diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/exhaustive/brainpool.c | 10 | ||||
| -rw-r--r-- | src/exhaustive/brainpool_rfc.c | 10 | ||||
| -rw-r--r-- | src/gen/seed.c | 3 |
3 files changed, 18 insertions, 5 deletions
diff --git a/src/exhaustive/brainpool.c b/src/exhaustive/brainpool.c index 1c8fb31..d7f0c59 100644 --- a/src/exhaustive/brainpool.c +++ b/src/exhaustive/brainpool.c @@ -42,7 +42,7 @@ bits_t *brainpool_hash(const bits_t *s, long w, long v) { GEN z = bits_to_i(s); GEN m = int2n(160); for (long i = 1; i <= v; ++i) { - bits_t *si = bits_from_i(Fp_add(z, stoi(i), m)); + bits_t *si = bits_from_i_len(Fp_add(z, stoi(i), m), 160); bits_sha1(si, hashout + (20 * (i - 1))); bits_free(&si); } @@ -149,7 +149,13 @@ GENERATOR(brainpool_gen_equation) { brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v); GEN a = bits_to_i(a_bits); bits_free(&a_bits); - z = Fp_sqrtn(a, stoi(4), curve->field, NULL); + GEN am = Fp_invsafe(a, curve->field); + if (am == NULL) { + brainpool_update_seed(seed->seed); + avma = btop; + continue; + } + z = Fp_sqrtn(Fp_muls(am, -1, curve->field), stoi(4), curve->field, NULL); if (z == NULL) { brainpool_update_seed(seed->seed); avma = btop; diff --git a/src/exhaustive/brainpool_rfc.c b/src/exhaustive/brainpool_rfc.c index b3c5e5e..1a9fea9 100644 --- a/src/exhaustive/brainpool_rfc.c +++ b/src/exhaustive/brainpool_rfc.c @@ -27,6 +27,8 @@ GENERATOR(brainpool_rfc_gen_seed_input) { brainpool_delegate(brainpool_gen_seed_input); } +#undef brainpool_delegate + GENERATOR(brainpool_rfc_gen_equation) { // field is definitely prime pari_sp btop = avma; @@ -42,7 +44,13 @@ GENERATOR(brainpool_rfc_gen_equation) { brainpool_hash(seed->seed, seed->brainpool.w, seed->brainpool.v); GEN a = bits_to_i(a_bits); bits_free(&a_bits); - z = Fp_sqrtn(a, stoi(4), curve->field, NULL); + GEN am = Fp_invsafe(a, curve->field); + if (am == NULL) { + brainpool_update_seed(seed->seed); + avma = btop; + continue; + } + z = Fp_sqrtn(Fp_muls(am, -1, curve->field), stoi(4), curve->field, NULL); if (z == NULL) { brainpool_update_seed(seed->seed); avma = btop; diff --git a/src/gen/seed.c b/src/gen/seed.c index 2e3f9e3..3baed9c 100644 --- a/src/gen/seed.c +++ b/src/gen/seed.c @@ -46,12 +46,11 @@ void seed_free(seed_t **seed) { case SEED_ANSI: break; case SEED_BRAINPOOL: + case SEED_BRAINPOOL_RFC: bits_free(&(*seed)->brainpool.seed_a); bits_free(&(*seed)->brainpool.seed_b); bits_free(&(*seed)->brainpool.seed_bp); break; - case SEED_BRAINPOOL_RFC: - break; case SEED_FIPS: break; case SEED_NONE: |