From 33e9bad93fe86f8ab2adde7d0f70bc39187087c5 Mon Sep 17 00:00:00 2001 From: Rudolf Polzer Date: Thu, 5 Aug 2010 09:43:23 +0200 Subject: [PATCH] un-debianize libd0_blind_id's RNG on Win32 --- d0_bignum-gmp.c | 34 ++++++++++++++++++++++++++++------ d0_blind_id.c | 24 ++++++++++++++++++++---- 2 files changed, 48 insertions(+), 10 deletions(-) diff --git a/d0_bignum-gmp.c b/d0_bignum-gmp.c index 6a2f703..5f0babc 100644 --- a/d0_bignum-gmp.c +++ b/d0_bignum-gmp.c @@ -17,6 +17,11 @@ License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#ifdef WIN32 +#include +#include +#endif + #include "d0_bignum.h" #include @@ -33,26 +38,43 @@ static d0_bignum_t temp; #include #include + void d0_bignum_INITIALIZE(void) { FILE *f; + unsigned char buf[256]; d0_bignum_init(&temp); gmp_randinit_mt(RANDSTATE); gmp_randseed_ui(RANDSTATE, time(NULL)); + * (time_t *) (&buf[0]) = time(0); // if everything else fails, we use the current time + uninitialized data +#ifdef WIN32 + { + HCRYPTPROV hCryptProv; + if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) + { + if(!CryptGenRandom(hCryptProv, sizeof(buf), (PBYTE) &buf[0])) + fprintf(stderr, "WARNING: could not initialize random number generator (CryptGenRandom failed)\n"); + } + else + fprintf(stderr, "WARNING: could not initialize random number generator (CryptAcquireContext failed)\n"); + } +#else f = fopen("/dev/urandom", "rb"); if(!f) f = fopen("/dev/random", "rb"); if(f) { - unsigned char buf[256]; setbuf(f, NULL); - if(fread(buf, sizeof(buf), 1, f) == 1) - { - mpz_import(temp.z, sizeof(buf), 1, 1, 0, 0, buf); - gmp_randseed(RANDSTATE, temp.z); - } + if(fread(buf, sizeof(buf), 1, f) != 1) + fprintf(stderr, "WARNING: could not initialize random number generator (read from random device failed)\n"); fclose(f); } + else + fprintf(stderr, "WARNING: could not initialize random number generator (no random device found)\n"); +#endif + + mpz_import(temp.z, sizeof(buf), 1, 1, 0, 0, buf); + gmp_randseed(RANDSTATE, temp.z); } void d0_bignum_SHUTDOWN(void) diff --git a/d0_blind_id.c b/d0_blind_id.c index c71c88b..cc85624 100644 --- a/d0_blind_id.c +++ b/d0_blind_id.c @@ -80,6 +80,8 @@ struct d0_blind_id_s #define CHECK(x) do { if(!(x)) goto fail; } while(0) #define CHECK_ASSIGN(var, value) do { d0_bignum_t *val; val = value; if(!val) goto fail; var = val; } while(0) +#define MPCHECK(x) do { if(!failed) if(!(x)) failed = 1; } while(0) +#define MPCHECK_ASSIGN(var, value) do { if(!failed) { d0_bignum_t *val; val = value; if(val) var = val; else failed = 1; } } while(0) #define USING(x) if(!(ctx->x)) return 0 #define REPLACING(x) @@ -712,6 +714,7 @@ WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_ static unsigned char convbuf[1024]; d0_iobuf_t *conv = NULL; size_t sz = 0; + BOOL failed = 0; // temps: temp0 order, temp0 4^r if(is_first) @@ -736,14 +739,27 @@ WARN_UNUSED_RESULT BOOL d0_blind_id_authenticate_with_private_id_start(d0_blind_ // generate random number r; x = g^r; send hash of x, remember r, forget x CHECK(d0_dl_get_order(temp0, ctx->schnorr_G)); CHECK_ASSIGN(ctx->r, d0_bignum_rand_range(ctx->r, zero, temp0)); - CHECK(d0_bignum_mod_pow(temp0, four, ctx->r, ctx->schnorr_G)); + //CHECK(d0_bignum_mod_pow(temp0, four, ctx->r, ctx->schnorr_G)); // initialize Signed Diffie Hellmann - CHECK(d0_dl_get_order(temp1, ctx->schnorr_G)); - CHECK_ASSIGN(ctx->t, d0_bignum_rand_range(ctx->t, zero, temp1)); - CHECK_ASSIGN(ctx->g_to_t, d0_bignum_mod_pow(ctx->g_to_t, four, ctx->t, ctx->schnorr_G)); + // we already have the group order in temp1 + CHECK_ASSIGN(ctx->t, d0_bignum_rand_range(ctx->t, zero, temp0)); // can we SOMEHOW do this with just one mod_pow? +#pragma omp parallel default(shared) reduction(||:failed) +#pragma omp sections + { +#pragma omp section + { + MPCHECK(d0_bignum_mod_pow(temp0, four, ctx->r, ctx->schnorr_G)); + } +#pragma omp section + { + MPCHECK_ASSIGN(ctx->g_to_t, d0_bignum_mod_pow(ctx->g_to_t, four, ctx->t, ctx->schnorr_G)); + } + } + CHECK(!failed); + // hash it, hash it, everybody hash it conv = d0_iobuf_open_write(convbuf, sizeof(convbuf)); CHECK(d0_iobuf_write_bignum(conv, temp0)); -- 2.39.2