Fixed 3132700 (close_notify), 3078672 (regular_square), 3072881

(process_server_hello). Using Montgomery until q_dash issue solved.


git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@180 9a5d90b5-6617-0410-8a86-bb477d3ed2e3

crypto/bigint.c

@@ -442,18 +442,18 @@ bigint *bi_divide(BI_CTX *ctx, bigint *u, bigint *v, int is_mod)
         else
         {
             q_dash = (comp)(((long_comp)U(0)*COMP_RADIX + U(1))/V1);
-        }
 
-        if (v->size > 1 && V2)
-        {
-            /* we are implementing the following:
-            if (V2*q_dash > (((U(0)*COMP_RADIX + U(1) - 
-                    q_dash*V1)*COMP_RADIX) + U(2))) ... */
-            comp inner = (comp)((long_comp)COMP_RADIX*U(0) + U(1) - 
-                                        (long_comp)q_dash*V1);
-            if ((long_comp)V2*q_dash > (long_comp)inner*COMP_RADIX + U(2))
+            if (v->size > 1 && V2)
             {
-                q_dash--;
+                /* we are implementing the following:
+                if (V2*q_dash > (((U(0)*COMP_RADIX + U(1) - 
+                        q_dash*V1)*COMP_RADIX) + U(2))) ... */
+                comp inner = (comp)((long_comp)COMP_RADIX*U(0) + U(1) - 
+                                            (long_comp)q_dash*V1);
+                if ((long_comp)V2*q_dash > (long_comp)inner*COMP_RADIX + U(2))
+                {
+                    q_dash--;
+                }
             }
         }
 
@@ -926,55 +926,52 @@ bigint *bi_multiply(BI_CTX *ctx, bigint *bia, bigint *bib)
 /*
  * Perform the actual square operion. It takes into account overflow.
  */
-static bigint *regular_square(BI_CTX *ctx, bigint *bi)
+bigint *regular_square(BI_CTX *ctx, bigint *bi)
 {
     int t = bi->size;
     int i = 0, j;
     bigint *biR = alloc(ctx, t*2);
     comp *w = biR->comps;
     comp *x = bi->comps;
-    comp carry;
-
+    long_comp carry;
     memset(w, 0, biR->size*COMP_BYTE_SIZE);
 
     do
     {
         long_comp tmp = w[2*i] + (long_comp)x[i]*x[i];
-        comp u = 0;
+        uint8_t c = 0, q = 0;
         w[2*i] = (comp)tmp;
         carry = (comp)(tmp >> COMP_BIT_SIZE);
 
         for (j = i+1; j < t; j++)
         {
+            c = q = 0;
             long_comp xx = (long_comp)x[i]*x[j];
-            long_comp xx2 = 2*xx;
-            long_comp blob = (long_comp)w[i+j]+carry;
+            if (COMP_MAX-xx < xx)
+                c = 1;
 
-            if (u)                  /* previous overflow */
-            {
-                blob += COMP_RADIX;
-            }
+            tmp = (xx<<1);
 
+            if (COMP_MAX-tmp < w[i+j])
+                c = 1;
 
-            u = 0;
-            tmp = xx2 + blob;
+            tmp += w[i+j];
 
-            /* check for overflow */
-            if ((COMP_MAX-xx) < xx  || (COMP_MAX-xx2) < blob)
-            {
-                u = 1;
-            }
+            if (COMP_MAX-tmp < carry)
+                c = q = 1;
 
+            tmp += carry;
             w[i+j] = (comp)tmp;
-            carry = (comp)(tmp >> COMP_BIT_SIZE);
+            carry = tmp >> COMP_BIT_SIZE;
+
+            if (c)
+                carry += COMP_RADIX;
         }
 
         w[i+t] += carry;
 
-        if (u)
-        {
-            w[i+t+1] = 1;   /* add carry */
-        }
+        if (c && !q)
+            w[i+t+1] = 1; /* add carry */
     } while (++i < t);
 
     bi_free(ctx, bi);

crypto/bigint_impl.h

@@ -41,7 +41,28 @@
 #define BIGINT_NUM_MODS     1    
 #endif
 
+//#define REGISTER_8          1
+
 /* Architecture specific functions for big ints */
+#if defined(REGISTER_8)
+#define COMP_RADIX          256U       /**< Max component + 1 */
+#define COMP_MAX            0xFFFFU/**< (Max dbl comp -1) */
+#define COMP_BIT_SIZE       8   /**< Number of bits in a component. */
+#define COMP_BYTE_SIZE      1   /**< Number of bytes in a component. */
+#define COMP_NUM_NIBBLES    2   /**< Used For diagnostics only. */
+typedef uint8_t comp;	        /**< A single precision component. */
+typedef uint16_t long_comp;     /**< A double precision component. */
+typedef int16_t slong_comp;     /**< A signed double precision component. */
+#elif defined(REGISTER_16)
+#define COMP_RADIX          65536U       /**< Max component + 1 */
+#define COMP_MAX            0xFFFFFFFFU/**< (Max dbl comp -1) */
+#define COMP_BIT_SIZE       16  /**< Number of bits in a component. */
+#define COMP_BYTE_SIZE      2   /**< Number of bytes in a component. */
+#define COMP_NUM_NIBBLES    4   /**< Used For diagnostics only. */
+typedef uint16_t comp;	        /**< A single precision component. */
+typedef uint32_t long_comp;     /**< A double precision component. */
+typedef int32_t slong_comp;     /**< A signed double precision component. */
+#else /* regular 32 bit */
 #ifdef WIN32
 #define COMP_RADIX          4294967296i64         
 #define COMP_MAX            0xFFFFFFFFFFFFFFFFui64
@@ -52,10 +73,10 @@
 #define COMP_BIT_SIZE       32  /**< Number of bits in a component. */
 #define COMP_BYTE_SIZE      4   /**< Number of bytes in a component. */
 #define COMP_NUM_NIBBLES    8   /**< Used For diagnostics only. */
-
 typedef uint32_t comp;	        /**< A single precision component. */
 typedef uint64_t long_comp;     /**< A double precision component. */
 typedef int64_t slong_comp;     /**< A signed double precision component. */
+#endif
 
 /**
  * @struct  _bigint

crypto/rsa.c

@@ -88,7 +88,7 @@ void RSA_pub_key_new(RSA_CTX **ctx,
     *ctx = (RSA_CTX *)calloc(1, sizeof(RSA_CTX));
     rsa_ctx = *ctx;
     rsa_ctx->bi_ctx = bi_ctx;
-    rsa_ctx->num_octets = (mod_len & 0xFFF0);
+    rsa_ctx->num_octets = mod_len;
     rsa_ctx->m = bi_import(bi_ctx, modulus, mod_len);
     bi_set_mod(bi_ctx, rsa_ctx->m, BIGINT_M_OFFSET);
     rsa_ctx->e = bi_import(bi_ctx, pub_exp, pub_len);