wolfssl: Fix crypto_bignum_rand() implementation
The previous implementation used mp_rand_prime() to generate a random value in range 0..m. That is insanely slow way of generating a random value since mp_rand_prime() is for generating a random _prime_ which is not what is needed here. Replace that implementation with generationg of a random value in the requested range without doing any kind of prime number checks or loops to reject values that are not primes. This speeds up SAE and EAP-pwd routines by couple of orders of magnitude.. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
6a28c4dbc1
commit
eb595b3e3a
1 changed files with 7 additions and 5 deletions
|
|
@ -1104,19 +1104,21 @@ int crypto_bignum_rand(struct crypto_bignum *r, const struct crypto_bignum *m)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
WC_RNG rng;
|
WC_RNG rng;
|
||||||
|
size_t len;
|
||||||
|
u8 *buf;
|
||||||
|
|
||||||
if (TEST_FAIL())
|
if (TEST_FAIL())
|
||||||
return -1;
|
return -1;
|
||||||
if (wc_InitRng(&rng) != 0)
|
if (wc_InitRng(&rng) != 0)
|
||||||
return -1;
|
return -1;
|
||||||
if (mp_rand_prime((mp_int *) r,
|
len = (mp_count_bits((mp_int *) m) + 7) / 8;
|
||||||
(mp_count_bits((mp_int *) m) + 7) / 8 * 2,
|
buf = os_malloc(len);
|
||||||
&rng, NULL) != 0)
|
if (!buf || wc_RNG_GenerateBlock(&rng, buf, len) != 0 ||
|
||||||
ret = -1;
|
mp_read_unsigned_bin((mp_int *) r, buf, len) != MP_OKAY ||
|
||||||
if (ret == 0 &&
|
|
||||||
mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0)
|
mp_mod((mp_int *) r, (mp_int *) m, (mp_int *) r) != 0)
|
||||||
ret = -1;
|
ret = -1;
|
||||||
wc_FreeRng(&rng);
|
wc_FreeRng(&rng);
|
||||||
|
bin_clear_free(buf, len);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue