security/nss/lib/freebl/mpi/utils/bbs_rand.c@b8a032363ba2 (annotated)
security/nss/lib/freebl/mpi/utils/bbs_rand.c
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
| michael@0 | 1 | /* |
| michael@0 | 2 | * Blum, Blum & Shub PRNG using the MPI library |
| michael@0 | 3 | * |
| michael@0 | 4 | * This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 5 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 6 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 7 | |
| michael@0 | 8 | #include "bbs_rand.h" |
| michael@0 | 9 | |
| michael@0 | 10 | #define SEED 1 |
| michael@0 | 11 | #define MODULUS 2 |
| michael@0 | 12 | |
| michael@0 | 13 | /* This modulus is the product of two randomly generated 512-bit |
| michael@0 | 14 | prime integers, each of which is congruent to 3 (mod 4). */ |
| michael@0 | 15 | static char *bbs_modulus = |
| michael@0 | 16 | "75A2A6E1D27393B86562B9CE7279A8403CB4258A637DAB5233465373E37837383EDC" |
| michael@0 | 17 | "332282B8575927BC4172CE8C147B4894050EE9D2BDEED355C121037270CA2570D127" |
| michael@0 | 18 | "7D2390CD1002263326635CC6B259148DE3A1A03201980A925E395E646A5E9164B0EC" |
| michael@0 | 19 | "28559EBA58C87447245ADD0651EDA507056A1129E3A3E16E903D64B437"; |
| michael@0 | 20 | |
| michael@0 | 21 | static int bbs_init = 0; /* flag set when library is initialized */ |
| michael@0 | 22 | static mp_int bbs_state; /* the current state of the generator */ |
| michael@0 | 23 | |
| michael@0 | 24 | /* Suggested size of random seed data */ |
| michael@0 | 25 | int bbs_seed_size = (sizeof(bbs_modulus) / 2); |
| michael@0 | 26 | |
| michael@0 | 27 | void bbs_srand(unsigned char *data, int len) |
| michael@0 | 28 | { |
| michael@0 | 29 | if((bbs_init & SEED) == 0) { |
| michael@0 | 30 | mp_init(&bbs_state); |
| michael@0 | 31 | bbs_init |= SEED; |
| michael@0 | 32 | } |
| michael@0 | 33 | |
| michael@0 | 34 | mp_read_raw(&bbs_state, (char *)data, len); |
| michael@0 | 35 | |
| michael@0 | 36 | } /* end bbs_srand() */ |
| michael@0 | 37 | |
| michael@0 | 38 | unsigned int bbs_rand(void) |
| michael@0 | 39 | { |
| michael@0 | 40 | static mp_int modulus; |
| michael@0 | 41 | unsigned int result = 0, ix; |
| michael@0 | 42 | |
| michael@0 | 43 | if((bbs_init & MODULUS) == 0) { |
| michael@0 | 44 | mp_init(&modulus); |
| michael@0 | 45 | mp_read_radix(&modulus, bbs_modulus, 16); |
| michael@0 | 46 | bbs_init |= MODULUS; |
| michael@0 | 47 | } |
| michael@0 | 48 | |
| michael@0 | 49 | for(ix = 0; ix < sizeof(unsigned int); ix++) { |
| michael@0 | 50 | mp_digit d; |
| michael@0 | 51 | |
| michael@0 | 52 | mp_sqrmod(&bbs_state, &modulus, &bbs_state); |
| michael@0 | 53 | d = DIGIT(&bbs_state, 0); |
| michael@0 | 54 | |
| michael@0 | 55 | result = (result << CHAR_BIT) | (d & UCHAR_MAX); |
| michael@0 | 56 | } |
| michael@0 | 57 | |
| michael@0 | 58 | return result; |
| michael@0 | 59 | |
| michael@0 | 60 | } /* end bbs_rand() */ |
| michael@0 | 61 | |
| michael@0 | 62 | /*------------------------------------------------------------------------*/ |
| michael@0 | 63 | /* HERE THERE BE DRAGONS */ |
