[Pkg-golang-commits] [golang] 02/03: Imported Upstream version 1.5.3
Tianon Gravi
tianon at debian.org
Wed Jan 13 23:43:50 UTC 2016
This is an automated email from the git hooks/post-receive script.
tianon pushed a commit to branch debian-sid
in repository golang.
commit 2ed417e02fe5e85cf0a15d9b92af448540929429
Author: Tianon Gravi <tianon at debian.org>
Date: Wed Jan 13 15:42:57 2016 -0800
Imported Upstream version 1.5.3
---
VERSION | 2 +-
doc/conduct.html | 18 ++++-----
doc/devel/release.html | 17 ++++++---
src/math/big/int_test.go | 10 ++++-
src/math/big/nat.go | 46 +++++++++++++++++++----
src/math/big/nat_test.go | 95 +++++++++++++++++++++++++++++++++++++++++-------
6 files changed, 150 insertions(+), 38 deletions(-)
diff --git a/VERSION b/VERSION
index 033d96c..b81a625 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-go1.5.2
\ No newline at end of file
+go1.5.3
\ No newline at end of file
diff --git a/doc/conduct.html b/doc/conduct.html
index bfd2904..73b68f0 100644
--- a/doc/conduct.html
+++ b/doc/conduct.html
@@ -13,9 +13,9 @@ ul ul {
}
</style>
-<h2>About the Code of Conduct</h2>
+<h2 id="about">About the Code of Conduct</h2>
-<h3>Why have a Code of Conduct?</h3>
+<h3 id="why">Why have a Code of Conduct?</h3>
<p>
Online communities include people from many different backgrounds.
@@ -49,7 +49,7 @@ The Code of Conduct is not a mechanism for people to silence others with whom
they disagree.
</p>
-<h3>Where does the Code of Conduct apply?</h3>
+<h3 id="spaces">Where does the Code of Conduct apply?</h3>
<p>
If you participate in or contribute to the Go ecosystem in any way,
@@ -76,7 +76,7 @@ encouraged to adopt this Code of Conduct. Those groups must provide their own
moderators and/or working group (see below).
</p>
-<h2>Gopher values</h2>
+<h2 id="values">Gopher values</h2>
<p>
These are the values to which people in the Go community (“Gophers”) should aspire.
@@ -130,7 +130,7 @@ Even if the intent was to provoke, do not rise to it.
It is the responsibility of <i>all parties</i> to de-escalate conflict when it arises.
</p>
-<h2>Unwelcome behavior</h2>
+<h2 id="unwelcome_behavior">Unwelcome behavior</h2>
<p>
These actions are explicitly forbidden in Go spaces:
@@ -145,7 +145,7 @@ These actions are explicitly forbidden in Go spaces:
<li>Incitement to any of these.
</ul>
-<h2>Moderation</h2>
+<h2 id="moderation">Moderation</h2>
<p>
The Go spaces are not free speech venues; they are for discussion about Go.
@@ -174,7 +174,7 @@ Complaints about moderator actions must be handled using the reporting process
below.
</p>
-<h2>Reporting issues</h2>
+<h2 id="reporting">Reporting issues</h2>
<p>
The Code of Conduct Working Group is a group of people that represent the Go
@@ -256,7 +256,7 @@ should be proposed using the
<a href="https://golang.org/s/proposal-process">change proposal process</a>.
</p>
-<h2>Summary</h2>
+<h2 id="summary">Summary</h2>
<ul>
<li>Treat everyone with respect and kindness.
@@ -265,7 +265,7 @@ should be proposed using the
<li>If you encounter an issue, please mail <a href="mailto:conduct at golang.org">conduct at golang.org</a>.
</ul>
-<h3>Acknowledgements</h3>
+<h3 id="acknowledgements">Acknowledgements</h3>
<p>
Parts of this document were derived from the Code of Conduct documents of the
diff --git a/doc/devel/release.html b/doc/devel/release.html
index 56da4d0..e629e5d 100644
--- a/doc/devel/release.html
+++ b/doc/devel/release.html
@@ -22,6 +22,14 @@ Read the <a href="/doc/go1.5">Go 1.5 Release Notes</a> for more information.
<h3 id="go1.5.minor">Minor revisions</h3>
<p>
+go1.5.1 (released 2015/09/08) includes bug fixes to the compiler, assembler, and
+the <code>fmt</code>, <code>net/textproto</code>, <code>net/http</code>, and
+<code>runtime</code> packages.
+See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.5.1">Go
+1.5.1 milestone</a> on our issue tracker for details.
+</p>
+
+<p>
go1.5.2 (released 2015/12/02) includes bug fixes to the compiler, linker, and
the <code>mime/multipart</code>, <code>net</code>, and <code>runtime</code>
packages.
@@ -30,11 +38,10 @@ See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.5.2">Go
</p>
<p>
-go1.5.1 (released 2015/09/08) includes bug fixes to the compiler, assembler, and
-the <code>fmt</code>, <code>net/textproto</code>, <code>net/http</code>, and
-<code>runtime</code> packages.
-See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.5.1">Go
-1.5.1 milestone</a> on our issue tracker for details.
+go1.5.3 (released 2016/01/13) includes a security fix to the <code>math/big</code> package
+affecting the <code>crypto/tls</code> package.
+See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.5.3">Go 1.5.3 milestone on our issue tracker</a>
+and the <a href="https://golang.org/s/go153announce">release announcement</a> for details.
</p>
<h2 id="go1.4">go1.4 (released 2014/12/10)</h2>
diff --git a/src/math/big/int_test.go b/src/math/big/int_test.go
index 88c8c2b..f3def5a 100644
--- a/src/math/big/int_test.go
+++ b/src/math/big/int_test.go
@@ -555,6 +555,12 @@ var expTests = []struct {
"0xAC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC3192943DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310DCD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FBD5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF747359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E7303CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB694B5C803D89F7AE435DE236D525F54759B65E37 [...]
"214842521977763024996399388837777103219931130979872010505011829095813593576185795667465563725893853616836105247305090413288550665149633855225708948390358847130516401714741865487135466864767613064364341464751401562843891818086750165768458333404948482836810888865842197505544080605567694866280290287207273932931116788263564804554339092335205041120744013761330771504712375494741491902420104695390064495966115766125739557543490423291306311282346379247864665857034884605402284774408534933920862 [...]
},
+
+ // test cases for issue 13907
+ {"0xffffffff00000001", "0xffffffff00000001", "0xffffffff00000001", "0"},
+ {"0xffffffffffffffff00000001", "0xffffffffffffffff00000001", "0xffffffffffffffff00000001", "0"},
+ {"0xffffffffffffffffffffffff00000001", "0xffffffffffffffffffffffff00000001", "0xffffffffffffffffffffffff00000001", "0"},
+ {"0xffffffffffffffffffffffffffffffff00000001", "0xffffffffffffffffffffffffffffffff00000001", "0xffffffffffffffffffffffffffffffff00000001", "0"},
}
func TestExp(t *testing.T) {
@@ -582,7 +588,7 @@ func TestExp(t *testing.T) {
t.Errorf("#%d: %v is not normalized", i, *z1)
}
if z1.Cmp(out) != 0 {
- t.Errorf("#%d: got %s want %s", i, z1, out)
+ t.Errorf("#%d: got %x want %x", i, z1, out)
}
if m == nil {
@@ -591,7 +597,7 @@ func TestExp(t *testing.T) {
m = &Int{abs: nat{}} // m != nil && len(m.abs) == 0
z2 := new(Int).Exp(x, y, m)
if z2.Cmp(z1) != 0 {
- t.Errorf("#%d: got %s want %s", i, z2, z1)
+ t.Errorf("#%d: got %x want %x", i, z2, z1)
}
}
}
diff --git a/src/math/big/nat.go b/src/math/big/nat.go
index 6545bc1..6c242c8 100644
--- a/src/math/big/nat.go
+++ b/src/math/big/nat.go
@@ -216,23 +216,36 @@ func basicMul(z, x, y nat) {
}
}
-// montgomery computes x*y*2^(-n*_W) mod m,
-// assuming k = -1/m mod 2^_W.
+// montgomery computes z mod m = x*y*2**(-n*_W) mod m,
+// assuming k = -1/m mod 2**_W.
// z is used for storing the result which is returned;
// z must not alias x, y or m.
+// See Gueron, "Efficient Software Implementations of Modular Exponentiation".
+// https://eprint.iacr.org/2011/239.pdf
+// In the terminology of that paper, this is an "Almost Montgomery Multiplication":
+// x and y are required to satisfy 0 <= z < 2**(n*_W) and then the result
+// z is guaranteed to satisfy 0 <= z < 2**(n*_W), but it may not be < m.
func (z nat) montgomery(x, y, m nat, k Word, n int) nat {
- var c1, c2 Word
+ // This code assumes x, y, m are all the same length, n.
+ // (required by addMulVVW and the for loop).
+ // It also assumes that x, y are already reduced mod m,
+ // or else the result will not be properly reduced.
+ if len(x) != n || len(y) != n || len(m) != n {
+ panic("math/big: mismatched montgomery number lengths")
+ }
+ var c1, c2, c3 Word
z = z.make(n)
z.clear()
for i := 0; i < n; i++ {
d := y[i]
- c1 += addMulVVW(z, x, d)
+ c2 = addMulVVW(z, x, d)
t := z[0] * k
- c2 = addMulVVW(z, m, t)
-
+ c3 = addMulVVW(z, m, t)
copy(z, z[1:])
- z[n-1] = c1 + c2
- if z[n-1] < c1 {
+ cx := c1 + c2
+ cy := cx + c3
+ z[n-1] = cy
+ if cx < c2 || cy < c3 {
c1 = 1
} else {
c1 = 0
@@ -1138,6 +1151,23 @@ func (z nat) expNNMontgomery(x, y, m nat) nat {
}
// convert to regular number
zz = zz.montgomery(z, one, m, k0, numWords)
+
+ // One last reduction, just in case.
+ // See golang.org/issue/13907.
+ if zz.cmp(m) >= 0 {
+ // Common case is m has high bit set; in that case,
+ // since zz is the same length as m, there can be just
+ // one multiple of m to remove. Just subtract.
+ // We think that the subtract should be sufficient in general,
+ // so do that unconditionally, but double-check,
+ // in case our beliefs are wrong.
+ // The div is not expected to be reached.
+ zz = zz.sub(zz, m)
+ if zz.cmp(m) >= 0 {
+ _, zz = nat(nil).div(nil, zz, m)
+ }
+ }
+
return zz.norm()
}
diff --git a/src/math/big/nat_test.go b/src/math/big/nat_test.go
index 7ac3cb8..13caec4 100644
--- a/src/math/big/nat_test.go
+++ b/src/math/big/nat_test.go
@@ -341,25 +341,57 @@ var montgomeryTests = []struct {
"0xffffffffffffffffffffffffffffffffffffffffffffffffe",
"0xffffffffffffffffffffffffffffffffffffffffffffffffe",
"0xfffffffffffffffffffffffffffffffffffffffffffffffff",
- 0x0000000000000000,
- "0xffffffffffffffffffffffffffffffffffffffffff",
- "0xffffffffffffffffffffffffffffffffff",
+ 1,
+ "0x1000000000000000000000000000000000000000000",
+ "0x10000000000000000000000000000000000",
},
{
- "0x0000000080000000",
- "0x00000000ffffffff",
+ "0x000000000ffffff5",
+ "0x000000000ffffff0",
"0x0000000010000001",
0xff0000000fffffff,
- "0x0000000088000000",
- "0x0000000007800001",
+ "0x000000000bfffff4",
+ "0x0000000003400001",
+ },
+ {
+ "0x0000000080000000",
+ "0x00000000ffffffff",
+ "0x1000000000000001",
+ 0xfffffffffffffff,
+ "0x0800000008000001",
+ "0x0800000008000001",
},
{
- "0xffffffffffffffffffffffffffffffff00000000000022222223333333333444444444",
- "0xffffffffffffffffffffffffffffffff999999999999999aaabbbbbbbbcccccccccccc",
+ "0x0000000080000000",
+ "0x0000000080000000",
+ "0xffffffff00000001",
+ 0xfffffffeffffffff,
+ "0xbfffffff40000001",
+ "0xbfffffff40000001",
+ },
+ {
+ "0x0000000080000000",
+ "0x0000000080000000",
+ "0x00ffffff00000001",
+ 0xfffffeffffffff,
+ "0xbfffff40000001",
+ "0xbfffff40000001",
+ },
+ {
+ "0x0000000080000000",
+ "0x0000000080000000",
+ "0x0000ffff00000001",
+ 0xfffeffffffff,
+ "0xbfff40000001",
+ "0xbfff40000001",
+ },
+ {
+ "0x3321ffffffffffffffffffffffffffff00000000000022222623333333332bbbb888c0",
+ "0x3321ffffffffffffffffffffffffffff00000000000022222623333333332bbbb888c0",
"0x33377fffffffffffffffffffffffffffffffffffffffffffff0000000000022222eee1",
0xdecc8f1249812adf,
- "0x22bb05b6d95eaaeca2bb7c05e51f807bce9064b5fbad177161695e4558f9474e91cd79",
- "0x14beb58d230f85b6d95eaaeca2bb7c05e51f807bce9064b5fb45669afa695f228e48cd",
+ "0x04eb0e11d72329dc0915f86784820fc403275bf2f6620a20e0dd344c5cd0875e50deb5",
+ "0x0d7144739a7d8e11d72329dc0915f86784820fc403275bf2f61ed96f35dd34dbb3d6a0",
},
{
"0x10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffff00000000000022222223333333333444444444",
@@ -372,10 +404,27 @@ var montgomeryTests = []struct {
}
func TestMontgomery(t *testing.T) {
+ one := NewInt(1)
+ _B := new(Int).Lsh(one, _W)
for i, test := range montgomeryTests {
x := natFromString(test.x)
y := natFromString(test.y)
m := natFromString(test.m)
+ for len(x) < len(m) {
+ x = append(x, 0)
+ }
+ for len(y) < len(m) {
+ y = append(y, 0)
+ }
+
+ if x.cmp(m) > 0 {
+ _, r := nat(nil).div(nil, x, m)
+ t.Errorf("#%d: x > m (0x%s > 0x%s; use 0x%s)", i, x.hexString(), m.hexString(), r.hexString())
+ }
+ if y.cmp(m) > 0 {
+ _, r := nat(nil).div(nil, x, m)
+ t.Errorf("#%d: y > m (0x%s > 0x%s; use 0x%s)", i, y.hexString(), m.hexString(), r.hexString())
+ }
var out nat
if _W == 32 {
@@ -384,11 +433,31 @@ func TestMontgomery(t *testing.T) {
out = natFromString(test.out64)
}
- k0 := Word(test.k0 & _M) // mask k0 to ensure that it fits for 32-bit systems.
+ // t.Logf("#%d: len=%d\n", i, len(m))
+
+ // check output in table
+ xi := &Int{abs: x}
+ yi := &Int{abs: y}
+ mi := &Int{abs: m}
+ p := new(Int).Mod(new(Int).Mul(xi, new(Int).Mul(yi, new(Int).ModInverse(new(Int).Lsh(one, uint(len(m))*_W), mi))), mi)
+ if out.cmp(p.abs.norm()) != 0 {
+ t.Errorf("#%d: out in table=0x%s, computed=0x%s", i, out.hexString(), p.abs.norm().hexString())
+ }
+
+ // check k0 in table
+ k := new(Int).Mod(&Int{abs: m}, _B)
+ k = new(Int).Sub(_B, k)
+ k = new(Int).Mod(k, _B)
+ k0 := Word(new(Int).ModInverse(k, _B).Uint64())
+ if k0 != Word(test.k0) {
+ t.Errorf("#%d: k0 in table=%#x, computed=%#x\n", i, test.k0, k0)
+ }
+
+ // check montgomery with correct k0 produces correct output
z := nat(nil).montgomery(x, y, m, k0, len(m))
z = z.norm()
if z.cmp(out) != 0 {
- t.Errorf("#%d got %s want %s", i, z.decimalString(), out.decimalString())
+ t.Errorf("#%d: got 0x%s want 0x%s", i, z.hexString(), out.hexString())
}
}
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-golang/golang.git
More information about the pkg-golang-commits
mailing list