Commit Graph

54 Commits

Author SHA1 Message Date
Steffen Jaeckel
846d7f36eb add version information 2015-04-25 15:25:42 +02:00
Steffen Jaeckel
6db706e857 bring back __DATE__ to fp_ident(), but it's disabled by default 2015-04-25 15:10:33 +02:00
Sebastian Andrzej Siewior
8ea169937d drop __DATE__ from fp_ident
To meet Debian's reproducible builds [0] goal I remove the __DATE__
macro.
In case this is not acceptable because the date of build is _really_
important / required I could come with a ifdef or something else.

[0] https://wiki.debian.org/ReproducibleBuilds

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-04-25 14:59:37 +02:00
Sebastian Andrzej Siewior
5d83c4e5ab tfm: use unsigned int for fp_digit on !FP_64BIT
There is a bugzilla entry at clamav [0] reports a problem on s390x
  "mul/fp_mul_comba_20.c:91: warning: right shift count >= width of type"
because fp_digit is 64bit and according to the comment it should be
smaller.
s390x is 64bit platform i.e. long and long long are both 64bit. The
same is true for ppc64, arm64 or sparc64 (RIP alpha).

The headerfile seems only to define FP_64BIT on x86_64.
The current code seems to define SIZEOF_FP_DIGIT either to 8 (64bit) or
to 4 in the else case and 4 looks like int and not long. Therefore the
change here.

If this change makes no sense and you would prefer to use something like
    #if __SIZEOF_LONG__ == 8
       #define FP_64BIT
    #endif

to autodetect a 64bit platform then we could try do this instead. I
haven't tested this patch nor verified that the problem still occures.

If you have no obvious solution and would like to have a confirmation
that this patch solves a problem I could try to get my hands on
something not x86 with 64bit in order to verify.

[0] https://bugzilla.clamav.net/show_bug.cgi?id=9017

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-04-25 14:22:35 +02:00
Steven Morgan
522a092ffb fp_ident: fix incorrect length in strncat() call.
strncat' last argument is the remaining size of the buffer given in the
first argument, not the total buffer length.

Reported-by: contact@oppida.fr via clamav #11166
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-04-25 14:22:34 +02:00
David Raynor
060b2c5697 s_fp_add: completely init c after add
This was reported in clamav via a "coverity report" #11125/#11126. I can't
get the coverity report and I've been told that

|< linnatic> bigeasy: unfortunately, I can't get you the coverity report
|< linnatic> bigeasy: but it does seem that the patch is not
|required as the possible coverity issue is unlikely to occur

so if you thing that this patch is not required (which is what I assume) then
please drop that patch, I just added since it was in the clamav tree…

[sebastian@breakpoint: patch description]
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-04-25 14:22:34 +02:00
Sebastian Andrzej Siewior
6fbf2ba87d fp_toradix_n: make sure too small strings are recognized
If maxlen is too small then we get FP_OKAY as return value but not
everything is part of the string. This patch changes it so that the
caller learns about this short comming.

While at it, drop the doxygen style comment. It is the only of his kind
and does no longer match the code.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-04-25 14:22:34 +02:00
Patrick Oppenlander
c9ae4c70d4 ppc32: fix fp_montgomery_reduce assembly
Previous patch modified constraints from =m to =g. Turns out this also
allows registers which doesn't work with the inline assembly
instructions.

If we change back to =m GCC 5.0 warns that constraints do not allow a
register.

In order to work around these issues we now pass the arguments in
registers and let GCC handle the loading & storing.
2015-04-17 10:18:45 +10:00
Steffen Jaeckel
e4f8c04da6 fp_toradix[_n]: revise and split up 2015-02-15 23:33:11 +01:00
Sebastian Andrzej Siewior
f734a43b05 implement fp_toradix_n()
It is not implemened yet, just added to the headerfile. Therefore I don't
think it is a ABI breakage if I change maxlen from int to unsigned int.

The function releases fp_toradix() for the work which in turn now calls
fp_toradix_n() with a largest possible maxlen parameter.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2015-02-15 19:29:12 +01:00
Steffen Jaeckel
77be93c201 fix compile errors 2015-02-15 14:50:20 +01:00
Steffen Jaeckel
3142b0bdfc fp_prime_random_ex: make sure call-back function is not NULL 2014-10-13 16:51:13 +02:00
Steffen Jaeckel
fede300ee8 fp_prime_random_ex: use parameter 't' 2014-10-13 16:46:10 +02:00
Steffen Jaeckel
ce72d69438 add macro FP_PRIME_SIZE 2014-10-13 16:45:34 +02:00
Giovanni Bajo
08484a1020 Avoid always generating 0x80 as MSB in primes.
When we ask to generate a prime whose size is a multiple of 8,
the code wrongly computes the mask as 0x00 instead of 0xFF, so the
generated prime always has the MSB set to 0x80 (the highest bit is OR'ed
later in the code).
2014-10-13 13:40:57 +02:00
Steffen Jaeckel
7a38e49b8e add fp_isprime_ex()
fp_isprime() is now only a wrapper function to fp_isprime_ex()
2014-10-13 13:40:36 +02:00
Steffen Jaeckel
f7b194f741 minor changes, trim trailing spaces 2014-10-13 13:39:30 +02:00
Steffen Jaeckel
ec7f25200f add fp_rand()
it's a port of the function in libtommath
2014-08-14 21:19:14 +02:00
Steffen Jaeckel
03334b30b4 mont: make INNERMUL register clobber list equal to the 64bit version 2014-08-14 21:17:11 +02:00
Steffen Jaeckel
ec6c224b09 fix sqr_comba compiler warnings 2014-08-11 17:54:09 +02:00
Steffen Jaeckel
72fe8e48ba montgomery reduce: change #ifdef
as INNERMUL8 is only defined where it is available, simply check if it's
defined and don't check again for the arch
2014-07-20 16:08:35 +02:00
Steffen Jaeckel
06ef0be491 tfm.h: add missing prototype of fp_radix_size() 2014-06-21 13:24:22 +02:00
Steffen Jaeckel
7882b0370d ed1a1e90e9 was not only a x86-64 problem 2014-06-21 13:24:03 +02:00
Steffen Jaeckel
60cf64919f fp_read_radix: port modifications from libtommath 2014-06-15 18:35:31 +02:00
Steffen Jaeckel
06e1cd7216 fix compiler warning 2014-06-14 17:39:18 +02:00
Steffen Jaeckel
c6b1b8e2f1 fix ulong64 typedef that led to broken builds for several platforms
x86_64-w64-mingw32 and 32Bit mode on 64Bit system

x86_64-w64-mingw32-gcc
'gcc -m32'
'gcc -mx32'
2014-06-14 17:39:10 +02:00
Steffen Jaeckel
ed1a1e90e9 fix clobber list for x86-64 assembler 2014-06-12 18:20:32 +02:00
Steffen Jaeckel
be2ca4880d Regenerate sqr comba files 2014-06-12 18:20:11 +02:00
Steffen Jaeckel
bdeafda752 Regenerate mul comba files 2014-06-12 18:19:53 +02:00
Steffen Jaeckel
3cabe12a21 mul generator: update preamble not to compile the code if it's not required 2014-06-12 18:08:34 +02:00
Steffen Jaeckel
8c8d763389 sqr generator: update preamble not to compile the code if it's not required 2014-06-12 18:08:10 +02:00
Steffen Jaeckel
2d5b8206fa also patch fp_mul() as proposed by tom on the ML [1]
[1] https://groups.google.com/forum/#!topic/libtom/MdbS1vcLhCU
2014-06-12 18:06:26 +02:00
Steffen Jaeckel
a7804acf42 implement 50f587c36f as proposed by tom 2014-06-12 18:04:03 +02:00
Steffen Jaeckel
e8163eb74a fixup 3f7a1dca3b 2014-06-12 18:01:58 +02:00
Steffen Jaeckel
82aeb1d824 change DIGIT_BIT define to be able to test e.g. FP_SIZE in a macro 2014-06-12 17:59:22 +02:00
Steffen Jaeckel
540e3ecbc1 Realign mult generators with existing files in repo.
NB: fp_mul_comba32() is hand-optimized and has to be hand-crafted after
re-generation
2014-06-12 17:40:58 +02:00
Steffen Jaeckel
39b18f774c fix compiler warnings 2014-06-12 17:36:49 +02:00
Steffen Jaeckel
86e7c59ff4 trim trailing spaces/clean-up 2014-06-12 17:35:54 +02:00
Steffen Jaeckel
bea9b1cc22 Merge remote-tracking branch 'rasky/bugfix_sqr_bufferoverflow' 2014-06-12 11:31:39 +02:00
Steffen Jaeckel
7993b1b66c regenerate fp_sqr_comba_small_set.c 2014-06-12 11:00:30 +02:00
Steffen Jaeckel
6673bd99ce minor fixes to really reproduce original files 2014-06-12 10:58:54 +02:00
Steffen Jaeckel
f8227a0dd9 trim trailing spaces 2014-06-12 10:58:39 +02:00
Steffen Jaeckel
f5b5bc09fb Revert "Bugfix: clear the exceeding destination digits."
This reverts commit 50f587c36f.
2014-06-12 10:50:19 +02:00
Steffen Jaeckel
7d003805ad Revert "Regenerate sqr comba files with bugfix"
This reverts commit ab4374299c.
2014-06-12 10:50:03 +02:00
Giovanni Bajo
3f7a1dca3b Fix for buffer overflows in fp_mul. 2011-09-20 12:06:44 +02:00
Giovanni Bajo
c32affe350 Bugfix: fix buffer overflow with comba sqr
The comba sqr code does not check the maximum bounds of fp_int; eg:
if you invoke fp_sqr_comba_20, it will write 40 digits to the
destination even if FP_SIZE < 40. This is correct for achieving high
speeds, but it means that it is the caller's responsibility to check for
such overflows.

fp_sqr.c only checks for numeric overflows (a->used * 2 >= FP_SIZE)
though. This means that if you call fp_sqr() with a small number (say
1), and your FP_SIZE is 10, and you have enabled a fp_sqr_comba_8, it
will overflow your buffer by writing 16 digits.

Since the exact subset of active comba multipliers/sqrs are up to the user
(in tfm.h), we fix the code never to invoke them if they can cause
overflows.
2011-09-20 12:06:44 +02:00
Giovanni Bajo
ab4374299c Regenerate sqr comba files with bugfix 2011-09-20 11:37:23 +02:00
Giovanni Bajo
782c6e52de Realign generators with existing files in repo. 2011-09-20 11:36:41 +02:00
Giovanni Bajo
8f059cd52f Add makefile for sqr generators 2011-09-20 11:35:51 +02:00
Giovanni Bajo
50f587c36f Bugfix: clear the exceeding destination digits.
Currently, the fp_sqr_comba_* functions do not fully clear the destination
number, but only overwrites the digits they care about. Eg: if
you call a comba4, it will overwrite the first 8 digits and leave
the others unchanged.

On the other hand, fp_mul_comba_* functions do *not* check incoming
unused digits (relying on the guarantee that they must be zero),
so they will happily compute the wrong result if those digits
are not empty. Testcase for a 32-bit system:

   char buf[64];
   fp_int num, num2, d;

   memset(buf, 0xFF, sizeof(buf);
   fp_read_unsigned_bin(&num, buf);
   fp_set(&d, 1);

   fp_sqr_comba_3(&d, &num);
   // now num is { 0x1, 0x0, 0x0, 0x0, 0x0, 0x0,
   //              0xFFFFFFFF, 0xFFFFFFFF ... }
   // only first 6 digits have been written, but even
   // if num.used is correctly set to 6, this can trigger
   // bugs.

   // Create a number larger than 6 digits
   fp_2expt(&num2, 8*32+4);

   fp_mul_comba_8(&num, &num2, &num2);
   // wrong result has been computed, because the first 8
   // digits of num have been read and multiplied
   // even if num->used == 6, relying on the fact that
   // they should be zero.
2011-09-20 11:02:53 +02:00