkey_rsa_ctrlstatic int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2){ RSA_PKEY_CTX *rctx = ctx->data; switch (type) { case EVP_PKEY_CTRL_RSA_PADDING: if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING)) { if (!check_padding_md(rctx->md, p1)) return 0; if (p1 == RSA_PKCS1_PSS_PADDING) { if (!(ctx->operation & (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY))) goto bad_pad; if (!rctx->md) rctx->md = EVP_sha1(); } else if (pkey_ctx_is_pss(ctx)) { goto bad_pad; } if (p1 == RSA_PKCS1_OAEP_PADDING) { if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT)) goto bad_pad; if (!rctx->md) rctx->md = EVP_sha1(); } rctx->pad_mode = p1; return 1; } bad_pad: RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return -2; case EVP_PKEY_CTRL_GET_RSA_PADDING: *(int *)p2 = rctx->pad_mode; return 1; case EVP_PKEY_CTRL_RSA_PSS_SALTLEN: case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN: if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN); return -2; } if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN) { *(int *)p2 = rctx->saltlen; } else { if (p1 < RSA_PSS_SALTLEN_MAX) return -2; if (rsa_pss_restricted(rctx)) { if (p1 == RSA_PSS_SALTLEN_AUTO && ctx->operation == EVP_PKEY_OP_VERIFY) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN); return -2; } if ((p1 == RSA_PSS_SALTLEN_DIGEST && rctx->min_saltlen > EVP_MD_size(rctx->md)) || (p1 >= 0 && p1 < rctx->min_saltlen)) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_PSS_SALTLEN_TOO_SMALL); return 0; } } rctx->saltlen = p1; } return 1; case EVP_PKEY_CTRL_RSA_KEYGEN_BITS: if (p1 < 512) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_KEY_SIZE_TOO_SMALL); return -2; } rctx->nbits = p1; return 1; case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP: if (p2 == NULL || !BN_is_odd((BIGNUM *)p2) || BN_is_one((BIGNUM *)p2)) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_BAD_E_VALUE); return -2; } BN_free(rctx->pub_exp); rctx->pub_exp = p2; return 1; case EVP_PKEY_CTRL_RSA_OAEP_MD: case EVP_PKEY_CTRL_GET_RSA_OAEP_MD: if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) { RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE); return -2; } if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD) *(const EVP_MD **)p2 = rctx->md; else rctx->md = p2; return 1; case EVP_PKEY_CTRL_MD: if (!check_padding_md(p2, rctx->pad_mode)) return 0; if (rsa_pss_restricted(rctx)) { if (EVP_MD_type(rctx->md) == EVP_MD_type(p2)) return 1; RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_DIGEST_NOT_ALLOWED);//.........这里部分代码省略.........
开发者ID:danielctull-forks,项目名称:openssl,代码行数:101,
示例16: BN_mod_inverse_no_branchBIGNUM *BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL; BIGNUM *ret=NULL; int sign; if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) { return BN_mod_inverse_no_branch(in, a, n, ctx); } bn_check_top(a); bn_check_top(n); BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); X = BN_CTX_get(ctx); D = BN_CTX_get(ctx); M = BN_CTX_get(ctx); Y = BN_CTX_get(ctx); T = BN_CTX_get(ctx); if (T == NULL) goto err; if (in == NULL) R=BN_new(); else R=in; if (R == NULL) goto err; BN_one(X); BN_zero(Y); if (BN_copy(B,a) == NULL) goto err; if (BN_copy(A,n) == NULL) goto err; A->neg = 0; if (B->neg || (BN_ucmp(B, A) >= 0)) { if (!BN_nnmod(B, B, A, ctx)) goto err; } sign = -1; /* From B = a mod |n|, A = |n| it follows that * * 0 <= B < A, * -sign*X*a == B (mod |n|), * sign*Y*a == A (mod |n|). */ if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) { /* Binary inversion algorithm; requires odd modulus. * This is faster than the general algorithm if the modulus * is sufficiently small (about 400 .. 500 bits on 32-bit * sytems, but much more on 64-bit systems) */ int shift; while (!BN_is_zero(B)) { /* * 0 < B < |n|, * 0 < A <= |n|, * (1) -sign*X*a == B (mod |n|), * (2) sign*Y*a == A (mod |n|) */ /* Now divide B by the maximum possible power of two in the integers, * and divide X by the same value mod |n|. * When we're done, (1) still holds. */ shift = 0; while (!BN_is_bit_set(B, shift)) /* note that 0 < B */ { shift++; if (BN_is_odd(X)) { if (!BN_uadd(X, X, n)) goto err; } /* now X is even, so we can easily divide it by two */ if (!BN_rshift1(X, X)) goto err; } if (shift > 0) { if (!BN_rshift(B, B, shift)) goto err; } /* Same for A and Y. Afterwards, (2) still holds. */ shift = 0; while (!BN_is_bit_set(A, shift)) /* note that 0 < A */ { shift++; if (BN_is_odd(Y)) { if (!BN_uadd(Y, Y, n)) goto err; } /* now Y is even */ if (!BN_rshift1(Y, Y)) goto err; } if (shift > 0)//.........这里部分代码省略.........
开发者ID:RyunosukeOno,项目名称:rayjack,代码行数:101,
示例17: ec_GF2m_simple_oct2point/* * Converts an octet string representation to an EC_POINT. Note that the * simple implementation only uses affine coordinates. */int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, const unsigned char *buf, size_t len, BN_CTX *ctx){ point_conversion_form_t form; int y_bit; BN_CTX *new_ctx = NULL; BIGNUM *x, *y, *yxi; size_t field_len, enc_len; int ret = 0; if (len == 0) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; y_bit = form & 1; form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); return 0; } return EC_POINT_set_to_infinity(group, point); } field_len = (EC_GROUP_get_degree(group) + 7) / 8; enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); return 0; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); yxi = BN_CTX_get(ctx); if (yxi == NULL) goto err; if (!BN_bin2bn(buf + 1, field_len, x)) goto err; if (BN_ucmp(x, &group->field) >= 0) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } if (form == POINT_CONVERSION_COMPRESSED) { if (!EC_POINT_set_compressed_coordinates_GF2m (group, point, x, y_bit, ctx)) goto err; } else { if (!BN_bin2bn(buf + 1 + field_len, field_len, y)) goto err; if (BN_ucmp(y, &group->field) >= 0) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } if (form == POINT_CONVERSION_HYBRID) { if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err; if (y_bit != BN_is_odd(yxi)) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING); goto err; } } if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; } /* test required by X9.62 */ if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); goto err;//.........这里部分代码省略.........
开发者ID:commshare,项目名称:testST,代码行数:101,
示例18: compute_password_element//.........这里部分代码省略......... } ctr = 0; while (1) { if (ctr > 10) { DEBUG("unable to find random point on curve for group %d, something's fishy", grp_num); goto fail; } ctr++; /* * compute counter-mode password value and stretch to prime * pwd-seed = H(token | peer-id | server-id | password | * counter) */ H_Init(&ctx); H_Update(&ctx, (uint8_t *)token, sizeof(*token)); H_Update(&ctx, (uint8_t *)id_peer, id_peer_len); H_Update(&ctx, (uint8_t *)id_server, id_server_len); H_Update(&ctx, (uint8_t *)password, password_len); H_Update(&ctx, (uint8_t *)&ctr, sizeof(ctr)); H_Final(&ctx, pwe_digest); BN_bin2bn(pwe_digest, SHA256_DIGEST_LENGTH, rnd); eap_pwd_kdf(pwe_digest, SHA256_DIGEST_LENGTH, "EAP-pwd Hunting And Pecking", strlen("EAP-pwd Hunting And Pecking"), prfbuf, primebitlen); BN_bin2bn(prfbuf, primebytelen, x_candidate); /* * eap_pwd_kdf() returns a string of bits 0..primebitlen but * BN_bin2bn will treat that string of bits as a big endian * number. If the primebitlen is not an even multiple of 8 * then excessive bits-- those _after_ primebitlen-- so now * we have to shift right the amount we masked off. */ if (primebitlen % 8) { BN_rshift(x_candidate, x_candidate, (8 - (primebitlen % 8))); } if (BN_ucmp(x_candidate, sess->prime) >= 0) { continue; } /* * need to unambiguously identify the solution, if there is * one... */ if (BN_is_odd(rnd)) { is_odd = 1; } else { is_odd = 0; } /* * solve the quadratic equation, if it's not solvable then we * don't have a point */ if (!EC_POINT_set_compressed_coordinates_GFp(sess->group, sess->pwe, x_candidate, is_odd, NULL)) { continue; } /* * If there's a solution to the equation then the point must be * on the curve so why check again explicitly? OpenSSL code * says this is required by X9.62. We're not X9.62 but it can't * hurt just to be sure. */ if (!EC_POINT_is_on_curve(sess->group, sess->pwe, NULL)) { DEBUG("EAP-pwd: point is not on curve"); continue; } if (BN_cmp(cofactor, BN_value_one())) { /* make sure the point is not in a small sub-group */ if (!EC_POINT_mul(sess->group, sess->pwe, NULL, sess->pwe, cofactor, NULL)) { DEBUG("EAP-pwd: cannot multiply generator by order"); continue; } if (EC_POINT_is_at_infinity(sess->group, sess->pwe)) { DEBUG("EAP-pwd: point is at infinity"); continue; } } /* if we got here then we have a new generator. */ break; } sess->group_num = grp_num; if (0) {fail: /* DON'T free sess, it's in handler->opaque */ ret = -1; } /* cleanliness and order.... */ BN_free(cofactor); BN_free(x_candidate); BN_free(rnd); talloc_free(prfbuf); return ret;}
开发者ID:p11235,项目名称:freeradius-server,代码行数:101,
示例19: ec_GF2m_simple_set_compressed_coordinates/*- * Calculates and sets the affine coordinates of an EC_POINT from the given * compressed coordinates. Uses algorithm 2.3.4 of SEC 1. * Note that the simple implementation only uses affine coordinates. * * The method is from the following publication: * * Harper, Menezes, Vanstone: * "Public-Key Cryptosystems with Very Small Key Lengths", * EUROCRYPT '92, Springer-Verlag LNCS 658, * published February 1993 * * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe * the same method, but claim no priority date earlier than July 29, 1994 * (and additionally fail to cite the EUROCRYPT '92 publication as prior art). */int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x_, int y_bit, BN_CTX *ctx){ BN_CTX *new_ctx = NULL; BIGNUM *tmp, *x, *y, *z; int ret = 0, z0; /* clear error queue */ ERR_clear_error(); if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } y_bit = (y_bit != 0) ? 1 : 0; BN_CTX_start(ctx); tmp = BN_CTX_get(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); z = BN_CTX_get(ctx); if (z == NULL) goto err; if (!BN_GF2m_mod_arr(x, x_, group->poly)) goto err; if (BN_is_zero(x)) { if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx)) goto err; } else { if (!group->meth->field_sqr(group, tmp, x, ctx)) goto err; if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx)) goto err; if (!BN_GF2m_add(tmp, &group->a, tmp)) goto err; if (!BN_GF2m_add(tmp, x, tmp)) goto err; if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) { unsigned long err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NO_SOLUTION) { ERR_clear_error(); ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT); } else ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB); goto err; } z0 = (BN_is_odd(z)) ? 1 : 0; if (!group->meth->field_mul(group, y, x, z, ctx)) goto err; if (z0 != y_bit) { if (!BN_GF2m_add(y, y, x)) goto err; } } if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; ret = 1; err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret;}
开发者ID:commshare,项目名称:testST,代码行数:91,
示例20: ec_GF2m_simple_point2oct/* * Converts an EC_POINT to an octet string. If buf is NULL, the encoded * length will be returned. If the length len of buf is smaller than required * an error will be returned. */size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, unsigned char *buf, size_t len, BN_CTX *ctx){ size_t ret; BN_CTX *new_ctx = NULL; int used_ctx = 0; BIGNUM *x, *y, *yxi; size_t field_len, i, skip; if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM); goto err; } if (EC_POINT_is_at_infinity(group, point)) { /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; } return 1; } /* ret := required output buffer length */ field_len = (EC_GROUP_get_degree(group) + 7) / 8; ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL); goto err; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) return 0; } BN_CTX_start(ctx); used_ctx = 1; x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); yxi = BN_CTX_get(ctx); if (yxi == NULL) goto err; if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx)) goto err; buf[0] = form; if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) { if (!group->meth->field_div(group, yxi, y, x, ctx)) goto err; if (BN_is_odd(yxi)) buf[0]++; } i = 1; skip = field_len - BN_num_bytes(x); if (skip > field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } while (skip > 0) { buf[i++] = 0; skip--; } skip = BN_bn2bin(x, buf + i); i += skip; if (i != 1 + field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID) { skip = field_len - BN_num_bytes(y); if (skip > field_len) { ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR); goto err; } while (skip > 0) { buf[i++] = 0; skip--;//.........这里部分代码省略.........
开发者ID:commshare,项目名称:testST,代码行数:101,
示例21: ec_GFp_simple_add//.........这里部分代码省略......... goto end; /* n4 = Y_b * Z_a^3 */ } /* n5, n6 */ if (!BN_mod_sub_quick(n5, n1, n3, p)) goto end; if (!BN_mod_sub_quick(n6, n2, n4, p)) goto end; /* n5 = n1 - n3 */ /* n6 = n2 - n4 */ if (BN_is_zero(n5)) { if (BN_is_zero(n6)) { /* a is the same point as b */ BN_CTX_end(ctx); ret = EC_POINT_dbl(group, r, a, ctx); ctx = NULL; goto end; } else { /* a is the inverse of b */ BN_zero(r->Z); r->Z_is_one = 0; ret = 1; goto end; } } /* 'n7', 'n8' */ if (!BN_mod_add_quick(n1, n1, n3, p)) goto end; if (!BN_mod_add_quick(n2, n2, n4, p)) goto end; /* 'n7' = n1 + n3 */ /* 'n8' = n2 + n4 */ /* Z_r */ if (a->Z_is_one && b->Z_is_one) { if (!BN_copy(r->Z, n5)) goto end; } else { if (a->Z_is_one) { if (!BN_copy(n0, b->Z)) goto end; } else if (b->Z_is_one) { if (!BN_copy(n0, a->Z)) goto end; } else { if (!field_mul(group, n0, a->Z, b->Z, ctx)) goto end; } if (!field_mul(group, r->Z, n0, n5, ctx)) goto end; } r->Z_is_one = 0; /* Z_r = Z_a * Z_b * n5 */ /* X_r */ if (!field_sqr(group, n0, n6, ctx)) goto end; if (!field_sqr(group, n4, n5, ctx)) goto end; if (!field_mul(group, n3, n1, n4, ctx)) goto end; if (!BN_mod_sub_quick(r->X, n0, n3, p)) goto end; /* X_r = n6^2 - n5^2 * 'n7' */ /* 'n9' */ if (!BN_mod_lshift1_quick(n0, r->X, p)) goto end; if (!BN_mod_sub_quick(n0, n3, n0, p)) goto end; /* n9 = n5^2 * 'n7' - 2 * X_r */ /* Y_r */ if (!field_mul(group, n0, n0, n6, ctx)) goto end; if (!field_mul(group, n5, n4, n5, ctx)) goto end; /* now n5 is n5^3 */ if (!field_mul(group, n1, n2, n5, ctx)) goto end; if (!BN_mod_sub_quick(n0, n0, n1, p)) goto end; if (BN_is_odd(n0)) if (!BN_add(n0, n0, p)) goto end; /* now 0 <= n0 < 2*p, and n0 is even */ if (!BN_rshift1(r->Y, n0)) goto end; /* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */ ret = 1; end: if (ctx) /* otherwise we already called BN_CTX_end */ BN_CTX_end(ctx); BN_CTX_free(new_ctx); return ret;}
开发者ID:hitched97,项目名称:openssl,代码行数:101,
示例22: BN_is_prime_fasttestint BN_is_prime_fasttest(const BIGNUM *a, int checks, void (*callback)(int,int,void *), BN_CTX *ctx_passed, void *cb_arg, int do_trial_division) { int i, j, ret = -1; int k; BN_CTX *ctx = NULL; BIGNUM *A1, *A1_odd, *check; /* taken from ctx */ BN_MONT_CTX *mont = NULL; const BIGNUM *A = NULL; if (BN_cmp(a, BN_value_one()) <= 0) return 0; if (checks == BN_prime_checks) checks = BN_prime_checks_for_size(BN_num_bits(a)); /* first look for small factors */ if (!BN_is_odd(a)) return 0; if (do_trial_division) { for (i = 1; i < NUMPRIMES; i++) if (BN_mod_word(a, primes[i]) == 0) return 0; if (callback != NULL) callback(1, -1, cb_arg); } if (ctx_passed != NULL) ctx = ctx_passed; else if ((ctx=BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); /* A := abs(a) */ if (a->neg) { BIGNUM *t; if ((t = BN_CTX_get(ctx)) == NULL) goto err; BN_copy(t, a); t->neg = 0; A = t; } else A = a; A1 = BN_CTX_get(ctx); A1_odd = BN_CTX_get(ctx); check = BN_CTX_get(ctx); if (check == NULL) goto err; /* compute A1 := A - 1 */ if (!BN_copy(A1, A)) goto err; if (!BN_sub_word(A1, 1)) goto err; if (BN_is_zero(A1)) { ret = 0; goto err; } /* write A1 as A1_odd * 2^k */ k = 1; while (!BN_is_bit_set(A1, k)) k++; if (!BN_rshift(A1_odd, A1, k)) goto err; /* Montgomery setup for computations mod A */ mont = BN_MONT_CTX_new(); if (mont == NULL) goto err; if (!BN_MONT_CTX_set(mont, A, ctx)) goto err; for (i = 0; i < checks; i++) { if (!BN_pseudo_rand_range(check, A1)) goto err; if (!BN_add_word(check, 1)) goto err; /* now 1 <= check < A */ j = witness(check, A, A1, A1_odd, k, ctx, mont); if (j == -1) goto err; if (j) { ret=0; goto err; } if (callback != NULL) callback(1,i,cb_arg); } ret=1;err: if (ctx != NULL) { BN_CTX_end(ctx); if (ctx_passed == NULL)//.........这里部分代码省略.........
开发者ID:xyzy,项目名称:mips-openssl_0.9.7,代码行数:101,
示例23: BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) /* Returns 'ret' such that * ret^2 == a (mod p), * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course * in Algebraic Computational Number Theory", algorithm 1.5.1). * 'p' must be prime! */ { BIGNUM *ret = in; int err = 1; int r; BIGNUM *A, *b, *q, *t, *x, *y; int e, i, j; if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) { if (BN_abs_is_word(p, 2)) { if (ret == NULL) ret = BN_new(); if (ret == NULL) goto end; if (!BN_set_word(ret, BN_is_bit_set(a, 0))) { if (ret != in) BN_free(ret); return NULL; } bn_check_top(ret); return ret; } BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME); return(NULL); } if (BN_is_zero(a) || BN_is_one(a)) { if (ret == NULL) ret = BN_new(); if (ret == NULL) goto end; if (!BN_set_word(ret, BN_is_one(a))) { if (ret != in) BN_free(ret); return NULL; } bn_check_top(ret); return ret; } BN_CTX_start(ctx); A = BN_CTX_get(ctx); b = BN_CTX_get(ctx); q = BN_CTX_get(ctx); t = BN_CTX_get(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) goto end; if (ret == NULL) ret = BN_new(); if (ret == NULL) goto end; /* A = a mod p */ if (!BN_nnmod(A, a, p, ctx)) goto end; /* now write |p| - 1 as 2^e*q where q is odd */ e = 1; while (!BN_is_bit_set(p, e)) e++; /* we'll set q later (if needed) */ if (e == 1) { /* The easy case: (|p|-1)/2 is odd, so 2 has an inverse * modulo (|p|-1)/2, and square roots can be computed * directly by modular exponentiation. * We have * 2 * (|p|+1)/4 == 1 (mod (|p|-1)/2), * so we can use exponent (|p|+1)/4, i.e. (|p|-3)/4 + 1. */ if (!BN_rshift(q, p, 2)) goto end; q->neg = 0; if (!BN_add_word(q, 1)) goto end; if (!BN_mod_exp(ret, A, q, p, ctx)) goto end; err = 0; goto vrfy; } if (e == 2) { /* |p| == 5 (mod 8) * * In this case 2 is always a non-square since * Legendre(2,p) = (-1)^((p^2-1)/8) for any odd prime. * So if a really is a square, then 2*a is a non-square. * Thus for * b := (2*a)^((|p|-5)/8),//.........这里部分代码省略.........
开发者ID:AustinWise,项目名称:Netduino-Micro-Framework,代码行数:101,
示例24: BN_X931_derive_prime_exintBN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb){ int ret = 0; BIGNUM *t, *p1p2, *pm1; /* Only even e supported */ if (!BN_is_odd(e)) return 0; BN_CTX_start(ctx); if (p1 == NULL) { if ((p1 = BN_CTX_get(ctx)) == NULL) goto err; } if (p2 == NULL) { if ((p2 = BN_CTX_get(ctx)) == NULL) goto err; } if ((t = BN_CTX_get(ctx)) == NULL) goto err; if ((p1p2 = BN_CTX_get(ctx)) == NULL) goto err; if ((pm1 = BN_CTX_get(ctx)) == NULL) goto err; if (!bn_x931_derive_pi(p1, Xp1, ctx, cb)) goto err; if (!bn_x931_derive_pi(p2, Xp2, ctx, cb)) goto err; if (!BN_mul(p1p2, p1, p2, ctx)) goto err; /* First set p to value of Rp */ if (!BN_mod_inverse(p, p2, p1, ctx)) goto err; if (!BN_mul(p, p, p2, ctx)) goto err; if (!BN_mod_inverse(t, p1, p2, ctx)) goto err; if (!BN_mul(t, t, p1, ctx)) goto err; if (!BN_sub(p, p, t)) goto err; if (p->neg && !BN_add(p, p, p1p2)) goto err; /* p now equals Rp */ if (!BN_mod_sub(p, p, Xp, p1p2, ctx)) goto err; if (!BN_add(p, p, Xp)) goto err; /* p now equals Yp0 */ for (;;) { int i = 1; BN_GENCB_call(cb, 0, i++); if (!BN_copy(pm1, p)) goto err; if (!BN_sub_word(pm1, 1)) goto err; if (!BN_gcd(t, pm1, e, ctx)) goto err; if (BN_is_one(t) /* X9.31 specifies 8 MR and 1 Lucas test or any prime test * offering similar or better guarantees 50 MR is considerably * better. */ && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb)) break; if (!BN_add(p, p, p1p2)) goto err; } BN_GENCB_call(cb, 3, 0); ret = 1;err: BN_CTX_end(ctx); return ret;}
开发者ID:Heratom,项目名称:Firefly-project,代码行数:99,
示例25: BN_kronecker/* Returns -2 for errors because both -1 and 0 are valid results. */int BN_kronecker (const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx){ int i; int ret = -2; /* avoid 'uninitialized' warning */ int err = 0; BIGNUM *A, *B, *tmp; /* In 'tab', only odd-indexed entries are relevant: * For any odd BIGNUM n, * tab[BN_lsw(n) & 7] * is $(-1)^{(n^2-1)/8}$ (using TeX notation). * Note that the sign of n does not matter. */ static const int tab[8] = { 0, 1, 0, -1, 0, -1, 0, 1 }; bn_check_top (a); bn_check_top (b); BN_CTX_start (ctx); A = BN_CTX_get (ctx); B = BN_CTX_get (ctx); if (B == NULL) goto end; err = !BN_copy (A, a); if (err) goto end; err = !BN_copy (B, b); if (err) goto end; /* * Kronecker symbol, imlemented according to Henri Cohen, * "A Course in Computational Algebraic Number Theory" * (algorithm 1.4.10). */ /* Cohen's step 1: */ if (BN_is_zero (B)) { ret = BN_abs_is_word (A, 1); goto end; } /* Cohen's step 2: */ if (!BN_is_odd (A) && !BN_is_odd (B)) { ret = 0; goto end; } /* now B is non-zero */ i = 0; while (!BN_is_bit_set (B, i)) i++; err = !BN_rshift (B, B, i); if (err) goto end; if (i & 1) { /* i is odd */ /* (thus B was even, thus A must be odd!) */ /* set 'ret' to $(-1)^{(A^2-1)/8}$ */ ret = tab[BN_lsw (A) & 7]; } else { /* i is even */ ret = 1; } if (B->neg) { B->neg = 0; if (A->neg) ret = -ret; } /* now B is positive and odd, so what remains to be done is * to compute the Jacobi symbol (A/B) and multiply it by 'ret' */ while (1) { /* Cohen's step 3: */ /* B is positive and odd */ if (BN_is_zero (A)) { ret = BN_is_one (B) ? ret : 0; goto end; }//.........这里部分代码省略.........
开发者ID:274914765,项目名称:C,代码行数:101,
示例26: ec_GFp_simple_set_compressed_coordinatesint ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x_, int y_bit, BN_CTX *ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; int ret = 0; ERR_clear_error(); if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { return 0; } } y_bit = (y_bit != 0); BN_CTX_start(ctx); tmp1 = BN_CTX_get(ctx); tmp2 = BN_CTX_get(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) { goto err; } /* Recover y. We have a Weierstrass equation * y^2 = x^3 + a*x + b, * so y is one of the square roots of x^3 + a*x + b. */ /* tmp1 := x^3 */ if (!BN_nnmod(x, x_, &group->field, ctx)) { goto err; } if (group->meth->field_decode == 0) { /* field_{sqr,mul} work on standard representation */ if (!group->meth->field_sqr(group, tmp2, x_, ctx) || !group->meth->field_mul(group, tmp1, tmp2, x_, ctx)) { goto err; } } else { if (!BN_mod_sqr(tmp2, x_, &group->field, ctx) || !BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) { goto err; } } /* tmp1 := tmp1 + a*x */ if (group->a_is_minus3) { if (!BN_mod_lshift1_quick(tmp2, x, &group->field) || !BN_mod_add_quick(tmp2, tmp2, x, &group->field) || !BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } else { if (group->meth->field_decode) { if (!group->meth->field_decode(group, tmp2, &group->a, ctx) || !BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) { goto err; } } else { /* field_mul works on standard representation */ if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) { goto err; } } if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } /* tmp1 := tmp1 + b */ if (group->meth->field_decode) { if (!group->meth->field_decode(group, tmp2, &group->b, ctx) || !BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } else { if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) { goto err; } } if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) { unsigned long err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); } else { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); } goto err; } if (y_bit != BN_is_odd(y)) {//.........这里部分代码省略.........
开发者ID:ZzeetteEZzOLARINventionZ,项目名称:libwebrtc,代码行数:101,
示例27: ec_GFp_simple_point2octstatic size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, uint8_t *buf, size_t len, BN_CTX *ctx) { size_t ret; BN_CTX *new_ctx = NULL; int used_ctx = 0; BIGNUM *x, *y; size_t field_len, i; if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED) && (form != POINT_CONVERSION_HYBRID)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_INVALID_FORM); goto err; } if (EC_POINT_is_at_infinity(group, point)) { /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; } return 1; } /* ret := required output buffer length */ field_len = BN_num_bytes(&group->field); ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); goto err; } if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { return 0; } } BN_CTX_start(ctx); used_ctx = 1; x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) { goto err; } if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx)) { goto err; } if ((form == POINT_CONVERSION_COMPRESSED || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y)) { buf[0] = form + 1; } else { buf[0] = form; } i = 1; if (!BN_bn2bin_padded(buf + i, field_len, x)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID) { if (!BN_bn2bin_padded(buf + i, field_len, y)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; } if (i != ret) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } } if (used_ctx) { BN_CTX_end(ctx); } if (new_ctx != NULL) { BN_CTX_free(new_ctx); } return ret;err://.........这里部分代码省略.........
开发者ID:ZzeetteEZzOLARINventionZ,项目名称:libwebrtc,代码行数:101,
示例28: BN_is_prime_fasttest_exint BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, int do_trial_division, BN_GENCB *cb){ int i, j, ret = -1; int k; BN_CTX *ctx = NULL; BIGNUM *A1, *A1_odd, *check; /* taken from ctx */ BN_MONT_CTX *mont = NULL; if (BN_cmp(a, BN_value_one()) <= 0) return 0; if (checks == BN_prime_checks) checks = BN_prime_checks_for_size(BN_num_bits(a)); /* first look for small factors */ if (!BN_is_odd(a)) /* a is even => a is prime if and only if a == 2 */ return BN_is_word(a, 2); if (do_trial_division) { for (i = 1; i < NUMPRIMES; i++) { BN_ULONG mod = BN_mod_word(a, primes[i]); if (mod == (BN_ULONG)-1) goto err; if (mod == 0) return BN_is_word(a, primes[i]); } if (!BN_GENCB_call(cb, 1, -1)) goto err; } if (ctx_passed != NULL) ctx = ctx_passed; else if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); A1 = BN_CTX_get(ctx); A1_odd = BN_CTX_get(ctx); check = BN_CTX_get(ctx); if (check == NULL) goto err; /* compute A1 := a - 1 */ if (!BN_copy(A1, a)) goto err; if (!BN_sub_word(A1, 1)) goto err; if (BN_is_zero(A1)) { ret = 0; goto err; } /* write A1 as A1_odd * 2^k */ k = 1; while (!BN_is_bit_set(A1, k)) k++; if (!BN_rshift(A1_odd, A1, k)) goto err; /* Montgomery setup for computations mod a */ mont = BN_MONT_CTX_new(); if (mont == NULL) goto err; if (!BN_MONT_CTX_set(mont, a, ctx)) goto err; for (i = 0; i < checks; i++) { if (!BN_priv_rand_range(check, A1)) goto err; if (!BN_add_word(check, 1)) goto err; /* now 1 <= check < a */ j = witness(check, a, A1, A1_odd, k, ctx, mont); if (j == -1) goto err; if (j) { ret = 0; goto err; } if (!BN_GENCB_call(cb, 1, i)) goto err; } ret = 1; err: if (ctx != NULL) { BN_CTX_end(ctx); if (ctx_passed == NULL) BN_CTX_free(ctx); } BN_MONT_CTX_free(mont); return ret;}
开发者ID:Bilibili,项目名称:openssl,代码行数:95,
注:本文中的BN_is_odd函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。
C++ BN_is_one函数代码示例
C++ BN_is_negative函数代码示例 |
