- Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44)

This commit is contained in:
Paul Bakker 2011-11-25 12:11:43 +00:00
parent b6d5f08051
commit fe3256e54b
4 changed files with 23 additions and 5 deletions

View file

@ -26,6 +26,8 @@ Changes
(Credits go to Marco Lizza)
* Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory
trade-off
* Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size
management (Closes ticket #44)
Bugfix
* Fixed faulty HMAC-MD2 implementation. Found by dibac. (Closes

View file

@ -56,6 +56,16 @@
*/
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
/*
* Maximum size of MPIs allowed in bits and bytes for user-MPIs.
* ( Default: 512 bytes => 4096 bits )
*
* Note: Calculations can results temporarily in larger MPIs. So the number
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
*/
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
/*
* Define the base integer type, architecture-wise
*/
@ -572,7 +582,7 @@ int mpi_is_prime( mpi *X, int (*f_rng)(void *), void *p_rng );
* \brief Prime number generation
*
* \param X Destination MPI
* \param nbits Required size of X in bits ( 3 <= nbits <= 4096 )
* \param nbits Required size of X in bits ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS )
* \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function
* \param p_rng RNG parameter

View file

@ -440,7 +440,10 @@ int mpi_read_file( mpi *X, int radix, FILE *fin )
t_uint d;
size_t slen;
char *p;
char s[1024];
/*
* Buffer should have space for (short) label and hexified MPI and '\0'
*/
char s[ 2 * POLARSSL_MPI_MAX_SIZE + 10 ];
memset( s, 0, sizeof( s ) );
if( fgets( s, sizeof( s ) - 1, fin ) == NULL )
@ -465,7 +468,10 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout )
{
int ret;
size_t n, slen, plen;
char s[2048];
/*
* Buffer should have space for minus sign, hexified MPI and '\0'
*/
char s[ 2 * POLARSSL_MPI_MAX_SIZE + 2 ];
n = sizeof( s );
memset( s, 0, n );
@ -1867,7 +1873,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
size_t k, n;
mpi Y;
if( nbits < 3 || nbits > 4096 )
if( nbits < 3 || nbits > POLARSSL_MPI_MAX_BITS )
return( POLARSSL_ERR_MPI_BAD_INPUT_DATA );
mpi_init( &Y );

View file

@ -142,7 +142,7 @@ int rsa_check_pubkey( const rsa_context *ctx )
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
if( mpi_msb( &ctx->N ) < 128 ||
mpi_msb( &ctx->N ) > 4096 )
mpi_msb( &ctx->N ) > POLARSSL_MPI_MAX_BITS )
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
if( mpi_msb( &ctx->E ) < 2 ||