version 1.1.4.2, 2004/03/04 18:18:15 |
version 1.2, 2003/11/21 11:57:03 |
|
|
|
|
#include <openssl/bn.h> |
#include <openssl/bn.h> |
|
|
|
|
/* |
/* |
|
* Debugging defines |
|
*/ |
|
|
|
/* define DEBUG_LARGE 1 */ |
|
/* define DEBUG_SMALL 1 */ |
|
/* define DEBUG_TEST 1 */ |
|
|
|
/* |
* File output defines |
* File output defines |
*/ |
*/ |
|
|
|
|
#define QTEST_JACOBI (0x08) |
#define QTEST_JACOBI (0x08) |
#define QTEST_ELLIPTIC (0x10) |
#define QTEST_ELLIPTIC (0x10) |
|
|
/* |
/* Size: decimal. |
* Size: decimal. |
|
* Specifies the number of the most significant bit (0 to M). |
* Specifies the number of the most significant bit (0 to M). |
* WARNING: internally, usually 1 to N. |
** WARNING: internally, usually 1 to N. |
*/ |
*/ |
#define QSIZE_MINIMUM (511) |
#define QSIZE_MINIMUM (511) |
|
|
|
|
{ |
{ |
u_int32_t r, u; |
u_int32_t r, u; |
|
|
debug3("sieve_large %u", s); |
debug2("sieve_large %u", s); |
largetries++; |
largetries++; |
/* r = largebase mod s */ |
/* r = largebase mod s */ |
r = BN_mod_word(largebase, s); |
r = BN_mod_word(largebase, s); |
|
|
debug2("%10u: known composite", count_in); |
debug2("%10u: known composite", count_in); |
continue; |
continue; |
} |
} |
|
|
/* tries */ |
/* tries */ |
in_tries = strtoul(cp, &cp, 10); |
in_tries = strtoul(cp, &cp, 10); |
|
|
|
|
in_size += 1; |
in_size += 1; |
generator_known = 0; |
generator_known = 0; |
break; |
break; |
case QTYPE_UNSTRUCTURED: |
default: |
case QTYPE_SAFE: |
|
case QTYPE_SCHNOOR: |
|
case QTYPE_STRONG: |
|
case QTYPE_UNKNOWN: |
|
debug2("%10u: (%u)", count_in, in_type); |
debug2("%10u: (%u)", count_in, in_type); |
a = p; |
a = p; |
BN_hex2bn(&a, cp); |
BN_hex2bn(&a, cp); |
/* q = (p-1) / 2 */ |
/* q = (p-1) / 2 */ |
BN_rshift(q, p, 1); |
BN_rshift(q, p, 1); |
break; |
break; |
default: |
|
debug2("Unknown prime type"); |
|
break; |
|
} |
} |
|
|
/* |
/* |
|
|
in_tries += trials; |
in_tries += trials; |
else |
else |
in_tries = trials; |
in_tries = trials; |
|
|
/* |
/* |
* guess unknown generator |
* guess unknown generator |
*/ |
*/ |
|
|
else { |
else { |
u_int32_t r = BN_mod_word(p, 10); |
u_int32_t r = BN_mod_word(p, 10); |
|
|
if (r == 3 || r == 7) |
if (r == 3 || r == 7) { |
generator_known = 5; |
generator_known = 5; |
|
} |
} |
} |
} |
} |
/* |
/* |
|
|
continue; |
continue; |
} |
} |
|
|
/* |
|
* Primes with no known generator are useless for DH, so |
|
* skip those. |
|
*/ |
|
if (generator_known == 0) { |
|
debug2("%10u: no known generator", count_in); |
|
continue; |
|
} |
|
|
|
count_possible++; |
count_possible++; |
|
|
/* |
/* |
|
|
* vast majority of composite q's. |
* vast majority of composite q's. |
*/ |
*/ |
if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { |
if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { |
debug("%10u: q failed first possible prime test", |
debug2("%10u: q failed first possible prime test", |
count_in); |
count_in); |
continue; |
continue; |
} |
} |
|
|
* doesn't hurt to specify a high iteration count. |
* doesn't hurt to specify a high iteration count. |
*/ |
*/ |
if (!BN_is_prime(p, trials, NULL, ctx, NULL)) { |
if (!BN_is_prime(p, trials, NULL, ctx, NULL)) { |
debug("%10u: p is not prime", count_in); |
debug2("%10u: p is not prime", count_in); |
continue; |
continue; |
} |
} |
debug("%10u: p is almost certainly prime", count_in); |
debug("%10u: p is almost certainly prime", count_in); |